www.winutah.com Open in urlscan Pro
64.246.164.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://allinforparkcity.com/
Effective URL:
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Submission: On November 17 via api (November 17th 2024, 10:33:43 am UTC) from US — Scanned from CA

Summary HTTP 120 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 22 domains to perform 120 HTTP transactions. The main IP is 64.246.164.133, located in United States and belongs to LUNAVI-WA, US. The main domain is www.winutah.com.
TLS certificate: Issued by R10 on October 10th 2024. Valid for: 3 months.

This is the only time www.winutah.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
20	64.246.164.133 64.246.164.133	6295 (LUNAVI-WA) (LUNAVI-WA)
9	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
11	64.246.164.140 64.246.164.140	6295 (LUNAVI-WA) (LUNAVI-WA)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
11	2600:1400:900... 2600:1400:9000::687e:7653	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	13.226.34.28 13.226.34.28	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
3	34.234.27.203 34.234.27.203	14618 (AMAZON-AES) (AMAZON-AES)
1	54.163.128.109 54.163.128.109	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	3.94.69.56 3.94.69.56	14618 (AMAZON-AES) (AMAZON-AES)
2	98.82.79.34 98.82.79.34	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b323	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.131.52 151.101.131.52	54113 (FASTLY) (FASTLY)
2	151.101.3.52 151.101.3.52	54113 (FASTLY) (FASTLY)
2	151.101.67.52 151.101.67.52	54113 (FASTLY) (FASTLY)
120	31

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

allinforparkcity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 64.246.164.133 (United States)

ASN6295 (LUNAVI-WA, US)
PTR: ipv4-64-246-164-133.greenhousedata.net

www.winutah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
winutah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 64.246.164.140 (United States)

ASN6295 (LUNAVI-WA, US)
PTR: ipv4-64-246-164-140.greenhousedata.net

svc.moxiworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-static.moxiworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1400:9000::687e:7653 (New York, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-28.ewr53.r.cloudfront.net

cdn.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.234.27.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-27-203.compute-1.amazonaws.com

cdn.brytecore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.128.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-128-109.compute-1.amazonaws.com

telize-v1.p.rapidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.94.69.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-69-56.compute-1.amazonaws.com

api.brytecore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.82.79.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-79-34.compute-1.amazonaws.com

chat-api.brytecore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b323 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.131.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

i11.moxi.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.3.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

i12.moxi.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.67.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

i2.moxi.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	winutah.com www.winutah.com winutah.com	977 KB
13	brytecore.com cdn.brytecore.com — Cisco Umbrella Rank: 359966 api.brytecore.com — Cisco Umbrella Rank: 257073 chat-api.brytecore.com — Cisco Umbrella Rank: 351146	8 KB
12	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	471 KB
11	moxiworks.com svc.moxiworks.com — Cisco Umbrella Rank: 265116 images-static.moxiworks.com — Cisco Umbrella Rank: 409499	457 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 415 maps.googleapis.com — Cisco Umbrella Rank: 466	294 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
6	moxi.onl i11.moxi.onl — Cisco Umbrella Rank: 543361 i12.moxi.onl — Cisco Umbrella Rank: 522565 i2.moxi.onl — Cisco Umbrella Rank: 516625	609 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com	295 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	1006 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	421 B
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	112 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	80 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	321 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	555 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	13 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	35 KB
1	rapidapi.com telize-v1.p.rapidapi.com — Cisco Umbrella Rank: 428629	710 B
1	funnelytics.io cdn.funnelytics.io — Cisco Umbrella Rank: 78151 track-v2.funnelytics.io Failed	4 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 11557	63 B
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2102	12 KB
1	allinforparkcity.com 1 redirects allinforparkcity.com	358 B
120	22

	Domain	Requested by
18	www.winutah.com	www.winutah.com ajax.googleapis.com
11	use.typekit.net	www.winutah.com
9	svc.moxiworks.com	www.winutah.com ajax.googleapis.com
8	api.brytecore.com	cdn.brytecore.com
7	www.google-analytics.com	www.winutah.com www.google-analytics.com www.googletagmanager.com
6	maps.googleapis.com	www.winutah.com maps.googleapis.com
4	www.facebook.com	www.winutah.com
4	analytics.google.com	www.googletagmanager.com
4	maxcdn.bootstrapcdn.com	www.winutah.com maxcdn.bootstrapcdn.com
3	cdn.brytecore.com	www.winutah.com cdn.brytecore.com
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.winutah.com connect.facebook.net
3	www.googletagmanager.com	www.winutah.com www.google-analytics.com
3	fonts.googleapis.com	www.winutah.com
2	i2.moxi.onl
2	i12.moxi.onl
2	i11.moxi.onl
2	maps.gstatic.com
2	images-static.moxiworks.com
2	chat-api.brytecore.com	cdn.brytecore.com
2	www.youtube.com	www.winutah.com ajax.googleapis.com
2	www.google.com	www.winutah.com www.gstatic.com
2	cdn.jsdelivr.net	www.winutah.com cdn.jsdelivr.net
2	winutah.com	www.winutah.com winutah.com
2	cdnjs.cloudflare.com	www.winutah.com
1	p.typekit.net	www.winutah.com
1	telize-v1.p.rapidapi.com	ajax.googleapis.com
1	www.gstatic.com	www.google.com
1	cdn.funnelytics.io	www.winutah.com
1	www.google.ca	www.winutah.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	player.vimeo.com	www.winutah.com
1	ajax.googleapis.com	www.winutah.com
1	allinforparkcity.com	1 redirects
0	track-v2.funnelytics.io Failed	cdn.funnelytics.io
120	36

This site contains links to these domains. Also see Links.

Domain
windermerefoundation.com
winutah.luxuryportfolio.com
windermererelocation.com
wincre.com
www.facebook.com
www.instagram.com
www.windermere.com
policies.google.com
blog.winutah.com
open.spotify.com
issuu.com
luxuryportfolio.com
www.leadingre.com
winutah.com

Subject Issuer	Validity	Valid
winutah.com R10	`2024-10-10` - `2025-01-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.moxiworks.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-14` - `2025-06-14`	a year	crt.sh
player.vimeo.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-17` - `2025-11-17`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.ca WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-26` - `2024-11-24`	3 months	crt.sh
*.funnelytics.io Amazon RSA 2048 M03	`2024-09-01` - `2025-09-28`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn.brytecore.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-19`	a year	crt.sh
*.p.rapidapi.com Amazon RSA 2048 M03	`2024-05-05` - `2025-06-03`	a year	crt.sh
brytecore.com Amazon RSA 2048 M02	`2024-04-21` - `2025-05-20`	a year	crt.sh
chatbot.brytecore.com Amazon RSA 2048 M03	`2024-08-04` - `2025-09-02`	a year	crt.sh
*.moxi.onl Certainly Intermediate R1	`2024-11-13` - `2024-12-13`	a month	crt.sh

This page contains 5 frames:

Primary Page: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Frame ID: 795CA9D88FA4B9D9C56A2F82B505A2A5
Requests: 111 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-M4R9KTHP2J&gacid=540781285.1731839615&gtm=45je4bc0v881128847za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=1582995902
Frame ID: D602A34085234D566E3D032F4A5DD375
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Hmv09b-TDro
Frame ID: D611C9258BFDDBD96345C3FA698EA72A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Hmv09b-TDro?wmode=transparent&enablejsapi=1&rel=0
Frame ID: A66FC48ACC66CE2D82A6EE6465660B22
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&co=aHR0cHM6Ly93d3cud2ludXRhaC5jb206NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=fhyaalytc24z
Frame ID: 8805A9C6C5B854A632F13BEBD210B2EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Windermere Real Estate Utah

Page URL History Show full URLs

https://allinforparkcity.com/ HTTP 301
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

120
Requests

98 %
HTTPS

61 %
IPv6

22
Domains

36
Subdomains

31
IPs

2
Countries

3743 kB
Transfer

9360 kB
Size

17
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://windermerefoundation.com/
Title: Windermere Foundation

Search URL Search Domain Scan URL

URL: http://winutah.luxuryportfolio.com/
Title: Luxury

Search URL Search Domain Scan URL

URL: https://windermererelocation.com/utah
Title: Utah Relocation

Search URL Search Domain Scan URL

URL: http://wincre.com/
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/windermere.utah/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/windermere.utah/

Search URL Search Domain Scan URL

URL: https://www.windermere.com/agents/landing
Title: Find An Agent

Search URL Search Domain Scan URL

URL: https://www.windermere.com/whatsmyhomeworth
Title: Whats My Home Worth

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://blog.winutah.com/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/95twpeats2ye8359lybi6kc4e

Search URL Search Domain Scan URL

URL: https://issuu.com/windermereliving

Search URL Search Domain Scan URL

URL: http://luxuryportfolio.com/

Search URL Search Domain Scan URL

URL: http://www.leadingre.com/

Search URL Search Domain Scan URL

URL: https://winutah.com/files/2018/01/Windermere-Real-Estate-UtahEqualHousing@2x.png

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://allinforparkcity.com/ HTTP 301
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

120 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.winutah.com/
Redirect Chain

https://allinforparkcity.com/
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

260 KB
51 KB

646ms
214ms

Document
text/html

64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

2fa75a149b4f235118cfcc2a089febfe62fcf90c60262cc8670ef985f98fff86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1009
cache-control: private, max-age=0
content-encoding: gzip
content-length: 51708
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 17 Nov 2024 10:16:44 GMT
expires: Sun, 17 Nov 2024 10:24:14 GMT
last-modified: Sun, 17 Nov 2024 09:49:14 GMT
link: <https://www.winutah.com/wp-json/>; rel="https://api.w.org/" <https://www.winutah.com/wp-json/wp/v2/pages/2195>; rel="alternate"; type="application/json" <https://www.winutah.com/>; rel=shortlink
server: Apache
strict-transport-security: max-age=31536000
v-backend: agent13-pr
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.5)
x-app-server: varnish_agent_sites/agent-varnish22-pr
x-content-type-options: nosniff
x-proxy: haproxy23-pr
x-renderedpage: true
x-varnish: 51871837 43222527

Redirect headers

Connection: close
Content-Length: 123
Content-Type: text/html; charset=utf-8
Date: Sun, 17 Nov 2024 10:33:33 GMT
Location: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Server: ip-10-123-125-108.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 613d4adc-cb3a-4bef-adf1-facdfe2af773

GET
H2 200 css
fonts.googleapis.com/ 7 KB
791 B 250ms
81ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,600&display=swap

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a0cc99682552d20a8d475814629c3a84f72a596e13a9005f8ad8338b8dffa13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 17 Nov 2024 10:32:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 386 KB
127 KB 268ms
101ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ce8ee899fa3c97c1355bd4f06fed11c42208829fa4452109f731649335a9404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 17 Nov 2024 10:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129363
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 foundation-icons.woff
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 31 KB
32 KB 219ms
70ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.woff

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e66-7d14"
age: 300423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2J6HAYwXhAcAIsjra7icpQf9JqPlLnqCqn8osedvZrJ3BG7Ol%2BxHQ8iItrRbaG1%2FQNxq%2F3r8ubFUNgHopF0zH%2BMzp69DBIDS8VqMdtjmTwDT6wtZTugGTQczot%2BbKYnVSfVOmlKMrw%2FNcoDQ6DNCqzZ3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 10:33:34 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e3f1036d9e0426d-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31590
server: cloudflare

GET
H/1.1 200
OK dashicons.min.css
www.winutah.com/wp-includes/css/ 58 KB
35 KB 95ms
90ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-includes/css/dashicons.min.css?ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
content-encoding: gzip
age: 893
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 10:18:41 GMT
x-varnish: 210895454 209584549
date: Sun, 17 Nov 2024 10:18:41 GMT
last-modified: Thu, 07 Nov 2024 00:30:28 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35730
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK minify-b-imgmap_style-2715d976365b511209160fd6cff36e7b.css
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 456 KB
87 KB 238ms
92ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-imgmap_style-2715d976365b511209160fd6cff36e7b.css?ver=A.3.49.20241106.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

85a0a37e677b5386667a97230cc583313b74bb70a7a1d616f2ce5729bbf04085

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent14-pr
content-encoding: gzip
age: 11511
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 07:21:43 GMT
x-varnish: 51707958 1474750
date: Sun, 17 Nov 2024 07:21:43 GMT
last-modified: Thu, 07 Nov 2024 00:39:56 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 88339
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK style.css
winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/ 21 KB
4 KB 481ms
155ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.2

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

6d57d9de75cb4a832e81ababd248d04ce41d448575d88082e9d87671ae0ba5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

v-backend: agent14-pr
content-encoding: gzip
age: 8058
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 08:19:15 GMT
x-varnish: 47188030 6062442
date: Sun, 17 Nov 2024 08:19:15 GMT
last-modified: Mon, 29 Jul 2024 03:24:25 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3412
x-proxy: haproxy23-pr
server: Apache

GET
H3 200 foundation-icons.css
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 19 KB
3 KB 206ms
59ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css?ver=2.7.3.2

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e66-4c34"
age: 404393
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cq%2F7Rkzse0rDROXOqHNydPfHf42EbT3SuammvcPhePRrZyU9cQZhBY9uuuAk8jRxwjhRpmA5HiAzL%2FsmPkZbC2QCkJCDlzImFFV5syhDVmgFN%2Bcn0bZNFTD3TEJP47bgOTAyN2wtKeP9HSZdngT6bDlk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 10:33:34 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e3f1036de690f79-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2855
server: cloudflare

GET
H/1.1 200
OK 2195-layout.css
www.winutah.com/files/bb-plugin/cache/ 74 KB
10 KB 403ms
91ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/2195-layout.css?ver=b7c9db9136a0b87108c05a579716e1f6

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

653cfe0393d050fcbe2df90f6a5c62aa4c26fa0fe7327f695df4d195479713b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent12-pr
content-encoding: gzip
etag: "bf16e21850f629f5bfa8b6486eee3911-gzip"
age: 5270
x-content-type-options: nosniff
expires: Tue, 18 Jan 2028 18:52:24 GMT
x-varnish: 51609736 8651739
date: Sun, 17 Nov 2024 09:05:44 GMT
last-modified: Fri, 09 Aug 2024 20:34:24 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 9822
x-proxy: haproxy23-pr
server: Apache

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
19 KB 224ms
67ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "385b964b68acb68d23cb43a5218fade9"
age: 496209
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 17 Nov 2024 10:33:34 GMT
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/09/2024 23:37:01
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c5a16a029c4d8c225d17ee0a0f39100b
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e3f1036dc7c4340-EWR
access-control-allow-origin: *
cdn-edgestorageid: 1029
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 216ms
59ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "269550530cc127b6aa5a35925a7de6ce"
age: 1044662
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 17 Nov 2024 10:33:34 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/06/2024 01:22:44
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 925ce50056c053a76028b17f3f524940
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e3f1036dc7a4340-EWR
access-control-allow-origin: *
cdn-edgestorageid: 871
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 project-vitruvius-icons.min.css
cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/ 4 KB
1 KB 185ms
29ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/project-vitruvius-icons.min.css

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea9b430678365f31ebe9d2e17f841a1b9d1eba39765029b437a868f8d97b1080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"ee0-UDdmY3iQg1jsYRjjBrpjwMtt8hU"
age: 1204882
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220141-FRA, cache-yyz4527-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 943
x-jsd-version: 0.0.21

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 244ms
81ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A500&ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66a02a33df473ee1fa6a74cc1ab6638e44fe460d3ff953ccb9c78f4db49f403e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 17 Nov 2024 08:48:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 247ms
59ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
age: 161553
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 13:41:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 13:41:01 GMT
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30462
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
10 KB 52ms
52ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js?ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cdn-status: 200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"abda843684d022f3bc22bc83927fe05f"
age: 21486670
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 17 Nov 2024 10:33:34 GMT
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 12/05/2023 05:58:51
cdn-requestpullcode: 200
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 727aa832934c531eeb37efa8df4dcc81
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e3f1038ed904340-EWR
access-control-allow-origin: *
cdn-edgestorageid: 1029
server: cloudflare
cdn-requestcountrycode: US

GET
H/1.1 200
OK jquery.iframelogin.min.js Show response
svc.moxiworks.com/service/v1/auth/javascripts/iframelogin/ 40 KB
40 KB 573ms
189ms Script
application/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://svc.moxiworks.com/service/v1/auth/javascripts/iframelogin/jquery.iframelogin.min.js?ver=A.3.49.20241106.0.b
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: 793952039d38075b96dfd76c5cb10a4d67a7120c9dfe3c5617c0d62be3e5e7f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "669564f5-9e38"
x-app-server: wms_svc_auth/internal-k8s
accept-ranges: bytes
content-length: 40504
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: application/javascript
last-modified: Mon, 15 Jul 2024 18:05:41 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H/1.1 200
OK minify-b-utils-51ee1daff9e29c5413783d37b6e8c44c.js Show response
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 376 KB
108 KB 108ms
102ms Script
application/x-javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-utils-51ee1daff9e29c5413783d37b6e8c44c.js?ver=A.3.49.20241106.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

634c29f0b8765a21d56727eaeb9d2d04fef137f47daa3931ad184b1c495c027b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
age: 7607
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 08:26:47 GMT
x-varnish: 51118167 6783077
date: Sun, 17 Nov 2024 08:26:47 GMT
last-modified: Thu, 07 Nov 2024 00:52:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 110562
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 310ms
133ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js?ver=1.0

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 0
x-backend-server: player-backend-edge-entry
expires: Sun, 17 Nov 2024 06:03:35 GMT
x-player-backend: g
x-cache: MISS
Date: Sun, 17 Nov 2024 10:33:35 GMT
Content-Type: application/javascript;charset=utf-8
x-bapp-server
x-served-by: cache-yyz4525-YYZ
x-cache-hits: 0
vary: Origin, Referer, Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Cache-Control: max-age=1800
x-timer: S1731839615.109019,VS0,VE58
Connection: keep-alive
via: 1.1 varnish
CF-RAY: 8e3f103a5b6aab16-YYZ
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 11437
Server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1006 B 377ms
59ms Script
text/javascript 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&ver=A.3.49.20241106.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b6c6d217dfc1c0178e720df017d42fd9972531864a83e619b71e9b031dde8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:33:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 17 Nov 2024 10:33:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 316 KB
103 KB 122ms
111ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241106.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

35176d8ae64238ba1951c4a1e231d5f218bc7b47557431fe8d0c0e8dbcc4f642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: c64b8a78
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105527
date: Sun, 17 Nov 2024 10:33:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK minify-b-jquery.jsonp-bd50c5acd31882dc4ebadfd50bc5eb9c.js Show response
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 191 KB
47 KB 106ms
102ms Script
application/x-javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-jquery.jsonp-bd50c5acd31882dc4ebadfd50bc5eb9c.js?ver=A.3.49.20241106.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

329174abb95b8434fb36bf265869bf8a53c0ddc18d64d8f75e65e7ed4832bb4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
content-encoding: gzip
age: 7232
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 08:33:02 GMT
x-varnish: 48989513 5342671
date: Sun, 17 Nov 2024 08:33:02 GMT
last-modified: Thu, 07 Nov 2024 00:42:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 47809
x-proxy: haproxy23-pr
server: Apache

GET
H2 200 bzd3nzl.js Show response
use.typekit.net/ 20 KB
7 KB 333ms
165ms Script
text/javascript 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bzd3nzl.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

a4d215df25cf0c3300ec0944cfc64ba9eac773e5af114d41eb54ed2ebc869be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 7001
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H/1.1 200
OK Windermere-Real-Estate-Utah-Corona-AIFY@2x.png
www.winutah.com/files/2020/03/ 5 KB
6 KB 436ms
152ms Image
image/png 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2020/03/Windermere-Real-Estate-Utah-Corona-AIFY@2x.png

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

8374f1d6c1968c1456cc9ad256a7714f5c327ceee91fa4adc5fbcbac47000ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent14-pr
etag: "9fc0d484b395b0661f24bd2b0c9cdefa"
age: 74725
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Mon, 17 Jan 2028 23:34:49 GMT
x-varnish: 212500579 38666267
accept-ranges: bytes
content-length: 5469
date: Sat, 16 Nov 2024 13:48:09 GMT
last-modified: Sat, 28 Mar 2020 00:35:33 GMT
content-type: image/png
server: Apache
x-proxy: haproxy23-pr

GET
H/1.1 200
OK minify-b-searchlistingcard-style-2cd9f1ebfe4e5c41a35a6fc1d732aebe.css
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 9 KB
3 KB 428ms
141ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-searchlistingcard-style-2cd9f1ebfe4e5c41a35a6fc1d732aebe.css?ver=A.3.49.20241106.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

b0af20e084d37ac0a3a46c11624f67f32b2426eacbe17732e842ec03fcc2957e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent12-pr
content-encoding: gzip
age: 10901
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 07:31:52 GMT
x-varnish: 212467829 161481754
date: Sun, 17 Nov 2024 07:31:52 GMT
last-modified: Thu, 07 Nov 2024 00:39:42 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 2246
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK 10505-layout-partial.css
www.winutah.com/files/bb-plugin/cache/ 27 KB
4 KB 480ms
193ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/10505-layout-partial.css?ver=f665f96703449e592a1869ebdc57d9a0

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

5cb6449e1f2c22a9e35913b1886dc4f07e3247c96dda93ae318878a37bf6f007

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
content-encoding: gzip
etag: "6880835b7bd72c3904d891644103e9c5-gzip"
age: 0
x-content-type-options: nosniff
expires: Tue, 18 Jan 2028 20:20:14 GMT
x-varnish: 51609738
date: Sun, 17 Nov 2024 10:33:34 GMT
last-modified: Sat, 27 Jul 2024 19:54:20 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
transfer-encoding: chunked
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK minify-b-jquery-ui-core-92f54398acaeb2f89b60f11476e454cd.js Show response
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 667 KB
187 KB 103ms
99ms Script
application/x-javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-jquery-ui-core-92f54398acaeb2f89b60f11476e454cd.js?ver=A.3.49.20241106.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

5275d1f3e5f35d1e1a592af7fe987c969b0dcbd45a59244d6b36486c331682ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
age: 74723
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 13:48:11 GMT
x-varnish: 212762632 36473671
date: Sat, 16 Nov 2024 13:48:11 GMT
last-modified: Thu, 07 Nov 2024 00:52:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 190774
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK 2195-layout.js Show response
www.winutah.com/files/bb-plugin/cache/ 35 KB
10 KB 109ms
105ms Script
application/javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/2195-layout.js?ver=e97ca7481436331c130fe91838ad826d

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

780ade59401f9e89e78a1e7e418b9e08bd3cd34d5e0930da5b8e9947fbf964a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
etag: "c131baf3d14ccffa9a327c65b1235a24-gzip"
age: 92336
x-content-type-options: nosniff
expires: Mon, 17 Jan 2028 18:41:18 GMT
x-varnish: 212467832 6620382
date: Sat, 16 Nov 2024 08:54:38 GMT
last-modified: Fri, 09 Aug 2024 20:34:18 GMT
vary: Accept-Encoding
content-type: application/javascript
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 9212
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK 10505-layout-partial.js Show response
www.winutah.com/files/bb-plugin/cache/ 11 KB
3 KB 102ms
100ms Script
application/javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/10505-layout-partial.js?ver=f665f96703449e592a1869ebdc57d9a0

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

6c2218f5e0401c9115efcdc3a5b57993e596d85d173317a18ed06425135d3cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent12-pr
content-encoding: gzip
etag: "6880835b7bd72c3904d891644103e9c5-gzip"
age: 92336
x-content-type-options: nosniff
expires: Mon, 17 Jan 2028 18:41:18 GMT
x-varnish: 210077257 9109654
date: Sat, 16 Nov 2024 08:54:38 GMT
last-modified: Sat, 27 Jul 2024 19:54:20 GMT
vary: Accept-Encoding
content-type: application/javascript
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 3040
x-proxy: haproxy23-pr
server: Apache

GET 3917f473-cc88-4dad-af77-868b353eb2ff
https://www.winutah.com/ Frame 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 281ms
51ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
age: 7194
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:33:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 08:33:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
591 B 62ms
61ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@600&display=swap

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-imgmap_style-2715d976365b511209160fd6cff36e7b.css?ver=A.3.49.20241106.0.b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1318a5da23d26c27b42ac11542124270429e0bb06eb20b1cf596d956bdf85504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 17 Nov 2024 09:37:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 204 collect
analytics.google.com/g/ 0
0 342ms
126ms Fetch
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4bc0v881128847za200&_p=1731839614625&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=540781285.1731839615&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731839614&sct=1&seg=0&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1470
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 354ms
138ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M4R9KTHP2J&cid=540781285.1731839615&gtm=45je4bc0v881128847za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame D602 0
0 328ms
118ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-M4R9KTHP2J&gacid=540781285.1731839615&gtm=45je4bc0v881128847za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&z=1582995902

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winutah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Nov 2024 10:33:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 331ms
107ms Image
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M4R9KTHP2J&cid=540781285.1731839615&gtm=45je4bc0v881128847za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067554~102067808~102077855&tag_exp=101925629~102067554~102067808~102077855&z=560053794

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 10:33:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
71 KB 102ms
101ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QLW2VK

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

197d4577e122b86d42874b116a8b328f5cb448dc09a2522b85867de754ca6335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 17 Nov 2024 10:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 72285
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 246ms
68ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-YQLBhEur' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-YQLBhEur' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=5692, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: M3dkXG8IcEQLjHTvAibC1iTchTg9FlpnPg6VBhaUuaDaI7yCU0e1OgAPyhvrJpGNOM6zQAYFacqVE5GVq6uOiA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
analytics.google.com/g/ 0
0 241ms
125ms Fetch
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4bc0v881128847za200&_p=1731839614625&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=540781285.1731839615&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731839614&sct=1&seg=0&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=scroll&epn.percent_scrolled=90&_et=31&tfd=1572
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 track.js Show response
cdn.funnelytics.io/ 14 KB
4 KB 346ms
133ms Script
application/javascript 13.226.34.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.funnelytics.io/track.js
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-28.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c4f4fef4854ff47dea38811dba91216b311ca8ed11a0d6f70498586a575c5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache
content-encoding: gzip
etag: W/"ae08e611755c6cdcaf13909504950c2b"
via: 1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: GJHKCpPX3-w6QrdzfrqtDtdZb8J5k2w8EB7SPAXpkyFg55cAcG7MNw==
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:40:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
vary: accept-encoding

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 341ms
93ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://fonts.googleapis.com/

Response headers

age: 315411
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 18:56:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 18:56:44 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 18 KB
18 KB 340ms
92ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A500&ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aabcea59f54b9ea215b79f429c8a37e68b83fdf5488204e11b87aada8dde514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://fonts.googleapis.com/

Response headers

age: 295807
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 00:23:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 00:23:28 GMT
last-modified: Wed, 06 Nov 2024 17:30:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18740
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 201ms
196ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status: 200
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
age: 219718
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-type: font/woff2
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/17/2024 08:42:05
cdn-cache: HIT
priority: u=0,i=?0
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
cdn-pullzone: 252412
cdn-proxyver: 1.04
accept-ranges: bytes
content-length: 77160
cdn-edgestorageid: 1029
server: cloudflare
cdn-requestcountrycode: US
date: Sun, 17 Nov 2024 10:33:35 GMT
vary: Accept-Encoding
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-requesttime: 0
timing-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fdfdabce699d89e5f974f610fe62c14c
cross-origin-resource-policy: cross-origin
cf-ray: 8e3f103aac327d06-EWR
access-control-allow-origin: *

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK Ultimate-Icons.ttf
winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ 92 KB
93 KB 471ms
161ms Font
font/ttf 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j

Requested by

Host: winutah.com
URL: https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

749e9e6c1652b50dde4385d73974f50d699f43ae8def9f78dad63ef837fbf556

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.2

Response headers

v-backend: agent14-pr
age: 0
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
x-varnish: 208831851
access-control-allow-origin: *
content-length: 94512
date: Sun, 17 Nov 2024 10:33:35 GMT
accept-ranges: bytes
last-modified: Mon, 29 Jul 2024 03:24:25 GMT
content-type: font/ttf
server: Apache
x-proxy: haproxy23-pr

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v29/ 19 KB
19 KB 356ms
110ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166ad2077610fb480a48628aef1e5d6b0bf0b94b4b668f34750e20879f366e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://fonts.googleapis.com/

Response headers

age: 293999
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 00:53:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 00:53:36 GMT
last-modified: Wed, 06 Nov 2024 17:30:51 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19284
x-xss-protection: 0
server: sffe

GET
H2 200 Hmv09b-TDro
www.youtube.com/embed/ Frame D611 0
0 421ms
168ms Document
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Hmv09b-TDro

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winutah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-_u60ots4gTMOvNEol2veHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Nov 2024 10:33:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK Windermere-Real-Estate-Utah-AIFY-TQ@4x.png
www.winutah.com/files/2020/03/ 14 KB
14 KB 102ms
96ms Image
image/png 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2020/03/Windermere-Real-Estate-Utah-AIFY-TQ@4x.png

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

a0555f8770abceb1635fc0b7b98d40341bc57c90b19aac3541c82b61e2ea784a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent12-pr
etag: "0169f65eeb21548e6e8f8f159d77fdc6"
age: 74725
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Mon, 17 Jan 2028 23:34:49 GMT
x-varnish: 211878051 34999841
accept-ranges: bytes
content-length: 14295
date: Sat, 16 Nov 2024 13:48:09 GMT
last-modified: Sat, 28 Mar 2020 00:37:45 GMT
content-type: image/png
server: Apache
x-proxy: haproxy23-pr

GET
H/1.1 200
OK real-estate-window-shopping-e1525108535445.jpg
www.winutah.com/files/2017/11/ 201 KB
202 KB 167ms
164ms Image
image/jpeg 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2017/11/real-estate-window-shopping-e1525108535445.jpg

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

06c56c7dab8a9289813dc960fdb145f1511f405e3ac66f86cfa3ab4b5f69e82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
etag: "8ddc81b840e2174c4402f5e8de005a9b"
age: 0
x-app-server: varnish_agent_sites/agent-varnish22-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Tue, 18 Jan 2028 20:20:15 GMT
x-varnish: 51478612
accept-ranges: bytes
content-length: 206258
date: Sun, 17 Nov 2024 10:33:35 GMT
last-modified: Mon, 30 Apr 2018 17:15:35 GMT
content-type: image/jpeg
server: Apache
x-proxy: haproxy23-pr

GET
H/1.1 200
OK f9514153062f9955_1116-w660-h439-b0-p0-contemporary-living-room.jpg
www.winutah.com/files/2017/11/ 54 KB
54 KB 93ms
93ms Image
image/jpeg 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2017/11/f9514153062f9955_1116-w660-h439-b0-p0-contemporary-living-room.jpg

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

5a453970accd51884836b84c9c949483d1f1246912e6fa315f8f422127cb7d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent12-pr
etag: "aef8bacb26cb70a2a191f619d869fcfc"
age: 74725
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Mon, 17 Jan 2028 23:34:49 GMT
x-varnish: 212566094 33854188
accept-ranges: bytes
content-length: 54974
date: Sat, 16 Nov 2024 13:48:09 GMT
last-modified: Fri, 17 Nov 2017 19:26:05 GMT
content-type: image/jpeg
server: Apache
x-proxy: haproxy23-pr

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
435 B 75ms
74ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=829829605&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&ul=en-ca&de=UTF-8&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAAABAAAAACAAI~&jid=537915965&gjid=243648832&cid=540781285.1731839615&tid=UA-384279-8&_gid=24558196.1731839615&_r=1&_slc=1&z=463938470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

403b621795be0d3dbbe618ce35500056cbbd0e47975c22532f7370678ba4126c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:35 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
74 B 88ms
83ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=829829605&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&ul=en-ca&de=UTF-8&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAHAAAgBAAAAACAAI~&jid=709648608&gjid=425283059&cid=540781285.1731839615&tid=UA-70345609-1&_gid=24558196.1731839615&_r=1&_slc=1&z=1370079126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:35 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 370 KB
123 KB 92ms
92ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6ZBCNN3B8&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e544b8f67d59fc2218ca9e75a90f9df085d834a2e86622ce4bff1916a9d49c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 17 Nov 2024 10:33:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 126096
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 495682720814542 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 213ms
212ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/495682720814542?v=2.9.177&r=stable&domain=www.winutah.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c3b39a59cdd4f58175adce9995ea9210b2db0d669328568b8bbc8b64a0f5231

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-elLciRQN' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-elLciRQN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=74, rtx=0, c=65, mss=1232, tbw=71580, tp=66, tpl=0, uplat=112, ullat=0
pragma: public
x-fb-debug: mTsBuRpQL+aclTkcM3+SJL/N1uJ6gEx+R1DYZiycsOBIc2LDBan6fjUkc9l+GE+EftB12T5VexjQxy/lQgSBkg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST sessions
track-v2.funnelytics.io/ 0
0

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 225ms
41ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&ver=A.3.49.20241106.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
age: 68063
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 15:39:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 15:39:12 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 309ms
107ms XHR
application/json 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241106.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.winutah.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Sun, 17 Nov 2024 10:33:35 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK brytescore.min.js Show response
cdn.brytecore.com/brytescore.js/ 14 KB
5 KB 390ms
63ms Script
application/javascript 34.234.27.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.brytecore.com/brytescore.js/brytescore.min.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-jquery-ui-core-92f54398acaeb2f89b60f11476e454cd.js?ver=A.3.49.20241106.0.b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.27.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-27-203.compute-1.amazonaws.com

Software

nginx /

Resource Hash

35a8950d8d20ff8c89da0b12595a7da152cb007996ab6b557f16f0c5c63d4d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

Strict-Transport-Security: max-age=15768000
Cache-Control: max-age=43200
Content-Encoding: gzip
ETag: W/"66bce84d-3914"
Pragma: public
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Sun, 17 Nov 2024 22:33:36 GMT
Access-Control-Allow-Origin: *
Content-Length: 4559
Date: Sun, 17 Nov 2024 10:33:36 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Aug 2024 17:24:29 GMT
Server: nginx

GET
H/1.1 200
OK mls Show response
svc.moxiworks.com/service/v1/profile/ 1015 KB
93 KB 443ms
428ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/profile/mls?callback=jQuery37109212523799524348_1731839614873&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1731839614874

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

5ed477698e07d2b7b6d219c7b4ff6f3695084656c61ba4c461dc121956ce6101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 03ced619-7ec4-44dc-8baa-39dc1b288d07
content-encoding: gzip
etag: W/"5ed477698e07d2b7b6d219c7b4ff6f36"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.322964
access-control-allow-headers: FROM_APP, FROM-APP
transfer-encoding: chunked
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-app-server: wms_svc_profile/svc26-pr
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: haproxy23-pr
server: nginx

GET
H/1.1 200
OK current_web_user.json Show response
svc.moxiworks.com/service/v1/auth/users/ 106 B
625 B 440ms
186ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/auth/users/current_web_user.json?&callback=jQuery37109212523799524348_1731839614875&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1731839614876

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

55c0ed8db1d7f64c98fa81dfd6b7b2b3385226cfac069c79439f31d7af2f69c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

transfer-encoding: chunked
x-request-id: 227bf71c-c64d-4218-9cd8-8247237baebf
cache-control: max-age=0, private, must-revalidate
etag: W/"7b93865dd30e80ff46fab5e63f9a16c3"
x-app-server: wms_svc_auth/internal-k8s
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 17 Nov 2024 10:33:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
x-proxy: haproxy23-pr
server: nginx
x-runtime: 0.009690

GET
H/1.1 200
OK company Show response
svc.moxiworks.com/service/v1/branding/ 111 KB
111 KB 942ms
636ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/branding/company?callback=jQuery37109212523799524348_1731839614877&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&company_uuid=1234567&agent_uuid=d9a18794-8755-4f19-989b-7c8ec9fe761b&office_uuid=8252352&_=1731839614878

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

f8adb712ba968365d6447fe46fed8a9a919692d9970431e150abbffe7a0e796d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: c73ee890-ff91-4a92-8595-5f63681346bc
etag: W/"f8adb712ba968365d6447fe46fed8a9a"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, OPTIONS
status: 200 OK
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.389000
access-control-allow-headers: FROM_APP, FROM-APP
transfer-encoding: chunked
x-frame-options: SAMEORIGIN
cache-control: max-age=360, private
x-app-server: wms_svc_branding/internal-k8s
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: haproxy23-pr
server: nginx

GET
H/1.1 200
OK ajax-loader.gif
svc.moxiworks.com/service/v1/auth/images/ 4 KB
4 KB 569ms
186ms Image
image/gif 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svc.moxiworks.com/service/v1/auth/images/ajax-loader.gif
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: c85ab34c0ffc6a71386c7e0ef87386f203992b46a3f519510f40545717f85400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "669564f5-f6f"
x-app-server: wms_svc_auth/internal-k8s
accept-ranges: bytes
content-length: 3951
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: image/gif
last-modified: Mon, 15 Jul 2024 18:05:41 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.winutah.com/wp-includes/js/ 18 KB
5 KB 114ms
101ms Script
application/javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-includes/js/wp-emoji-release.min.js?ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent14-pr
content-encoding: gzip
age: 0
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 10:33:35 GMT
x-varnish: 212402324
date: Sun, 17 Nov 2024 10:33:35 GMT
last-modified: Thu, 07 Nov 2024 00:32:18 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 5039
x-proxy: haproxy23-pr
server: Apache

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 61 KB
61 KB 273ms
69ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n7&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 2a3d47177bc866e138291102d44068436a280b2bf4852de4158fd0fae587e729

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "e53066f39e81b65441928edbbba31ddeafae7288"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 62384
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/4c4052/00000000000000003b9b3069/27/ 64 KB
64 KB 357ms
153ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4c4052/00000000000000003b9b3069/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i7&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: bd7c5d26d9eae6791c58a2030e37d66aee5d0ec8ff113c155d8c7d2721d9565d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "c6685947275869ea8f2e974f0ce3f03f614767c5"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 65304
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/576d53/00000000000000003b9b3066/27/ 59 KB
59 KB 373ms
169ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n6&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: bc1e7dc794733f6739eb8569fe98bd6447af7f475fc1509103f53ca9db444969

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "c8fb88eb5a9a89e3d720ef6a582076bb7fb5e7c8"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 60444
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 59 KB
59 KB 336ms
133ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n4&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 99f75a02bf319c4dcf6be997e2a1dd495cba095c0e5f16c4214a54aeba264caf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "d5cb6069705516762eca93710eba9bb7b559edfa"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 60524
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/ 62 KB
62 KB 314ms
114ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i4&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 9089445ec9edcbfe1963f7b38490aa317f2ba03000a52edc38243834844eefe8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "a05164ae4d04c4b7d0c3f83f103eaa481427df76"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 63472
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/6e816b/00000000000000003b9b3064/27/ 60 KB
60 KB 389ms
188ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6e816b/00000000000000003b9b3064/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n5&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 09b0f070bde3d0af1b07e4d8b4614f89b5a17f441896dca7fef8457f65637092

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "44739cd431c6a30b35dc0bd263a2b21167f0c106"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 61180
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/249031/00000000000000000001791a/27/ 24 KB
24 KB 328ms
128ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/249031/00000000000000000001791a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: edde01a168c1ae1f34f7d6e3966086c388e0e01d26a1084e073ce4a883363bcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "cd27775b4d900729b5e84d5c840ecfa84141b492"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 24504
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/088645/00000000000000000001791c/27/ 24 KB
24 KB 378ms
180ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/088645/00000000000000000001791c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0756e594e5ce3e70088700bce73cfffb4c7dff156e92d78bc94f908b285f8d71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "2770121ef5f9952f085213bab3ff81ad363167cb"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 24640
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/c52a60/00000000000000000001791e/27/ 24 KB
24 KB 356ms
159ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c52a60/00000000000000000001791e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 6a22d043c18807dd3316a5fd7a4b135c14f0cf8c78d268d8a1ea574419df4e17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "dbe5590f10529748124149de68e7b50ca5c466e6"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 24744
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/ba4451/00000000000000000001791b/27/ 25 KB
25 KB 325ms
128ms Font
application/font-woff2 2600:1400:9000::687e:7653
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ba4451/00000000000000000001791b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:7653 New York, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 05a402172cf3219677542a51ca892a565a6155bd376034ea51ec7b8f2c34153f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "4b24231f930f26d255922d8706139cf6a38e85e2"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 25512
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/font-woff2
server: nginx

GET
H/1.1 200
OK / Show response
www.winutah.com/services/get-widget/ 281 KB
37 KB 1708ms
1704ms XHR
text/html 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/services/get-widget/?partialName=Custom%20Searches&class=customsearches&folder=customsearches&admin=0&options%5Bimagewidth%5D=437&options%5Bimageheight%5D=292&options%5Bshowarrows%5D=always&options%5Bcolumns%5D=3&options%5Brows%5D=1&options%5Basync%5D=true&status=partial&name=0&data%5Bformat%5D=search&data%5Btitle%5D=Featured%20Properties&data%5Blist%5D=4&data%5Bhide_cta_button%5D=1&data%5Bnumblocks%5D=20&data%5Bwidget_id%5D=5bf5d40dd84ac&data%5Bhidebuffer%5D=10&clientsearch=https%3A%2F%2Fsvc.moxiworks.com%2Fservice%2Fv1%2Flisting%2Fsearch_v2%3Fstatus%3Dactive%26sold_days%3D180%26pstatus%3D1%26ptype_tmp%3D9%26company_only%3D1%26location_search_field%3DUtah%252C%2520USA%26drive_time%3D09%253A00%26drive_duration%3D15%26drive_avoid_ferry%3D1%26drive_departure%3D1%26ss_description%3DUtah%26ss_email_freq%3D40%26ss_send_zero_result%3D1%26bounds_north%3D45.49772702371642%26bounds_east%3D-107.39272003222655%26bounds_south%3D33.03519807725522%26bounds_west%3D-115.70250396777342%26center_lat%3D39.3209801%26center_lon%3D-111.0937311%26center_lat_pan%3D39.5454000223157%26center_lon_pan%3D-111.54761199999999%26geotype%3DAdminDivision1%26user_lat%3D39.3209801%26user_lon%3D-111.0937311%26pgsize%3D30%26startidx%3D0%26zoom%3D7%26ls_conversion%3Dacres%26sort_by%3D10%26company_uuid%3D1234567%26commute%3D0%26buffer_miles%3D0%26geospatial%3Dtrue%26agent_uuid%3Dd9a18794-8755-4f19-989b-7c8ec9fe761b%26ptype%3D1%252C2%252C9%26searchType%3Dcriteria%26omit_hidden%3Dtrue%26mobileState%3Dlist&searchpath=https%3A%2F%2Fwww.winutah.com%2Fsearch%2F%23status%3Dactive%26sold_days%3D180%26pstatus%3D1%26ptype_tmp%3D9%26company_only%3D1%26location_search_field%3DUtah%252C%2520USA%26drive_time%3D09%253A00%26drive_duration%3D15%26drive_avoid_ferry%3D1%26drive_departure%3D1%26ss_description%3DUtah%26ss_email_freq%3D40%26ss_send_zero_result%3D1%26bounds_north%3D45.49772702371642%26bounds_east%3D-107.39272003222655%26bounds_south%3D33.03519807725522%26bounds_west%3D-115.70250396777342%26center_lat%3D39.3209801%26center_lon%3D-111.0937311%26center_lat_pan%3D39.5454000223157%26center_lon_pan%3D-111.54761199999999%26geotype%3DAdminDivision1%26user_lat%3D39.3209801%26user_lon%3D-111.0937311%26pgsize%3D20%26startidx%3D0%26zoom%3D7%26ls_conversion%3Dacres%26sort_by%3D10%26company_uuid%3D1234567%26commute%3D0%26buffer_miles%3D0%26geospatial%3Dtrue%26agent_uuid%3Dd9a18794-8755-4f19-989b-7c8ec9fe761b%26ptype%3D1%252C2%252C9%26searchType%3Dcriteria%26omit_hidden%3Dtrue%26mobileState%3Dlist&searchname=Our%20Exclusive%20Listings&fallbackupdate=true&cachebust=1731839615790

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

12741ed51b759ba4a3578ac9a4c528003a0661628ae40f979f573561945b3e07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

v-backend: agent13-pr
content-encoding: gzip
age: 0
x-renderedpage: true
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:41:06 GMT
x-varnish: 212074688
date: Sun, 17 Nov 2024 10:33:35 GMT
last-modified: Sun, 17 Nov 2024 10:33:36 GMT
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
strict-transport-security: max-age=31536000
link: <https://www.winutah.com/wp-json/>; rel="https://api.w.org/"
content-security-policy: upgrade-insecure-requests
cache-control: private, max-age=0
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 37157
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK search_v2 Show response
svc.moxiworks.com/service/v1/listing/ 169 KB
169 KB 1274ms
918ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/listing/search_v2?status=active&sold_days=180&pstatus=1&ptype_tmp=9&company_only=1&location_search_field=Utah%2C%20USA&drive_time=09%3A00&drive_duration=15&drive_avoid_ferry=1&drive_departure=1&ss_description=Utah&ss_email_freq=40&ss_send_zero_result=1&bounds_north=45.49772702371642&bounds_east=-107.39272003222655&bounds_south=33.03519807725522&bounds_west=-115.70250396777342&center_lat=39.3209801&center_lon=-111.0937311&center_lat_pan=39.5454000223157&center_lon_pan=-111.54761199999999&geotype=AdminDivision1&user_lat=39.3209801&user_lon=-111.0937311&pgsize=30&startidx=0&zoom=7&ls_conversion=acres&sort_by=10&company_uuid=1234567&commute=0&buffer_miles=0&geospatial=true&agent_uuid=d9a18794-8755-4f19-989b-7c8ec9fe761b&ptype=1%2C2%2C9&searchType=criteria&omit_hidden=true&mobileState=list&callback=jQuery37109212523799524348_1731839614879&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1731839614880

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

e53a388b7cb8b329901b3078e25fb456df84ec7229809c8d6b65a5bc260bf215

Security Headers

Name	Value
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

access-control-max-age: 1728000
x-request-id: fb52679f-6609-4672-bf67-19b765982fa9
etag: W/"e53a388b7cb8b329901b3078e25fb456"
access-control-allow-methods: GET, POST, PUT, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.734490
access-control-allow-headers: FROM_APP, FROM-APP, X-AUTH-SR-HASH, X-AUTH-SR-TIMESTAMP, X_AUTH_SR_HASH, X_AUTH_SR_TIMESTAMP
transfer-encoding: chunked
x-frame-options: ALLOWALL
cache-control: max-age=120, private
x-app-server: wms_svc_listing/internal-k8s
access-control-allow-origin: *
x-xss-protection: 0
x-proxy: haproxy23-pr
server: nginx

GET
H/1.1 200
OK current_web_user.json Show response
svc.moxiworks.com/service/v1/auth/users/ 106 B
625 B 578ms
185ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/auth/users/current_web_user.json?&callback=jQuery37109212523799524348_1731839614881&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1731839614882

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

4ec840b8c47cfe6740b4707d2f08deac3fe29a57f79d68cc3dbeb99c0e1f173a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

transfer-encoding: chunked
x-request-id: f0801960-3c13-4f0a-a611-5b054bfb77a3
cache-control: max-age=0, private, must-revalidate
etag: W/"dda372a391cc4b32b403a18e8cfdcd05"
x-app-server: wms_svc_auth/internal-k8s
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 17 Nov 2024 10:33:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
x-proxy: haproxy23-pr
server: nginx
x-runtime: 0.009988

GET
H/1.1 200
OK current_web_user.json Show response
svc.moxiworks.com/service/v1/auth/users/ 106 B
625 B 108ms
107ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/auth/users/current_web_user.json?&callback=jQuery37109212523799524348_1731839614883&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1731839614884

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

eda35b8205465884551a75e027121c4a62b8030e92b1d790714a37cf3e2efb9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

transfer-encoding: chunked
x-request-id: 428d5e1f-813b-42c3-bea1-a1ab14d24d52
cache-control: max-age=0, private, must-revalidate
etag: W/"197ff2a4adc67715daf0ba00d93f9ac8"
x-app-server: wms_svc_auth/internal-k8s
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 17 Nov 2024 10:33:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
x-proxy: haproxy23-pr
server: nginx
x-runtime: 0.008765

GET
H2 200 location Show response
telize-v1.p.rapidapi.com/ 379 B
710 B 358ms
144ms Script
application/json 54.163.128.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://telize-v1.p.rapidapi.com/location?rapidapi-key=mKTYRiJxjxmshhou6VAm18RBVSJkp1eyJLYjsn6w8rRmBQPjDW&callback=jQuery37109212523799524348_1731839614885&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1731839614886
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.128.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-128-109.compute-1.amazonaws.com
Software: RapidAPI-1.2.8 /
Resource Hash: 0b5d00a637ef97c9c73269bdb982d79c144f5187983156628ae2bcce31b6e713

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-rapidapi-request-id: edac0570b3d7ec388cf045c8ddab48eb27b7fab86c5812887dc55438bdc1b699
x-ratelimit-requests-remaining: 16705
x-ratelimit-requests-reset: 20043
cache-control: no-cache
x-rapidapi-region: AWS - us-east-1
access-control-allow-origin: *
content-length: 379
x-rapidapi-version: 1.2.8
date: Sun, 17 Nov 2024 10:33:36 GMT
x-ratelimit-requests-limit: 100000
content-type: application/json; charset=utf-8
server: RapidAPI-1.2.8

GET
H/1.1 200
OK loadingAnimation.gif
www.winutah.com/wp-includes/js/thickbox/ 15 KB
15 KB 101ms
100ms Image
image/gif 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/wp-includes/js/thickbox/loadingAnimation.gif

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent14-pr
cache-control: max-age=86400
age: 0
x-app-server: varnish_agent_sites/agent-varnish22-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Mon, 18 Nov 2024 10:33:35 GMT
x-varnish: 50823309
accept-ranges: bytes
content-length: 15238
date: Sun, 17 Nov 2024 10:33:35 GMT
last-modified: Thu, 07 Nov 2024 00:32:18 GMT
content-type: image/gif
server: Apache
x-proxy: haproxy23-pr

POST
H2 204 collect
analytics.google.com/g/ 0
0 95ms
92ms Fetch
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4bc0v881128847za200&_p=1731839614625&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=540781285.1731839615&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAC&_s=3&sid=1731839614&sct=1&seg=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=page_view&_ee=1&_et=67&tfd=2543
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:35 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 56ms
55ms Image
image/gif 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=829829605&t=event&_s=2&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&ul=en-ca&de=UTF-8&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Landing%20Page%20Interaction&ea=Content%20Page%20Form%20Show%20%7C%20from%20general%20contact&el=&_u=qAHAAAgBAAAAACAAI~&jid=&gjid=&cid=540781285.1731839615&tid=UA-384279-8&_gid=24558196.1731839615&z=87614878

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

age: 20053
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:59:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 57ms
56ms Image
image/gif 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

age: 20053
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:59:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 Hmv09b-TDro
www.youtube.com/embed/ Frame A66F 0
0 190ms
189ms Document
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Hmv09b-TDro?wmode=transparent&enablejsapi=1&rel=0

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winutah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-toKUPR_inc0oPnJiAcdXSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Nov 2024 10:33:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 489248118754364 Show response
connect.facebook.net/signals/config/ 30 KB
4 KB 172ms
170ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489248118754364?v=2.9.177&r=stable&domain=www.winutah.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C126%2C127%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7833fff222c3a90b84de9b7db3d243173c15d7d0a8644fefa74b34caed1f8c8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-7xetBNcV' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-7xetBNcV' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=93, rtx=0, c=78, mss=1232, tbw=88412, tp=82, tpl=0, uplat=81, ullat=0
pragma: public
x-fb-debug: 1KkjWfY0XKPyAulSBMgl7hvFTiOqg3q5bp2gyRBqA/NuAnw2gi9ABriG5eiTujOdjvbkku+BSTLjwH0/ICHs+A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 586ms
51ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495682720814542&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1731839615925&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731839615917.302100406865165550&cs_est=true&ler=empty&cdl=API_unavailable&it=1731839615480&coo=false&rqm=GET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=89, rtx=0, c=23, mss=1232, tbw=6256, tp=17, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 529ms
107ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495682720814542&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1731839615925&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731839615917.302100406865165550&cs_est=true&ler=empty&cdl=API_unavailable&it=1731839615480&coo=false&rqm=FGET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438194514722471930"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: X7DD/Sj/0m7fbfEFreJCIlk0jTX/BjcHjB3vM8YvLtvzZC4E8N3snaSaEOCNQCmlLCjyZbZcviKBw9m7H266Gw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438194514722471930", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=89, rtx=0, c=23, mss=1232, tbw=6416, tp=19, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 83ms
82ms Fetch
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R6ZBCNN3B8&gtm=45je4bc0v9135638518za200&_p=1731839614625&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&ul=en-ca&sr=1600x1200&cid=540781285.1731839615&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sid=1731839616&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2704
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6ZBCNN3B8&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 8805 0
0 105ms
86ms Document
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&co=aHR0cHM6Ly93d3cud2ludXRhaC5jb206NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=fhyaalytc24z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u31DOv_dHnDrJ8ywFUU_3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winutah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-u31DOv_dHnDrJ8ywFUU_3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Nov 2024 10:33:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
243 B 93ms
62ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
243 B 150ms
120ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
243 B 151ms
119ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
243 B 147ms
118ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

GET
H/1.1 200
OK package.json Show response
cdn.brytecore.com/packages/realestate/ 4 KB
1 KB 62ms
46ms XHR
application/json 34.234.27.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.brytecore.com/packages/realestate/package.json

Requested by

Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.27.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-27-203.compute-1.amazonaws.com

Software

nginx /

Resource Hash

17fdb963cf72e547a15edef792a9c1ae7852d8b25446deb69a433e13efc6eeec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

Strict-Transport-Security: max-age=15768000
Cache-Control: max-age=43200
Content-Encoding: gzip
ETag: W/"5d1580e4-1168"
Pragma: public
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Sun, 17 Nov 2024 22:33:36 GMT
Access-Control-Allow-Origin: *
Content-Length: 1020
Date: Sun, 17 Nov 2024 10:33:36 GMT
Content-Type: application/json
Last-Modified: Fri, 28 Jun 2019 02:52:20 GMT
Server: nginx

GET
H2 200 enabled Show response
chat-api.brytecore.com/settings/ 44 B
352 B 118ms
118ms XHR
application/json 98.82.79.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-api.brytecore.com/settings/enabled?apiKey=bda790d9-d2d9-46a2-a47d-74ab07310a97&domain=www.winutah.com&url=https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Requested by

Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

98.82.79.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-79-34.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

22f3841cc8729cd3b17a1281c9983c779dcd14bdcec1f82fb0774b45ff72ca3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=15768000
etag: W/"2c-/UNVlg4M89HxWGGq86WZ0xA9pVk"
access-control-allow-credentials: true
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
content-length: 44
date: Sun, 17 Nov 2024 10:33:36 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx
x-frame-options: DENY

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 273ms
50ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489248118754364&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1731839616306&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731839615917.302100406865165550&cs_est=true&ler=empty&cdl=API_unavailable&it=1731839615480&coo=false&rqm=GET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=89, rtx=0, c=23, mss=1232, tbw=5840, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 331ms
109ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=489248118754364&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1731839616306&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1731839615917.302100406865165550&cs_est=true&ler=empty&cdl=API_unavailable&it=1731839615480&coo=false&rqm=FGET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438194513132150295"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438194513132150295", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: /hOpTN2FoLtuqyXm2sPJvHslt09zejzcGkByWhoLRVc5c+2cuWupkSnEgxmMLem001iT/P3QzhYX0A3jHSS3Fg==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=89, rtx=0, c=23, mss=1232, tbw=9600, tp=22, tpl=0, uplat=38, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET error
connect.facebook.net//log/ 0
0

GET
H2 200 p.gif
p.typekit.net/ 35 B
206 B 331ms
109ms Image
image/gif 2600:141b:1c00:8::1728:b323
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=bzd3nzl&ht=tk&h=www.winutah.com&f=139.140.173.175.176.25136.12047.12048.12049.12053&a=6994921&js=1.21.0&app=typekit&e=js&_=1731839616323
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b323 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=604800
etag: "65c8c508-23"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: image/gif
last-modified: Sun, 11 Feb 2024 13:00:56 GMT
server: nginx

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 323ms
79ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 17 Nov 2024 10:33:36 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 323ms
80ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 17 Nov 2024 10:33:36 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 321ms
78ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 17 Nov 2024 10:33:36 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 323ms
80ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 17 Nov 2024 10:33:36 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content package.json
cdn.brytecore.com/packages/realestate/ Frame 0
0 317ms
59ms Preflight
text/plain 34.234.27.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.brytecore.com/packages/realestate/package.json

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.27.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-27-203.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Sun, 17 Nov 2024 10:33:36 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000

OPTIONS
H2 204 enabled
chat-api.brytecore.com/settings/ Frame 0
0 367ms
122ms Preflight 98.82.79.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-api.brytecore.com/settings/enabled?apiKey=bda790d9-d2d9-46a2-a47d-74ab07310a97&domain=www.winutah.com&url=https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

98.82.79.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-79-34.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 17 Nov 2024 10:33:36 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

GET
H/1.1 200
OK google_bypass.js Show response
svc.moxiworks.com/service/v1/branding/bypass/google/1234567/ 33 KB
33 KB 93ms
93ms Script
application/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://svc.moxiworks.com/service/v1/branding/bypass/google/1234567/google_bypass.js?send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1731839614887
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: de9843b43586d4cbaf0501337110a82af340f231289b9ff17a46966c98842e6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "65d7e207-849c"
x-app-server: wms_svc_branding/internal-k8s
accept-ranges: bytes
content-length: 33948
date: Sun, 17 Nov 2024 10:33:36 GMT
content-type: application/javascript
last-modified: Fri, 23 Feb 2024 00:08:39 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H3 200 Vitruvius-icon-set.ttf
cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/fonts/ 17 KB
12 KB 206ms
79ms Font
font/ttf 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/fonts/Vitruvius-icon-set.ttf?xu4n51

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/project-vitruvius-icons.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6cea0cf25353bf8155b1f7a539b9f7d7b7bbd8c359e7f1f90996ae6437b5dc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/project-vitruvius-icons.min.css

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"4420-qeHq3hdxFl0rdZdgpo15QPY1llg"
age: 1246249
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sun, 17 Nov 2024 10:33:37 GMT
content-type: font/ttf
x-served-by: cache-fra-etou8220061-FRA, cache-yyz4559-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11451
x-jsd-version: 0.0.21

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 294 KB
64 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241106.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 148458
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 17:19:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 17:19:19 GMT
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 65163
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 180 KB
55 KB 70ms
68ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241106.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 188279
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 06:15:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 06:15:38 GMT
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56099
x-xss-protection: 0
server: sffe

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 98 KB
26 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241106.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b37f9e0d5f5b2e8a9ecb857ab9d84056fcac1bee73c1279e85cb63b84bc538e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 127181
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 23:13:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 23:13:56 GMT
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 26198
x-xss-protection: 0
server: sffe

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/13/ 47 KB
14 KB 87ms
86ms Script
text/javascript 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/13/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241106.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df66b5168faa329b23a610d6f8933cd12db195d2d3c00639ed42d59fefc4587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 122891
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 00:25:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 00:25:26 GMT
last-modified: Tue, 06 Aug 2024 18:37:16 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 14241
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK favicon.ico
images-static.moxiworks.com/static/images/br/windermere/icons2/ 1 KB
1 KB 455ms
159ms Other
image/x-icon 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://images-static.moxiworks.com/static/images/br/windermere/icons2/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: 710137d0cf763abd9bc6e0f2ca91c322d1e68f3e7b353e3e85f505bdadc2384d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "5bc9204d-47e"
x-app-server: static_image_host/client22-pr
accept-ranges: bytes
content-length: 1150
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/x-icon
last-modified: Fri, 19 Oct 2018 00:07:41 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 227ms
75ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:33:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:37 GMT
content-type: image/png
last-modified: Tue, 18 May 2021 19:15:00 GMT
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
content-length: 1616
x-xss-protection: 0
server: sffe

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 228ms
76ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 10:33:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:37 GMT
content-type: image/png
last-modified: Tue, 18 May 2021 19:15:00 GMT
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
content-length: 3351
x-xss-protection: 0
server: sffe

GET
H2 200 0_2_small.jpg
i11.moxi.onl/img-pr-002018/was/bc362d437cbf0806b825448c731c8c7f3b0f5f41/ 164 KB
165 KB 368ms
110ms Image
image/jpeg 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i11.moxi.onl/img-pr-002018/was/bc362d437cbf0806b825448c731c8c7f3b0f5f41/0_2_small.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f1c92fe9516bad70b1ae9d890b630d06ae221716e4a7f60aa25d2ef376fb9728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 9e5cdf15-8411-4dab-93bb-dac8f43e6570
etag: W/"f1c92fe9516bad70b1ae9d890b630d06"
age: 134562
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/jpeg
content-disposition: inline
x-runtime: 0.264890
x-cache-hits: 18, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-bfi-krnt7300045-BFI, cache-yul1970033-YUL
cache-control: max-age=2629746, public
x-timer: S1731839618.146014,VS0,VE64
x-app-server: wms_svc_ivs/internal-k8s
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 167993
x-xss-protection: 1; mode=block
x-proxy: haproxy22-pr
server: nginx

GET
H2 200 0_2_small.jpg
i12.moxi.onl/img-pr-002018/was/b5974db0e0ff76a80c38ae7b39d6d09316e95d08/ 260 KB
261 KB 335ms
109ms Image
image/jpeg 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i12.moxi.onl/img-pr-002018/was/b5974db0e0ff76a80c38ae7b39d6d09316e95d08/0_2_small.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

29ff54c1648ea120d8ceb66361a2e76477e10b8c9693be31c30a5ce54fa0f435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 4e0ae136-735b-4df3-92a8-7570f473bb24
etag: W/"29ff54c1648ea120d8ceb66361a2e764"
age: 139989
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/jpeg
content-disposition: inline
x-runtime: 0.319611
x-cache-hits: 7, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-bfi-kbfi7400096-BFI, cache-yul1970069-YUL
cache-control: max-age=2629746, public
x-timer: S1731839618.108424,VS0,VE70
x-app-server: wms_svc_ivs/internal-k8s
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 266445
x-xss-protection: 1; mode=block
x-proxy: haproxy21-pr
server: nginx

GET
H2 200 0_2_small.jpg
i2.moxi.onl/img-pr-002018/was/f51c7ff8d4f7dea40ccf95e1175f47476e884f66/ 183 KB
183 KB 300ms
109ms Image
image/jpeg 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.moxi.onl/img-pr-002018/was/f51c7ff8d4f7dea40ccf95e1175f47476e884f66/0_2_small.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0526575259c51147a3ffabe1f7d6f57549921f254b71f5f0d819491727b1593c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 0a96e3b1-a148-46e2-b9eb-775369cfdaa4
etag: W/"0526575259c51147a3ffabe1f7d6f575"
age: 144732
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/jpeg
content-disposition: inline
x-runtime: 0.303360
x-cache-hits: 8, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-bfi-kbfi7400081-BFI, cache-yul1970062-YUL
cache-control: max-age=2629746, public
x-timer: S1731839618.079133,VS0,VE65
x-app-server: wms_svc_ivs/internal-k8s
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 187025
x-xss-protection: 1; mode=block
x-proxy: haproxy21-pr
server: nginx

GET
H/1.1 200
OK favicon-32x32.png
images-static.moxiworks.com/static/images/br/windermere/icons2/ 2 KB
3 KB 98ms
97ms Other
image/png 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://images-static.moxiworks.com/static/images/br/windermere/icons2/favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: 728520d84b85d07f804d1bf2a681ea0fcc230fb716291b22bf68ced3c96dad4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "5bc9202e-9d0"
x-app-server: static_image_host/client23-pr
accept-ranges: bytes
content-length: 2512
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/png
last-modified: Fri, 19 Oct 2018 00:07:10 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H2 200 0_2_small.jpg
i2.moxi.onl/img-pr-002018/was/f51c7ff8d4f7dea40ccf95e1175f47476e884f66/ 183 KB
0 0ms
0ms Image
image/jpeg 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.moxi.onl/img-pr-002018/was/f51c7ff8d4f7dea40ccf95e1175f47476e884f66/0_2_small.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0526575259c51147a3ffabe1f7d6f57549921f254b71f5f0d819491727b1593c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 0a96e3b1-a148-46e2-b9eb-775369cfdaa4
etag: W/"0526575259c51147a3ffabe1f7d6f575"
age: 144732
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/jpeg
content-disposition: inline
x-runtime: 0.303360
x-cache-hits: 8, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-bfi-kbfi7400081-BFI, cache-yul1970062-YUL
cache-control: max-age=2629746, public
x-timer: S1731839618.079133,VS0,VE65
x-app-server: wms_svc_ivs/internal-k8s
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 187025
x-xss-protection: 1; mode=block
x-proxy: haproxy21-pr
server: nginx

GET
H2 200 0_2_small.jpg
i12.moxi.onl/img-pr-002018/was/b5974db0e0ff76a80c38ae7b39d6d09316e95d08/ 260 KB
0 0ms
0ms Image
image/jpeg 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i12.moxi.onl/img-pr-002018/was/b5974db0e0ff76a80c38ae7b39d6d09316e95d08/0_2_small.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

29ff54c1648ea120d8ceb66361a2e76477e10b8c9693be31c30a5ce54fa0f435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 4e0ae136-735b-4df3-92a8-7570f473bb24
etag: W/"29ff54c1648ea120d8ceb66361a2e764"
age: 139989
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/jpeg
content-disposition: inline
x-runtime: 0.319611
x-cache-hits: 7, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-bfi-kbfi7400096-BFI, cache-yul1970069-YUL
cache-control: max-age=2629746, public
x-timer: S1731839618.108424,VS0,VE70
x-app-server: wms_svc_ivs/internal-k8s
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 266445
x-xss-protection: 1; mode=block
x-proxy: haproxy21-pr
server: nginx

GET
H2 200 0_2_small.jpg
i11.moxi.onl/img-pr-002018/was/bc362d437cbf0806b825448c731c8c7f3b0f5f41/ 164 KB
0 0ms
0ms Image
image/jpeg 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i11.moxi.onl/img-pr-002018/was/bc362d437cbf0806b825448c731c8c7f3b0f5f41/0_2_small.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f1c92fe9516bad70b1ae9d890b630d06ae221716e4a7f60aa25d2ef376fb9728

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 9e5cdf15-8411-4dab-93bb-dac8f43e6570
etag: W/"f1c92fe9516bad70b1ae9d890b630d06"
age: 134562
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Sun, 17 Nov 2024 10:33:38 GMT
content-type: image/jpeg
content-disposition: inline
x-runtime: 0.264890
x-cache-hits: 18, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-bfi-krnt7300045-BFI, cache-yul1970033-YUL
cache-control: max-age=2629746, public
x-timer: S1731839618.146014,VS0,VE64
x-app-server: wms_svc_ivs/internal-k8s
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 167993
x-xss-protection: 1; mode=block
x-proxy: haproxy22-pr
server: nginx

POST
H3 204 collect
analytics.google.com/g/ 0
0 84ms
83ms Fetch
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4bc0v881128847za200&_p=1731839614625&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=540781285.1731839615&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=4&sid=1731839614&sct=1&seg=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=lead_form_opened&_ee=1&ep.formtype=generic_contact&ep.schedule_a_showing=false&ep.is_overlay=false&ep.location_type=Content%20Page%20Form&_et=967&tfd=7544
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:40 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 58ms
58ms Fetch
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R6ZBCNN3B8&gtm=45je4bc0v9135638518za200&_p=1731839614625&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&ul=en-ca&sr=1600x1200&cid=540781285.1731839615&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=2&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sid=1731839616&sct=1&seg=0&en=Content%20Page%20Form%20Show%20%7C%20from%20general%20contact&_ee=1&ep.event_category=Landing%20Page%20Interaction&_et=5&tfd=7712
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6ZBCNN3B8&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 10:33:41 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.winutah.com
URL: blob:https://www.winutah.com/3917f473-cc88-4dad-af77-868b353eb2ff

Domain: track-v2.funnelytics.io
URL: https://track-v2.funnelytics.io/sessions

Domain: connect.facebook.net
URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.177&e=Error%3A%20Duplicate%20Pixel%20ID%3A%20495682720814542.&s=Error%3A%20Duplicate%20Pixel%20ID%3A%20495682720814542.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A134%3A5094)%0A%20%20%20%20at%20Function.%24%20%5Bas%20init%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A313%3A7779)%0A%20%20%20%20at%20Function.Z%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A313%3A2518)%0A%20%20%20%20at%20Aa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A313%3A11867)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A313%3A11903%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A98%3A447%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A240%3A1773)%0A%20%20%20%20at%20each%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A240%3A3319)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A98%3A410)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A98%3A818)&ue=1&rs=stable&rqm=FGET

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winutah.com/	1970-01-21 10:39:59	Name: _ga Value: GA1.1.540781285.1731839615
.doubleclick.net/	1970-01-21 01:04:00	Name: test_cookie Value: CheckForPermission
.vimeo.com/	1970-01-21 01:04:01	Name: __cf_bm Value: 6jL02JryF2xJhHHuyJ4Nf9b7X.8oqnOa6QWnw8oLWps-1731839615-1.0.1.1-2_WLzTi1CLK7v.NT7.UDVscDA2Y8HmNWj2aM.f5YJ6_.M1uK3TfgXbE0zD7lzziq
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 3nuKAOhDf_OkuHZx__sM19yybigieYiX8Y_8DQhlp_c-1731839615170-0.0.1.1-604800000
www.winutah.com/	1970-01-21 10:39:59	Name: _ga Value: GA1.1.540781285.1731839615
www.winutah.com/	1970-01-21 01:05:26	Name: _gid Value: GA1.1.24558196.1731839615
www.winutah.com/	1970-01-21 01:03:59	Name: _gat Value: 1
www.winutah.com/	1970-01-21 01:03:59	Name: _gat_altTracker Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: g-btxRlC-oM
.youtube.com/	1970-01-21 05:23:11	Name: VISITOR_INFO1_LIVE Value: Nx8SBwQMC2c
.youtube.com/	1970-01-21 05:23:11	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgVw%3D%3D
.winutah.com/	1970-01-21 10:39:59	Name: _ga_M4R9KTHP2J Value: GS1.1.1731839614.1.1.1731839615.59.0.0
.winutah.com/	1970-01-21 03:13:35	Name: _fbp Value: fb.1.1731839615917.302100406865165550
www.winutah.com/	1970-01-21 10:39:59	Name: _ga_R6ZBCNN3B8 Value: GS1.1.1731839616.1.0.1731839616.0.0.0
www.winutah.com/	1969-12-31 23:59:59	Name: brytescore_apikey Value: %7B%22apikey%22%3A%22bda790d9-d2d9-46a2-a47d-74ab07310a97%22%7D
www.winutah.com/	1970-01-21 09:49:35	Name: brytescore_uu Value: %7B%22aid%22%3A%2246596da5-e095-4119-a64f-076f04a0b574%22%2C%22uid%22%3A%22%22%7D
www.winutah.com/	1970-01-21 01:04:01	Name: brytescore_session Value: %7B%22sid%22%3A%22f6d37ce0-84b8-4fd6-95fe-7f1c833e388b%22%2C%22brw%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36%22%2C%22aid%22%3A%2246596da5-e095-4119-a64f-076f04a0b574%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track-v2.funnelytics.io/sessions Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
rendering	warning	URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B0B6013C330000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
allinforparkcity.com
analytics.google.com
api.brytecore.com
cdn.brytecore.com
cdn.funnelytics.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
chat-api.brytecore.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i11.moxi.onl
i12.moxi.onl
i2.moxi.onl
images-static.moxiworks.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
p.typekit.net
player.vimeo.com
stats.g.doubleclick.net
svc.moxiworks.com
td.doubleclick.net
telize-v1.p.rapidapi.com
track-v2.funnelytics.io
use.typekit.net
winutah.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.winutah.com
www.youtube.com
connect.facebook.net
track-v2.funnelytics.io
www.winutah.com
13.226.34.28
15.197.225.128
151.101.131.52
151.101.3.52
151.101.67.52
162.159.138.60
2600:1400:9000::687e:7653
2600:141b:1c00:8::1728:b323
2606:4700::6811:190e
2606:4700::6812:bcf
2607:f8b0:4004:c06::9b
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::2004
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::485
3.94.69.56
34.234.27.203
54.163.128.109
64.246.164.133
64.246.164.140
98.82.79.34
0526575259c51147a3ffabe1f7d6f57549921f254b71f5f0d819491727b1593c
05a402172cf3219677542a51ca892a565a6155bd376034ea51ec7b8f2c34153f
06c56c7dab8a9289813dc960fdb145f1511f405e3ac66f86cfa3ab4b5f69e82e
0756e594e5ce3e70088700bce73cfffb4c7dff156e92d78bc94f908b285f8d71
09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d
09b0f070bde3d0af1b07e4d8b4614f89b5a17f441896dca7fef8457f65637092
0aabcea59f54b9ea215b79f429c8a37e68b83fdf5488204e11b87aada8dde514
0b5d00a637ef97c9c73269bdb982d79c144f5187983156628ae2bcce31b6e713
12741ed51b759ba4a3578ac9a4c528003a0661628ae40f979f573561945b3e07
1318a5da23d26c27b42ac11542124270429e0bb06eb20b1cf596d956bdf85504
166ad2077610fb480a48628aef1e5d6b0bf0b94b4b668f34750e20879f366e40
17fdb963cf72e547a15edef792a9c1ae7852d8b25446deb69a433e13efc6eeec
197d4577e122b86d42874b116a8b328f5cb448dc09a2522b85867de754ca6335
1b6c6d217dfc1c0178e720df017d42fd9972531864a83e619b71e9b031dde8fc
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
22f3841cc8729cd3b17a1281c9983c779dcd14bdcec1f82fb0774b45ff72ca3b
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
29ff54c1648ea120d8ceb66361a2e76477e10b8c9693be31c30a5ce54fa0f435
2a0cc99682552d20a8d475814629c3a84f72a596e13a9005f8ad8338b8dffa13
2a3d47177bc866e138291102d44068436a280b2bf4852de4158fd0fae587e729
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fa75a149b4f235118cfcc2a089febfe62fcf90c60262cc8670ef985f98fff86
329174abb95b8434fb36bf265869bf8a53c0ddc18d64d8f75e65e7ed4832bb4a
35176d8ae64238ba1951c4a1e231d5f218bc7b47557431fe8d0c0e8dbcc4f642
35a8950d8d20ff8c89da0b12595a7da152cb007996ab6b557f16f0c5c63d4d04
3df66b5168faa329b23a610d6f8933cd12db195d2d3c00639ed42d59fefc4587
403b621795be0d3dbbe618ce35500056cbbd0e47975c22532f7370678ba4126c
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5
4ec840b8c47cfe6740b4707d2f08deac3fe29a57f79d68cc3dbeb99c0e1f173a
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5275d1f3e5f35d1e1a592af7fe987c969b0dcbd45a59244d6b36486c331682ba
55c0ed8db1d7f64c98fa81dfd6b7b2b3385226cfac069c79439f31d7af2f69c2
5a453970accd51884836b84c9c949483d1f1246912e6fa315f8f422127cb7d64
5cb6449e1f2c22a9e35913b1886dc4f07e3247c96dda93ae318878a37bf6f007
5ed477698e07d2b7b6d219c7b4ff6f3695084656c61ba4c461dc121956ce6101
634c29f0b8765a21d56727eaeb9d2d04fef137f47daa3931ad184b1c495c027b
653cfe0393d050fcbe2df90f6a5c62aa4c26fa0fe7327f695df4d195479713b0
66a02a33df473ee1fa6a74cc1ab6638e44fe460d3ff953ccb9c78f4db49f403e
6a22d043c18807dd3316a5fd7a4b135c14f0cf8c78d268d8a1ea574419df4e17
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b37f9e0d5f5b2e8a9ecb857ab9d84056fcac1bee73c1279e85cb63b84bc538e
6c2218f5e0401c9115efcdc3a5b57993e596d85d173317a18ed06425135d3cf1
6ce8ee899fa3c97c1355bd4f06fed11c42208829fa4452109f731649335a9404
6cea0cf25353bf8155b1f7a539b9f7d7b7bbd8c359e7f1f90996ae6437b5dc67
6d57d9de75cb4a832e81ababd248d04ce41d448575d88082e9d87671ae0ba5fe
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
710137d0cf763abd9bc6e0f2ca91c322d1e68f3e7b353e3e85f505bdadc2384d
728520d84b85d07f804d1bf2a681ea0fcc230fb716291b22bf68ced3c96dad4c
749e9e6c1652b50dde4385d73974f50d699f43ae8def9f78dad63ef837fbf556
780ade59401f9e89e78a1e7e418b9e08bd3cd34d5e0930da5b8e9947fbf964a9
7833fff222c3a90b84de9b7db3d243173c15d7d0a8644fefa74b34caed1f8c8c
793952039d38075b96dfd76c5cb10a4d67a7120c9dfe3c5617c0d62be3e5e7f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c3b39a59cdd4f58175adce9995ea9210b2db0d669328568b8bbc8b64a0f5231
7e544b8f67d59fc2218ca9e75a90f9df085d834a2e86622ce4bff1916a9d49c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374f1d6c1968c1456cc9ad256a7714f5c327ceee91fa4adc5fbcbac47000ada
85a0a37e677b5386667a97230cc583313b74bb70a7a1d616f2ce5729bbf04085
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
9089445ec9edcbfe1963f7b38490aa317f2ba03000a52edc38243834844eefe8
99c4f4fef4854ff47dea38811dba91216b311ca8ed11a0d6f70498586a575c5a
99f75a02bf319c4dcf6be997e2a1dd495cba095c0e5f16c4214a54aeba264caf
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a0555f8770abceb1635fc0b7b98d40341bc57c90b19aac3541c82b61e2ea784a
a4d215df25cf0c3300ec0944cfc64ba9eac773e5af114d41eb54ed2ebc869be9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0af20e084d37ac0a3a46c11624f67f32b2426eacbe17732e842ec03fcc2957e
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bc1e7dc794733f6739eb8569fe98bd6447af7f475fc1509103f53ca9db444969
bd7c5d26d9eae6791c58a2030e37d66aee5d0ec8ff113c155d8c7d2721d9565d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c85ab34c0ffc6a71386c7e0ef87386f203992b46a3f519510f40545717f85400
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9843b43586d4cbaf0501337110a82af340f231289b9ff17a46966c98842e6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53a388b7cb8b329901b3078e25fb456df84ec7229809c8d6b65a5bc260bf215
ea9b430678365f31ebe9d2e17f841a1b9d1eba39765029b437a868f8d97b1080
eda35b8205465884551a75e027121c4a62b8030e92b1d790714a37cf3e2efb9a
edde01a168c1ae1f34f7d6e3966086c388e0e01d26a1084e073ce4a883363bcf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c92fe9516bad70b1ae9d890b630d06ae221716e4a7f60aa25d2ef376fb9728
f8adb712ba968365d6447fe46fed8a9a919692d9970431e150abbffe7a0e796d
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

www.winutah.com Open in urlscan Pro 64.246.164.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

98 %HTTPS

61 %IPv6

22 Domains

36 Subdomains

31 IPs

2 Countries

3743 kBTransfer

9360 kBSize

17 Cookies

16 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winutah.com Open in urlscan Pro
64.246.164.133 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

98 %
HTTPS

61 %
IPv6

22
Domains

36
Subdomains

31
IPs

2
Countries

3743 kB
Transfer

9360 kB
Size

17
Cookies

120 HTTP transactions
2 data transactions