urlscan.io logo urlscan.io
SecurityTrails logo

preview.thewintergroup614.com Open in urlscan Pro
2606:4700::6812:2c8  Public Scan

Go To Rescan Add Verdict Report
URL: https://preview.thewintergroup614.com/
Submission: On June 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 56 HTTP transactions. The main IP is 2606:4700::6812:2c8, located in United States and belongs to CLOUDFLARENET, US. The main domain is preview.thewintergroup614.com.
TLS certificate: Issued by GTS CA 1P5 on May 8th 2024. Valid for: 3 months.
This is the only time preview.thewintergroup614.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2606:4700::6812:2c8 (United States)

ASN13335 (CLOUDFLARENET, US)
preview.thewintergroup614.com
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a02:26f0:3100::1735:2850 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
10    3.85.173.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-85-173-131.compute-1.amazonaws.com
api.curaytor.io
3    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:25a2:2a00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2a02:26f0:3100::1735:2808 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
1    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.google.de
1    2a05:d018:cc3:fe04:9297:b64d:a588:fbec (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 thewintergroup614.com
preview.thewintergroup614.com
225 KB
10 curaytor.io
api.curaytor.io — Cisco Umbrella Rank: 872928
5 MB
9 typekit.net
use.typekit.net — Cisco Umbrella Rank: 621
p.typekit.net — Cisco Umbrella Rank: 778
119 KB
5 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3795
d.adroll.com — Cisco Umbrella Rank: 1794
30 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
162 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1397
141 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
202 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8139
63 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
359 B
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1007
3 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
56 14
Domain Requested by
14 preview.thewintergroup614.com preview.thewintergroup614.com
10 api.curaytor.io preview.thewintergroup614.com
7 use.typekit.net preview.thewintergroup614.com
use.typekit.net
4 s.adroll.com 1 redirects www.googletagmanager.com
preview.thewintergroup614.com
s.adroll.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
preview.thewintergroup614.com
3 connect.facebook.net preview.thewintergroup614.com
connect.facebook.net
3 use.fontawesome.com preview.thewintergroup614.com
use.fontawesome.com
2 www.facebook.com preview.thewintergroup614.com
2 p.typekit.net use.typekit.net
2 www.googletagmanager.com preview.thewintergroup614.com
www.googletagmanager.com
1 d.adroll.com s.adroll.com
1 www.google.de preview.thewintergroup614.com
1 www.google.com preview.thewintergroup614.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 unpkg.com preview.thewintergroup614.com
0 fonts.googleapis.com Failed preview.thewintergroup614.com
56 17

This site contains links to these domains. Also see Links.

Domain
search.thewintergroup614.com
www.facebook.com
www.youtube.com
www.instagram.com
www.curaytor.com
Subject Issuer Validity Valid
thewintergroup614.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
api.curaytor.io
R3		 2024-05-29 -
2024-08-27		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
unpkg.com
GTS CA 1P5		 2024-05-30 -
2024-08-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-18 -
2024-06-16		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.de
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://preview.thewintergroup614.com/
Frame ID: D97F0F34D56D4468F83C5FFDFF372728
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Engel & Volkers Real Estate Advisors | Home Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

56
Requests

96 %
HTTPS

72 %
IPv6

14
Domains

17
Subdomains

19
IPs

4
Countries

6194 kB
Transfer

7463 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://s.adroll.com/j/pre/MZYXGMBZMZBARPCFZGBNNM/JFTN25RGPFA2FDKP6QSA5J/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
preview.thewintergroup614.com/ 		97 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5642fb2ff2b8326edd5447803f22035a19aa4c71b77de8e65d8217ed642e886d
Security Headers
Name Value
Content-Security-Policy frame-ancestors managestage.thewintergroup614.com manage.thewintergroup614.com base.curaytor.com base-staging.curaytor.io;
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options "allow-from base-staging.curaytor.io"
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
8910091a6c9d9739-FRA
content-encoding
gzip
content-security-policy
frame-ancestors managestage.thewintergroup614.com manage.thewintergroup614.com base.curaytor.com base-staging.curaytor.io;
content-type
text/html;charset=UTF-8
date
Sun, 09 Jun 2024 09:18:40 GMT
server
cloudflare
strict-transport-security
max-age=15769000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
"allow-from base-staging.curaytor.io"
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		291 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQQV6RL
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8b7cbfba52d9417cc75c9fbc7447c0278bb5b9b5d8115281bb52e425531cfd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103693
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jun 2024 09:18:40 GMT
jbv8hkz.css
use.typekit.net/ 		1 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/jbv8hkz.css
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2850 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5b41ea4520ece6e1d7eb5f0a0fa7b61f2dd1796b0410be4c7044b1e86b995c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 09 Jun 2024 09:18:40 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
591
kli2qgk.css
use.typekit.net/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/kli2qgk.css
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2850 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f2b6f1f5182963fec5899c72be4819fc5b0475cd0f7536d63fd6724274ec984c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 09 Jun 2024 09:18:40 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1701
css
fonts.googleapis.com/ 		0
0
EV_Logo_CMYK_R.png
api.curaytor.io/sites/2870/media/2170399/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2170399/EV_Logo_CMYK_R.png
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
789e87b28e1790f7e0d7c0af7b7cae48e8d002e5203fecf455068ddbbfc42757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
EV_Logo_CMYK_W.png
api.curaytor.io/sites/2870/media/2170405/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2170405/EV_Logo_CMYK_W.png
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5870498c156de2db7b74ab1fd2c9508426185b92fc84c55229029d9d2e296845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
EV_Logo_CMYK_R.png
api.curaytor.io/sites/2870/media/2170400/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2170400/EV_Logo_CMYK_R.png
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
789e87b28e1790f7e0d7c0af7b7cae48e8d002e5203fecf455068ddbbfc42757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
EV_Logo_CMYK_W.png
api.curaytor.io/sites/2870/media/2170406/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2170406/EV_Logo_CMYK_W.png
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5870498c156de2db7b74ab1fd2c9508426185b92fc84c55229029d9d2e296845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
Frame%20968.png
api.curaytor.io/sites/2870/media/2654654/ 		864 KB
865 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2654654/Frame%20968.png?w=851
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
768655ce373b808546132f6928f90c707c619df080599856f74077fc4f711e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
MLSEqualHousing.png
api.curaytor.io/sites/2581/media/1598773/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2581/media/1598773/MLSEqualHousing.png
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6b40a821d4c7cd6df52216febc76195951b65d052403196329bfd6e7dcac6b9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
email-decode.min.js
preview.thewintergroup614.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Jun 2024 12:27:30 GMT
server
cloudflare
etag
W/"665f0832-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8910091f0b749739-FRA
expires
Tue, 11 Jun 2024 09:18:40 GMT
all.css
use.fontawesome.com/releases/v5.3.1/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"10519cfd3206802f58315b877a9beab5"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rb6rmkHSuT9RxZDIsPgS41bvUrGji2w2wMHbrJWuGZTH%2FZ6Rnu8T7lY2fPJ81nz5SyGttdqtYhYG3AXF9sTY%2Fy0irWF2KsrCHtzJxVa3SEebDb9vkBrajjuEeeXrrlXpCnKmq4lQj7nA0uzpHt4pGM%2B5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
891009205e192bf8-FRA
alt-svc
h3=":443"; ma=86400
webcomponents-loader.js
unpkg.com/@webcomponents/webcomponentsjs@2.3.0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@webcomponents/webcomponentsjs@2.3.0/webcomponents-loader.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7575971
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWBNGYMEGMAA9RSJMES3ZNP-fra
server
cloudflare
etag
"1880-H4v9FAixcISxaA2WDUSbG+KgJzQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8910092058a88f33-FRA
bundle.afe665f64fe4b58dbd99.js
preview.thewintergroup614.com/assets/js/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e96087f5446b38d34fbb3bcc99352658eb6db316355638705a8cbfeb50bbf8d3
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:17 GMT
server
cloudflare
etag
"16c04-61981bc1864b5-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8910091f0b829739-FRA
content-length
28138
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:40 GMT
js
www.googletagmanager.com/gtag/ 		299 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BDL4JSCW0B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQV6RL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b47124558ee17e9ff6ddb99911345838d5cad193ea01569633f9bb3066f4a38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102110
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 09 Jun 2024 09:18:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 09:18:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1368, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
3y+LIeVNBE/rMoA7h6PrkKXz8XqsOhVJEKLan4H4IFwjeXcdXxhnDyIU9SGR3DIZOdm3TOiYAecXp4cpZnCT8g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQV6RL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 09 Jun 2024 07:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5857
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 09 Jun 2024 09:41:03 GMT
roundtrip.js
s.adroll.com/j/ 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQQV6RL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:2a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd374bea8f2cce1e9514e9f9a7af6cd7efbb566a5eea5cda53affc1391ada818

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Amz-Version-Id
mo7_u_yH02gprJDRXoC6WhXOKdSomtp.
Content-Encoding
gzip
Via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
Date
Sun, 09 Jun 2024 08:54:29 GMT
Age
1452
X-Amz-Cf-Pop
ZRH55-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 05 Jun 2024 15:35:46 GMT
Server
AmazonS3
Etag
W/"39817cce3f515077c86e9cc99a65f623"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
zturQUt3ozVj5jrnLyco8tVRc8a_XvDY8ytdMW3sbwND5vXy-UVVkg==
advisor-couple-sign-min.jpg
api.curaytor.io/sites/2870/media/2645403/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2645403/advisor-couple-sign-min.jpg
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9b633a0077aaec8f8a2b8e7bb97374a0a1498a92282425ce60d6024d7f92a2e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
DSC01220-min.jpg
api.curaytor.io/sites/2870/media/2645436/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2645436/DSC01220-min.jpg
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1489ad4c5f6f61d2000367e1adbc453ff2e8dbcf773db5cce2629190b7bc5fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
Columbus%20Skyline%20Daytime.jpeg
api.curaytor.io/sites/2870/media/2645442/ 		929 KB
930 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.curaytor.io/sites/2870/media/2645442/Columbus%20Skyline%20Daytime.jpeg
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
58ec787e060765bdce8fb4df91d0b1aa10238d9a2a533e584478b02e5484ced8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
Gotham-Bold_0.otf
preview.thewintergroup614.com/assets/fonts/ 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/fonts/Gotham-Bold_0.otf
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Mar 2020 19:16:01 GMT
server
cloudflare
etag
"53a0-5a00c40419792-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/otf
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
891009219f649739-FRA
content-length
15204
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
Gotham-Medium.otf
preview.thewintergroup614.com/assets/fonts/ 		156 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/fonts/Gotham-Medium.otf
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc397773a547218b8c334f9a40ea8e58f55198fab6095b103e598634fe273450
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Mar 2020 19:16:01 GMT
server
cloudflare
etag
"2706c-5a00c404262b2-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/otf
cache-control
public, max-age=14400
cf-ray
891009219f659739-FRA
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
Gotham-MediumItalic.otf
preview.thewintergroup614.com/assets/fonts/ 		163 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/fonts/Gotham-MediumItalic.otf
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df742bb6f39ebb10e3e7df3750bbf95b143f3c0b48656d5779075a4070c7d57
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Mar 2020 19:16:01 GMT
server
cloudflare
etag
"28be0-5a00c4043ca13-gzip"
vary
Accept-Encoding,User-Agent
content-type
font/otf
cache-control
public, max-age=14400
cf-ray
891009219f699739-FRA
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
collect
www.google-analytics.com/j/ 		4 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1411729950&t=pageview&_s=1&dl=https%3A%2F%2Fpreview.thewintergroup614.com%2F&ul=de-de&de=UTF-8&dt=Engel%20%26%20Volkers%20Real%20Estate%20Advisors%20%7C%20Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1959398454&gjid=227205211&cid=1694213320.1717924721&tid=UA-261203109-1&_gid=1069267679.1717924721&_r=1&_slc=1&gtm=45He4650n81NQQV6RLv9105110258za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1330584146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 09:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://preview.thewintergroup614.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=kli2qgk&ht=tk&f=36647.36648.36649.36650.36651.36652.36653.36654.36669.36670.36671.36672.36673.36674.36675.36676.36677.36678.36709.36710.36711.36712.36713.36714.36715.36716.36717.36718&a=86852727&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kli2qgk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2808 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=jbv8hkz&ht=tk&f=53893&a=86967615&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/jbv8hkz.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2808 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:40 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
351103335099414
connect.facebook.net/signals/config/ 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/351103335099414?v=2.9.157&r=stable&domain=preview.thewintergroup614.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c356f3b1bd12901959adf33efd8c3670bdd6ded07cbdf0f8b04d4100f347a0f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 09:18:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=62, mss=1368, tbw=63481, tp=-1, tpl=-1, uplat=180, ullat=0
pragma
public
x-fb-debug
XwGnsFLJ/4eEDfbSz7XnzX1wdZ2+/7rI/w+2W+T+h45KFhIIjzcqkaqLpkjX3flfndBt7nC6RZnJp29duEGfCQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-261203109-1&cid=1694213320.1717924721&jid=1959398454&gjid=227205211&_gid=1069267679.1717924721&npa=1&_u=YEBAAEAAAAAAACAAI~&z=957593472
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 09 Jun 2024 09:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://preview.thewintergroup614.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/MZYXGMBZMZBARPCFZGBNNM/JFTN25RGPFA2FDKP6QSA5J/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
HTTP/1.1
Server
2600:9000:25a2:2a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://preview.thewintergroup614.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Sat, 08 Jun 2024 21:00:32 GMT
Via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
Age
44290
X-Amz-Cf-Pop
ZRH55-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
rSzGumbPL0jJaJLzMv6HBHRovKoGhCoKTSx7S_LCgC2MadpQ-MrGig==

Redirect headers

Date
Sun, 09 Jun 2024 09:18:40 GMT
Via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
ZRH55-P1
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Cache
Error from cloudfront
X-Amz-Cf-Id
40yPbaFfmgAPbSmVA-ldcA6cFEd62UBNqJmyxVhoXNHUZlHsrUd9Mg==
index.js
s.adroll.com/j/pre/MZYXGMBZMZBARPCFZGBNNM/JFTN25RGPFA2FDKP6QSA5J/ 		0
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/MZYXGMBZMZBARPCFZGBNNM/JFTN25RGPFA2FDKP6QSA5J/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:2a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 09:18:42 GMT
X-Amz-Version-Id
H42XXksjX9nLnwdy_pvtDAeOnr0csYIW
Via
1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
ZRH55-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Sat, 08 Jun 2024 12:06:49 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
A3SEwnbBfj__SX0HFoTfZQP5xeosaqTxVrhPnHdGGRBhcKk4fgCH0w==
collect
region1.google-analytics.com/g/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BDL4JSCW0B&gtm=45je4650v9105117807z89105110258za200zb9105110258&_p=1717924720476&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1694213320.1717924721&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717924720&sct=1&seg=0&dl=https%3A%2F%2Fpreview.thewintergroup614.com%2F&dt=Engel%20%26%20Volkers%20Real%20Estate%20Advisors%20%7C%20Home%20Page&en=page_view&_fv=1&_ss=1&tfd=1267
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BDL4JSCW0B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 09:18:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://preview.thewintergroup614.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
use.typekit.net/af/45ecb0/00000000000000007735a7e3/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/45ecb0/00000000000000007735a7e3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kli2qgk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2850 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2a02f51fda5ac7f886cdffd5aaecc963378e4e5e94d21b929edc1d2269b1d23b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/kli2qgk.css
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
server
nginx
etag
"0deb44dc0d135b671f09b6d9211456cb5443512c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22676
l
use.typekit.net/af/7a6b5e/00000000000000007750b303/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7a6b5e/00000000000000007750b303/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/jbv8hkz.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2850 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cfe6c4bdad523c6979d4c6ccab09be96523ead1f00f02572270be199442967d0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/jbv8hkz.css
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
server
nginx
etag
"098c4fad58325165e60d092b274442ab3265c0d8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25552
l
use.typekit.net/af/bec058/00000000000000007735a804/30/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bec058/00000000000000007735a804/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kli2qgk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2850 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fc9c740a3c316426618188f0b3ae425abb2fd91e1ac587b26455245104a09611

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/kli2qgk.css
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
server
nginx
etag
"c3b19e1556509e5b5820780c84e066241b8c3740"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23948
l
use.typekit.net/af/2faad1/00000000000000007735a7dd/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2faad1/00000000000000007735a7dd/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kli2qgk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2850 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1e8129d14cce0ab7c70599099d5643b877fb9e48369705c4bbbb2ce96f3bc7d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/kli2qgk.css
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
server
nginx
etag
"5ea7180ca8d6489d0dbbd123a4f8f482c469bca3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22644
l
use.typekit.net/af/68c09b/00000000000000007735a80a/30/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/68c09b/00000000000000007735a80a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kli2qgk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2850 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dc1962b260e67b977cfb837227649ee604c25828c26571e2ac724681209d67ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/kli2qgk.css
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
server
nginx
etag
"f20bae46d06775aaa6ec4801faffa044b25b4bf3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22808
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		319 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
5999c16808ac9f25eb29221bcad6b3b0ada90b9c6bc9f07264acd8d196317b23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 09 Jun 2024 09:18:40 GMT
content-md5
YGfrEsbhO//QMpSxc5PsUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92834
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4604, tp=11, tpl=0, uplat=1, ullat=-1
x-fb-debug
FwOx1xzgyygBuRzMUL87CQ3x8q17KnVsfjoAJxbdJLuh46aDMv8i3qRJ6SQaAGfcNmF3GaJ/EaN+QcbYVzRAQA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
fa227d1214bb17cbb48922e6e096712c
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"4dc669a5293a35c450c04225bdce9228"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 09 Jun 2024 09:21:56 GMT
44.bundle.f632d02e444aa0c12f98.js
preview.thewintergroup614.com/assets/js/ 		212 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/44.bundle.f632d02e444aa0c12f98.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5ea5600f37f93ff63265d256739329ea78711e565de0f4cfeb39f807945636
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:17 GMT
server
cloudflare
etag
"d4-61981bc136375-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8910092258469739-FRA
content-length
177
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
42.bundle.a09c37bfc69b1c177e5f.js
preview.thewintergroup614.com/assets/js/ 		309 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/42.bundle.a09c37bfc69b1c177e5f.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d560bdc5e6ed16b9c60a3c6f5b8784baa079a57ca3e9931586c8994c2cf1630
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:17 GMT
server
cloudflare
etag
"135-61981bc1259d5-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8910092258489739-FRA
content-length
237
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
33.bundle.4a1d7439a2076be43669.js
preview.thewintergroup614.com/assets/js/ 		678 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/33.bundle.4a1d7439a2076be43669.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9837ee61aa7c0da33443bb51993f756a085378fe0fc68e80308b189aaa45abb5
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:16 GMT
server
cloudflare
etag
"2a6-61981bc0d0a74-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8910092258499739-FRA
content-length
357
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
11.bundle.7ba0e896700ec73dee92.js
preview.thewintergroup614.com/assets/js/ 		1 KB
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/11.bundle.7ba0e896700ec73dee92.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063bbea570ed48b88a74acd10393fdcfce145ed5cbf12919f06817939b7c5857
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:42 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:15 GMT
server
cloudflare
etag
"484-61981bc013333-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89100922584b9739-FRA
content-length
463
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:42 GMT
10.bundle.0e1b3cb92292254253ee.js
preview.thewintergroup614.com/assets/js/ 		2 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/10.bundle.0e1b3cb92292254253ee.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f271dc6764fd62a059b6860d974b54482f2896bddd931d875c45bb240469bcb
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:15 GMT
server
cloudflare
etag
"91d-61981bc0048d3-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89100922584c9739-FRA
content-length
843
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
25.bundle.ee25189381171cb290ec.js
preview.thewintergroup614.com/assets/js/ 		867 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/25.bundle.ee25189381171cb290ec.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e0398ed35d36fa323f6acf11c5c0b4b23277715a16ddb04ae0f71ced5eb7957
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:42 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:16 GMT
server
cloudflare
etag
"363-61981bc08d454-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
89100922584d9739-FRA
content-length
464
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:42 GMT
30.bundle.dd6ffeec29e7475d1f22.js
preview.thewintergroup614.com/assets/js/ 		338 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/30.bundle.dd6ffeec29e7475d1f22.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c53a1275062ff946bd07bac47447a736d541f1e1f3d3cea0ab6d4b82d8407b4
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:16 GMT
server
cloudflare
etag
"152-61981bc0c00d4-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8910092258519739-FRA
content-length
245
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
8.bundle.c528b00a6b03e2d64df8.js
preview.thewintergroup614.com/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://preview.thewintergroup614.com/assets/js/8.bundle.c528b00a6b03e2d64df8.js
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/assets/js/bundle.afe665f64fe4b58dbd99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:2c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d532cf918f6ac4eaeb9909c1cf1be8446f69fd3f6b507dce89c2b700552dd84e
Security Headers
Name Value
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
strict-transport-security
max-age=15769000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 28 May 2024 11:14:17 GMT
server
cloudflare
etag
"910-61981bc16edb5-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8910092258549739-FRA
content-length
1019
x-xss-protection
1; mode=block
expires
Sun, 09 Jun 2024 13:18:41 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-261203109-1&cid=1694213320.1717924721&jid=1959398454&npa=1&_u=YEBAAEAAAAAAACAAI~&z=987442204
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-261203109-1&cid=1694213320.1717924721&jid=1959398454&npa=1&_u=YEBAAEAAAAAAACAAI~&z=987442204
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 09:18:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"14a08198ec7d1eb96d515362293fed36"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBxlJr1wOqwxpo%2BTBt8L2AJGkKSpXn%2Fc4mbfKzaNe8WhSSoDKLmTWXjk%2FPBulB7RNTSMEguvAIex2P1uvKXbuVUdl4LhUlwnWJWcnY2F9MSZf8o8V3g0LadBl3%2FzP7YXGCvstC3rGa36mxZ6YBzU%2BouV"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
89100922686b2bf8-FRA
alt-svc
h3=":443"; ma=86400
content-length
67400
fa-brands-400.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin
https://preview.thewintergroup614.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"48461ea4e797c9774dabb4a0440d2f56"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ElkBZEpgaV3yR71Zh9f0cWgFPnBp0q18fqBwih11GZozZIskQ5tOXkLR7pzqJj2ia3cG7HzeUF9MXMDD%2Fa8irtV9DubxPyuX8V2ssq7XWLgxSu%2FjktkMQA6UatcEc%2FQrP7MYWooFwHXUVtuw%2FNchsBJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
89100922686c2bf8-FRA
alt-svc
h3=":443"; ma=86400
content-length
65316
MZYXGMBZMZBARPCFZGBNNM
d.adroll.com/consent/check/ 		492 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/MZYXGMBZMZBARPCFZGBNNM?pv=94289069590.88696&arrfrr=https%3A%2F%2Fpreview.thewintergroup614.com%2F&_s=137e225678cb9c05144afa831649ee6d&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:9297:b64d:a588:fbec Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
016c7607984f3de37579137f756ca4b1627a971aea7603a6a01fe799467cb9a6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:41 GMT
server
nginx/1.22.1
content-length
492
content-type
application/javascript
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=351103335099414&ev=PageView&dl=https%3A%2F%2Fpreview.thewintergroup614.com%2F&rl=&if=false&ts=1717924721112&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717924721111.177155119915547753&ler=empty&cdl=API_unavailable&it=1717924720913&coo=false&rqm=GET
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 09 Jun 2024 09:18:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=351103335099414&ev=PageView&dl=https%3A%2F%2Fpreview.thewintergroup614.com%2F&rl=&if=false&ts=1717924721112&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717924721111.177155119915547753&ler=empty&cdl=API_unavailable&it=1717924720913&coo=false&rqm=FGET
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc0aea31d388fd9cc","source_keys":["1","2"]},{"key_piece":"0x05d00c77dc32f4cb","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 09 Jun 2024 09:18:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=3090, tp=-1, tpl=-1, uplat=109, ullat=0
pragma
no-cache
x-fb-debug
Chd7IRhYpmT3tZEAJ4BDYbogLg3/1tij5RRAjdeimmYo0WqCrihXdrNhw5ZoUz64HpKoPNGJxrPmaiVniiS3DQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1411729950&t=pageview&_s=1&dl=https%3A%2F%2Fpreview.thewintergroup614.com%2F&ul=de-de&de=UTF-8&dt=Engel%20%26%20Volkers%20Real%20Estate%20Advisors%20%7C%20Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1694213320.1717924721&tid=UA-261203109-1&_gid=1069267679.1717924721&gtm=45He4650n81NQQV6RLv9105110258za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=1318403707
Requested by
Host: preview.thewintergroup614.com
URL: https://preview.thewintergroup614.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 02:59:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22759
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Group%201.png
api.curaytor.io/sites/2870/media/2170370/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://api.curaytor.io/sites/2870/media/2170370/Group%201.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.85.173.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-85-173-131.compute-1.amazonaws.com
Software
nginx /
Resource Hash
09449f9b25bbc48f3f90041598aea3e32e9137e6f154899bc49e53da31a8744b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://preview.thewintergroup614.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:18:42 GMT
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=&subset=

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| gaplugins object| gaGlobal object| gaData string| adroll_sid object| __adroll_consent_data object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback function| onYouTubeIframeAPIReady function| fbAsyncInit object| WebComponents object| webpackJsonp object| __SENTRY__ function| Cookies object| FB boolean| fbLoaded object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country

6 Cookies

Domain/Path Name / Value
.thewintergroup614.com/ Name: _gcl_au
Value: 1.1.1643495501.1717924721
.thewintergroup614.com/ Name: _gid
Value: GA1.2.1069267679.1717924721
.thewintergroup614.com/ Name: _gat_UA-261203109-1
Value: 1
.thewintergroup614.com/ Name: _ga_BDL4JSCW0B
Value: GS1.1.1717924720.1.0.1717924720.0.0.0
.thewintergroup614.com/ Name: _fbp
Value: fb.1.1717924721111.177155119915547753
.thewintergroup614.com/ Name: _ga
Value: GA1.2.1694213320.1717924721

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors managestage.thewintergroup614.com manage.thewintergroup614.com base.curaytor.com base-staging.curaytor.io;
Strict-Transport-Security max-age=15769000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options "allow-from base-staging.curaytor.io"
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.curaytor.io
connect.facebook.net
d.adroll.com
fonts.googleapis.com
p.typekit.net
preview.thewintergroup614.com
region1.google-analytics.com
s.adroll.com
stats.g.doubleclick.net
unpkg.com
use.fontawesome.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
fonts.googleapis.com
142.250.184.196
142.250.185.131
142.250.185.142
157.240.0.6
2001:4860:4802:34::36
2600:9000:25a2:2a00:6:9280:1080:93a1
2606:4700:3037::ac43:8ef5
2606:4700::6811:f8cb
2606:4700::6812:2c8
2a00:1450:4001:810::200e
2a00:1450:4001:81d::2008
2a00:1450:400c:c09::9d
2a02:26f0:3100::1735:2808
2a02:26f0:3100::1735:2850
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:cc3:fe04:9297:b64d:a588:fbec
3.85.173.131
016c7607984f3de37579137f756ca4b1627a971aea7603a6a01fe799467cb9a6
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
063bbea570ed48b88a74acd10393fdcfce145ed5cbf12919f06817939b7c5857
09449f9b25bbc48f3f90041598aea3e32e9137e6f154899bc49e53da31a8744b
1b5ea5600f37f93ff63265d256739329ea78711e565de0f4cfeb39f807945636
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c356f3b1bd12901959adf33efd8c3670bdd6ded07cbdf0f8b04d4100f347a0f
1c53a1275062ff946bd07bac47447a736d541f1e1f3d3cea0ab6d4b82d8407b4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a02f51fda5ac7f886cdffd5aaecc963378e4e5e94d21b929edc1d2269b1d23b
5642fb2ff2b8326edd5447803f22035a19aa4c71b77de8e65d8217ed642e886d
5870498c156de2db7b74ab1fd2c9508426185b92fc84c55229029d9d2e296845
58ec787e060765bdce8fb4df91d0b1aa10238d9a2a533e584478b02e5484ced8
5999c16808ac9f25eb29221bcad6b3b0ada90b9c6bc9f07264acd8d196317b23
5b41ea4520ece6e1d7eb5f0a0fa7b61f2dd1796b0410be4c7044b1e86b995c58
5d560bdc5e6ed16b9c60a3c6f5b8784baa079a57ca3e9931586c8994c2cf1630
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
6b40a821d4c7cd6df52216febc76195951b65d052403196329bfd6e7dcac6b9c
768655ce373b808546132f6928f90c707c619df080599856f74077fc4f711e52
789e87b28e1790f7e0d7c0af7b7cae48e8d002e5203fecf455068ddbbfc42757
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8df742bb6f39ebb10e3e7df3750bbf95b143f3c0b48656d5779075a4070c7d57
8f271dc6764fd62a059b6860d974b54482f2896bddd931d875c45bb240469bcb
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
9837ee61aa7c0da33443bb51993f756a085378fe0fc68e80308b189aaa45abb5
9b633a0077aaec8f8a2b8e7bb97374a0a1498a92282425ce60d6024d7f92a2e1
9e0398ed35d36fa323f6acf11c5c0b4b23277715a16ddb04ae0f71ced5eb7957
a1e8129d14cce0ab7c70599099d5643b877fb9e48369705c4bbbb2ce96f3bc7d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b47124558ee17e9ff6ddb99911345838d5cad193ea01569633f9bb3066f4a38a
b8b7cbfba52d9417cc75c9fbc7447c0278bb5b9b5d8115281bb52e425531cfd2
bc397773a547218b8c334f9a40ea8e58f55198fab6095b103e598634fe273450
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
cd374bea8f2cce1e9514e9f9a7af6cd7efbb566a5eea5cda53affc1391ada818
cfe6c4bdad523c6979d4c6ccab09be96523ead1f00f02572270be199442967d0
d532cf918f6ac4eaeb9909c1cf1be8446f69fd3f6b507dce89c2b700552dd84e
dc1962b260e67b977cfb837227649ee604c25828c26571e2ac724681209d67ef
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96087f5446b38d34fbb3bcc99352658eb6db316355638705a8cbfeb50bbf8d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1489ad4c5f6f61d2000367e1adbc453ff2e8dbcf773db5cce2629190b7bc5fa
f2b6f1f5182963fec5899c72be4819fc5b0475cd0f7536d63fd6724274ec984c
fc9c740a3c316426618188f0b3ae425abb2fd91e1ac587b26455245104a09611