www.winutah.com Open in urlscan Pro
64.246.164.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.allinforparkcity.com/
Effective URL:
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Submission: On January 05 via api (January 5th 2025, 12:44:35 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 23 domains to perform 116 HTTP transactions. The main IP is 64.246.164.133, located in United States and belongs to LUNAVI-WA, US. The main domain is www.winutah.com.
TLS certificate: Issued by R10 on October 10th 2024. Valid for: 3 months.

This is the only time www.winutah.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
20	64.246.164.133 64.246.164.133	6295 (LUNAVI-WA) (LUNAVI-WA)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
11	64.246.164.140 64.246.164.140	6295 (LUNAVI-WA) (LUNAVI-WA)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
11	2a02:26f0:350... 2a02:26f0:3500:16::215:1491	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
5	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	3.160.150.74 3.160.150.74	16509 (AMAZON-02) (AMAZON-02)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
3	34.202.96.196 34.202.96.196	14618 (AMAZON-AES) (AMAZON-AES)
1	3.67.48.175 3.67.48.175	16509 (AMAZON-02) (AMAZON-02)
3	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
8	3.94.69.56 3.94.69.56	14618 (AMAZON-AES) (AMAZON-AES)
2	34.192.224.11 34.192.224.11	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.186.31 104.18.186.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.3.52 151.101.3.52	54113 (FASTLY) (FASTLY)
116	36

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.allinforparkcity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 64.246.164.133 (United States)

ASN6295 (LUNAVI-WA, US)
PTR: ipv4-64-246-164-133.greenhousedata.net

www.winutah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
winutah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 64.246.164.140 (United States)

ASN6295 (LUNAVI-WA, US)
PTR: ipv4-64-246-164-140.greenhousedata.net

svc.moxiworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-static.moxiworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:16::215:1491 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-74.fra60.r.cloudfront.net

cdn.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.202.96.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-96-196.compute-1.amazonaws.com

cdn.brytecore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.48.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-48-175.eu-central-1.compute.amazonaws.com

telize-v1.p.rapidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.94.69.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-69-56.compute-1.amazonaws.com

api.brytecore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.224.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-224-11.compute-1.amazonaws.com

chat-api.brytecore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.3.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

i1.moxi.onl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	winutah.com www.winutah.com winutah.com	977 KB
13	brytecore.com cdn.brytecore.com — Cisco Umbrella Rank: 359966 api.brytecore.com — Cisco Umbrella Rank: 257073 chat-api.brytecore.com — Cisco Umbrella Rank: 351146	8 KB
12	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	471 KB
11	moxiworks.com svc.moxiworks.com — Cisco Umbrella Rank: 265116 images-static.moxiworks.com — Cisco Umbrella Rank: 409499	453 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 415 maps.googleapis.com — Cisco Umbrella Rank: 466	306 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com	298 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	992 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	419 B
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	113 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	80 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	325 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	14 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	35 KB
1	moxi.onl i3.moxi.onl Failed i1.moxi.onl — Cisco Umbrella Rank: 500699 i10.moxi.onl Failed	235 KB
1	rapidapi.com telize-v1.p.rapidapi.com — Cisco Umbrella Rank: 428629	727 B
1	funnelytics.io cdn.funnelytics.io — Cisco Umbrella Rank: 78151 track-v2.funnelytics.io Failed	4 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	554 B
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2102	12 KB
1	allinforparkcity.com 1 redirects www.allinforparkcity.com	369 B
0	withgoogle.com Failed csp.withgoogle.com Failed
116	23

	Domain	Requested by
18	www.winutah.com	www.winutah.com ajax.googleapis.com
11	use.typekit.net	www.winutah.com
9	svc.moxiworks.com	www.winutah.com ajax.googleapis.com
8	api.brytecore.com	cdn.brytecore.com
6	maps.googleapis.com	www.winutah.com maps.googleapis.com
5	www.google-analytics.com	www.winutah.com www.google-analytics.com
4	www.facebook.com	www.winutah.com
4	region1.analytics.google.com	www.googletagmanager.com
4	maxcdn.bootstrapcdn.com	www.winutah.com maxcdn.bootstrapcdn.com
3	cdn.brytecore.com	www.winutah.com cdn.brytecore.com
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.winutah.com connect.facebook.net
3	www.googletagmanager.com	www.winutah.com www.google-analytics.com
3	fonts.googleapis.com	www.winutah.com
2	maps.gstatic.com
2	images-static.moxiworks.com
2	chat-api.brytecore.com	cdn.brytecore.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.youtube.com	www.winutah.com ajax.googleapis.com
2	www.google.com	www.winutah.com www.gstatic.com
2	cdn.jsdelivr.net	www.winutah.com cdn.jsdelivr.net
2	winutah.com	www.winutah.com winutah.com
2	cdnjs.cloudflare.com	www.winutah.com
1	i1.moxi.onl
1	p.typekit.net	www.winutah.com
1	telize-v1.p.rapidapi.com	ajax.googleapis.com
1	www.gstatic.com	www.google.com
1	cdn.funnelytics.io	www.winutah.com
1	www.google.de	www.winutah.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	player.vimeo.com	www.winutah.com
1	ajax.googleapis.com	www.winutah.com
1	www.allinforparkcity.com	1 redirects
0	i10.moxi.onl Failed
0	i3.moxi.onl Failed
0	csp.withgoogle.com Failed	www.winutah.com
0	track-v2.funnelytics.io Failed	cdn.funnelytics.io
116	37

This site contains links to these domains. Also see Links.

Domain
windermerefoundation.com
winutah.luxuryportfolio.com
windermererelocation.com
wincre.com
www.facebook.com
www.instagram.com
www.windermere.com
policies.google.com
open.spotify.com
luxuryportfolio.com
www.leadingre.com
winutah.com

Subject Issuer	Validity	Valid
winutah.com R10	`2024-10-10` - `2025-01-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.moxiworks.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-14` - `2025-06-14`	a year	crt.sh
vimeo.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-10` - `2026-01-10`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.de WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-14` - `2025-01-12`	3 months	crt.sh
*.funnelytics.io Amazon RSA 2048 M03	`2024-09-01` - `2025-09-28`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdn.brytecore.com Amazon RSA 2048 M03	`2024-04-19` - `2025-05-19`	a year	crt.sh
*.p.rapidapi.com Amazon RSA 2048 M02	`2024-05-08` - `2025-06-06`	a year	crt.sh
brytecore.com Amazon RSA 2048 M02	`2024-04-21` - `2025-05-20`	a year	crt.sh
chatbot.brytecore.com Amazon RSA 2048 M03	`2024-08-04` - `2025-09-02`	a year	crt.sh
*.moxi.onl Certainly Intermediate R1	`2024-12-22` - `2025-01-21`	a month	crt.sh

This page contains 4 frames:

Primary Page: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Frame ID: BB5D4B346A39F2F3C292B2EB460B2E78
Requests: 108 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Hmv09b-TDro
Frame ID: 7D9DFBBB92DAF76DD1CA2F728D14FF70
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Hmv09b-TDro?wmode=transparent&enablejsapi=1&rel=0
Frame ID: 3FAD8E3BE6A9DA042835CD7C7E513FC6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&co=aHR0cHM6Ly93d3cud2ludXRhaC5jb206NDQz&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=xg5hfffhpoh6
Frame ID: 4F82C7CD3888A61E38D939DDD40F41E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Windermere Real Estate Utah

Page URL History Show full URLs

https://www.allinforparkcity.com/ HTTP 301
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

116
Requests

96 %
HTTPS

36 %
IPv6

23
Domains

37
Subdomains

36
IPs

4
Countries

3386 kB
Transfer

8442 kB
Size

17
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://windermerefoundation.com/
Title: Windermere Foundation

Search URL Search Domain Scan URL

URL: http://winutah.luxuryportfolio.com/
Title: Luxury

Search URL Search Domain Scan URL

URL: https://windermererelocation.com/utah
Title: Utah Relocation

Search URL Search Domain Scan URL

URL: http://wincre.com/
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/windermere.utah/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/windermere.utah/

Search URL Search Domain Scan URL

URL: https://www.windermere.com/agents/landing
Title: Find An Agent

Search URL Search Domain Scan URL

URL: https://www.windermere.com/whatsmyhomeworth
Title: Whats My Home Worth

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/95twpeats2ye8359lybi6kc4e

Search URL Search Domain Scan URL

URL: http://luxuryportfolio.com/

Search URL Search Domain Scan URL

URL: http://www.leadingre.com/

Search URL Search Domain Scan URL

URL: https://winutah.com/files/2018/01/Windermere-Real-Estate-UtahEqualHousing@2x.png

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.allinforparkcity.com/ HTTP 301
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.winutah.com/
Redirect Chain

https://www.allinforparkcity.com/
https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

250 KB
51 KB

519ms
153ms

Document
text/html

64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

1f95309bf4c48a4a71d4a98ceda67bcf65b34be50024f0fb40096aa1ee7994fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 3111
cache-control: private, max-age=0
content-encoding: gzip
content-length: 50981
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 05 Jan 2025 11:52:36 GMT
expires: Sun, 05 Jan 2025 12:00:06 GMT
last-modified: Sun, 05 Jan 2025 11:28:57 GMT
link: <https://www.winutah.com/wp-json/>; rel="https://api.w.org/" <https://www.winutah.com/wp-json/wp/v2/pages/2195>; rel="alternate"; type="application/json" <https://www.winutah.com/>; rel=shortlink
server: Apache
strict-transport-security: max-age=31536000
v-backend: agent13-pr
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.5)
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
x-proxy: haproxy23-pr
x-renderedpage: true
x-varnish: 206670089 203719024

Redirect headers

Connection: close
Content-Length: 123
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Jan 2025 12:44:27 GMT
Location: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Server: ip-100-74-4-68.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 802d694e-6fb6-4e26-aa19-24b6897497a3

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 236ms
200ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,600&display=swap

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a0cc99682552d20a8d475814629c3a84f72a596e13a9005f8ad8338b8dffa13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 12:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 05 Jan 2025 12:44:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 65ms
13ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
age: 183
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 14:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 393 KB
129 KB 104ms
53ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8be62cd3cbecfdbeb9c1d200f4c9f25fa322e6f7b434738bcb90df0e0d7c942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 05 Jan 2025 12:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 131357
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 foundation-icons.woff
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 31 KB
32 KB 78ms
29ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.woff

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e66-7d14"
age: 800770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5Rg5Vx8ysN8NyfECZcQX5BgISZBOqE97nbGkDkbOH1VaPyRGnadMrIzm55F7oLccoCadX38H4VbAOsCSuhj3jqKnLW7hExEpVAAHSvwzgh685vlsgyNmnaabS5xEpY0codMG7yZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 26 Dec 2025 12:44:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:14 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8fd38f54fc632bba-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31590
server: cloudflare

GET 0a355b10-0a09-456b-8e09-0393571f51f0
https://www.winutah.com/ Frame 0
0

GET
H/1.1 200
OK dashicons.min.css
www.winutah.com/wp-includes/css/ 58 KB
35 KB 308ms
159ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-includes/css/dashicons.min.css?ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
age: 0
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 12:44:28 GMT
x-varnish: 56066174
date: Sun, 05 Jan 2025 12:44:28 GMT
last-modified: Thu, 19 Dec 2024 18:29:09 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35730
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK minify-b-imgmap_style-2715d976365b511209160fd6cff36e7b.css
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 456 KB
87 KB 447ms
149ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-imgmap_style-2715d976365b511209160fd6cff36e7b.css?ver=A.3.49.20241218.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

85a0a37e677b5386667a97230cc583313b74bb70a7a1d616f2ce5729bbf04085

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
age: 19894
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 07:12:53 GMT
x-varnish: 54855035 262270
date: Sun, 05 Jan 2025 07:12:53 GMT
last-modified: Thu, 19 Dec 2024 18:59:27 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 88339
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK style.css
winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/ 21 KB
4 KB 483ms
153ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.2

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

6d57d9de75cb4a832e81ababd248d04ce41d448575d88082e9d87671ae0ba5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

v-backend: agent12-pr
content-encoding: gzip
age: 15638
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 08:23:49 GMT
x-varnish: 52495698 9863341
date: Sun, 05 Jan 2025 08:23:49 GMT
last-modified: Mon, 29 Jul 2024 03:24:25 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3412
x-proxy: haproxy23-pr
server: Apache

GET
H3 200 foundation-icons.css
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 19 KB
3 KB 69ms
22ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css?ver=2.7.3.2

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e66-4c34"
age: 470499
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ul%2FEqm7YYDvdXOvvZ8b0CoCPbq833vUkkCdEmtqfR88xn%2FdvtmxiwJOnKwJUTKHi0vu471Ugm2p1SD6KfGnduiq86VDSgLVnewJUP6SOpyfHe31A3GndNzOjzFaHZBiGFNRDFkbf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 26 Dec 2025 12:44:28 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:14 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8fd38f54fd07193c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2855
server: cloudflare

GET
H/1.1 200
OK 2195-layout.css
www.winutah.com/files/bb-plugin/cache/ 74 KB
10 KB 510ms
210ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/2195-layout.css?ver=b7c9db9136a0b87108c05a579716e1f6

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

653cfe0393d050fcbe2df90f6a5c62aa4c26fa0fe7327f695df4d195479713b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
content-encoding: gzip
etag: "2d59ef225481e8ff38c0e30eed06fad5-gzip"
age: 0
x-content-type-options: nosniff
expires: Tue, 07 Mar 2028 22:31:08 GMT
x-varnish: 56066177
date: Sun, 05 Jan 2025 12:44:28 GMT
last-modified: Mon, 02 Dec 2024 18:29:20 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
transfer-encoding: chunked
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-proxy: haproxy23-pr
server: Apache

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
21 KB 77ms
29ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: W/"385b964b68acb68d23cb43a5218fade9"
age: 538539
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 05 Jan 2025 12:44:28 GMT
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 12:56:56
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9328f622a901a77edef51a75a3b2e7ce
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8fd38f54fa2c8f2e-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1055
server: cloudflare
cdn-requestcountrycode: DE

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 73ms
25ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "269550530cc127b6aa5a35925a7de6ce"
age: 291565
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 05 Jan 2025 12:44:28 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 10/17/2024 22:45:09
cdn-requestpullcode: 200
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2231e7405a3a628ccd2b5a09f1d9c307
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8fd38f54fa2b8f2e-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1078
server: cloudflare
cdn-requestcountrycode: DE

GET
H2 200 project-vitruvius-icons.min.css
cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/ 4 KB
2 KB 72ms
23ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/project-vitruvius-icons.min.css

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea9b430678365f31ebe9d2e17f841a1b9d1eba39765029b437a868f8d97b1080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"ee0-UDdmY3iQg1jsYRjjBrpjwMtt8hU"
age: 556574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Flo8lCVercK3vMZ9KY6itlWrnKaD5hsQXzjW%2FfR6SK%2FBAxCDTCciKf8jCkltdEalZ9%2Fu1cz%2BgatANMbkO9E1%2BMOfwGr%2FPhSv4ikxAc66JuUTEZEgQEQ2uqjZC3W0G2WNXeuuiPcSbrtSGAX8Gr0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220141-FRA, cache-lga21932-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8fd38f54fae4381c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 943
server: cloudflare
x-jsd-version: 0.0.21

GET
H2 200 css
fonts.googleapis.com/ 2 KB
656 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A500&ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66a02a33df473ee1fa6a74cc1ab6638e44fe460d3ff953ccb9c78f4db49f403e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 12:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 05 Jan 2025 12:33:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 61ms
14ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
age: 444614
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 09:14:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 09:14:14 GMT
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30462
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
9 KB 21ms
20ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js?ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "abda843684d022f3bc22bc83927fe05f"
age: 3495151
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 05 Jan 2025 12:44:28 GMT
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 11/04/2024 06:39:55
cdn-requestpullcode: 200
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3cb09db7cb3d3aea798c9247464dd36b
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.06
cf-ray: 8fd38f58ad7d8f2e-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1055
server: cloudflare
cdn-requestcountrycode: DE

GET
H/1.1 200
OK jquery.iframelogin.min.js Show response
svc.moxiworks.com/service/v1/auth/javascripts/iframelogin/ 40 KB
40 KB 853ms
177ms Script
application/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://svc.moxiworks.com/service/v1/auth/javascripts/iframelogin/jquery.iframelogin.min.js?ver=A.3.49.20241218.0.b
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: 793952039d38075b96dfd76c5cb10a4d67a7120c9dfe3c5617c0d62be3e5e7f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "669564f5-9e38"
x-app-server: wms_svc_auth/internal-k8s
accept-ranges: bytes
content-length: 40504
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: application/javascript
last-modified: Mon, 15 Jul 2024 18:05:41 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H/1.1 200
OK minify-b-utils-51ee1daff9e29c5413783d37b6e8c44c.js Show response
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 376 KB
108 KB 156ms
156ms Script
application/x-javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-utils-51ee1daff9e29c5413783d37b6e8c44c.js?ver=A.3.49.20241218.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

634c29f0b8765a21d56727eaeb9d2d04fef137f47daa3931ad184b1c495c027b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent12-pr
content-encoding: gzip
age: 16545
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 08:08:43 GMT
x-varnish: 211322052 163709138
date: Sun, 05 Jan 2025 08:08:43 GMT
last-modified: Thu, 19 Dec 2024 18:57:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 110562
x-proxy: haproxy23-pr
server: Apache

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
434 B 20ms
19ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=359723985&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&ul=de-de&de=UTF-8&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1515799715&gjid=1099967261&cid=1679500016.1736081068&tid=UA-384279-8&_gid=435834809.1736081068&_r=1&_slc=1&z=1142754263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

403b621795be0d3dbbe618ce35500056cbbd0e47975c22532f7370678ba4126c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:28 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
73 B 20ms
19ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=359723985&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&ul=de-de&de=UTF-8&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAAABAAAAACAAI~&jid=702533230&gjid=1966762448&cid=1679500016.1736081068&tid=UA-70345609-1&_gid=435834809.1736081068&_r=1&_slc=1&z=291788219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:28 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 378 KB
125 KB 119ms
116ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6ZBCNN3B8&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

083cb87fc0a83eae38b7155d44c547b321ebc83a38d6190fc354c63d9f19b44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 05 Jan 2025 12:44:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 128082
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 446ms
157ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js?ver=1.0

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 0
x-backend-server: player-backend-edge-entry
expires: Sun, 05 Jan 2025 08:14:29 GMT
x-player-backend: g
x-cache: MISS
Date: Sun, 05 Jan 2025 12:44:29 GMT
Content-Type: application/javascript;charset=utf-8
x-bapp-server
x-served-by: cache-fra-eddf8230085-FRA
x-cache-hits: 0
vary: Origin, Referer, Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Cache-Control: max-age=1800
x-timer: S1736081069.359583,VS0,VE126
Connection: keep-alive
via: 1.1 varnish
CF-RAY: 8fd38f5b6e972bbb-FRA
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 11437
Server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
992 B 122ms
103ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&ver=A.3.49.20241218.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

ESF /

Resource Hash

08f99e7e6a3abc3d4cb195ab43c13c8de151f42c72e877846d1513efd3aa0ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 12:44:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 05 Jan 2025 12:44:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 384 KB
120 KB 335ms
49ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241218.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d07b9b24ebb07dbaa28febf9c5c0f77fa97fd30c7bd408177ce13267599a8210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 620287f3
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122985
date: Sun, 05 Jan 2025 12:44:29 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK minify-b-jquery.jsonp-bd50c5acd31882dc4ebadfd50bc5eb9c.js Show response
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 191 KB
47 KB 157ms
155ms Script
application/x-javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-jquery.jsonp-bd50c5acd31882dc4ebadfd50bc5eb9c.js?ver=A.3.49.20241218.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

329174abb95b8434fb36bf265869bf8a53c0ddc18d64d8f75e65e7ed4832bb4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
content-encoding: gzip
age: 16424
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 08:10:44 GMT
x-varnish: 213353101 163611127
date: Sun, 05 Jan 2025 08:10:44 GMT
last-modified: Thu, 19 Dec 2024 18:54:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 47809
x-proxy: haproxy23-pr
server: Apache

GET
H2 200 bzd3nzl.js Show response
use.typekit.net/ 20 KB
7 KB 469ms
419ms Script
text/javascript 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bzd3nzl.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

29ae54c93f2a0652cbf646b4dc5ae5ac4b73e54446a70d03d45d1651e082bfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 7001
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H/1.1 200
OK Windermere-Real-Estate-Utah-Corona-AIFY@2x.png
www.winutah.com/files/2020/03/ 5 KB
6 KB 310ms
153ms Image
image/png 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2020/03/Windermere-Real-Estate-Utah-Corona-AIFY@2x.png

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

8374f1d6c1968c1456cc9ad256a7714f5c327ceee91fa4adc5fbcbac47000ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
etag: "9fc0d484b395b0661f24bd2b0c9cdefa"
age: 86768
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Mon, 06 Mar 2028 22:25:00 GMT
x-varnish: 211322048 34407320
accept-ranges: bytes
content-length: 5469
date: Sat, 04 Jan 2025 12:38:19 GMT
last-modified: Sat, 28 Mar 2020 00:35:33 GMT
content-type: image/png
server: Apache
x-proxy: haproxy23-pr

GET
H/1.1 200
OK minify-b-searchlistingcard-style-2cd9f1ebfe4e5c41a35a6fc1d732aebe.css
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 9 KB
3 KB 308ms
152ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-searchlistingcard-style-2cd9f1ebfe4e5c41a35a6fc1d732aebe.css?ver=A.3.49.20241218.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

b0af20e084d37ac0a3a46c11624f67f32b2426eacbe17732e842ec03fcc2957e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
age: 18748
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 07:32:00 GMT
x-varnish: 211322049 159941330
date: Sun, 05 Jan 2025 07:32:00 GMT
last-modified: Thu, 19 Dec 2024 18:47:45 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 2246
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK 10505-layout-partial.css
www.winutah.com/files/bb-plugin/cache/ 27 KB
4 KB 453ms
150ms Stylesheet
text/css 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/10505-layout-partial.css?ver=e93af9bf106636c2cbe91ff05933cbac

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

cd6e005c24840c65da9b4c49fa81ff6ab0bc1c485fda4a1a338c0436574d8e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
etag: "744010bb1fb8317ba33928f33808b918-gzip"
age: 86768
x-content-type-options: nosniff
expires: Mon, 06 Mar 2028 22:25:00 GMT
x-varnish: 213942819 33391881
date: Sat, 04 Jan 2025 12:38:20 GMT
last-modified: Mon, 02 Dec 2024 18:30:19 GMT
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 3919
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK minify-b-jquery-ui-core-92f54398acaeb2f89b60f11476e454cd.js Show response
www.winutah.com/wp-content/plugins/bwp-minify/cache/ 667 KB
187 KB 159ms
158ms Script
application/x-javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-jquery-ui-core-92f54398acaeb2f89b60f11476e454cd.js?ver=A.3.49.20241218.0.b

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

5275d1f3e5f35d1e1a592af7fe987c969b0dcbd45a59244d6b36486c331682ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
age: 0
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 12:44:29 GMT
x-varnish: 56066182
date: Sun, 05 Jan 2025 12:44:29 GMT
last-modified: Thu, 19 Dec 2024 19:00:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=86400
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 190774
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK 2195-layout.js Show response
www.winutah.com/files/bb-plugin/cache/ 35 KB
10 KB 157ms
156ms Script
application/javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/2195-layout.js?ver=e97ca7481436331c130fe91838ad826d

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

780ade59401f9e89e78a1e7e418b9e08bd3cd34d5e0930da5b8e9947fbf964a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
content-encoding: gzip
etag: "522ee733f30dc86c0d68a7a743692131-gzip"
age: 94739
x-content-type-options: nosniff
expires: Mon, 06 Mar 2028 20:12:09 GMT
x-varnish: 213942821 18514748
date: Sat, 04 Jan 2025 10:25:29 GMT
last-modified: Mon, 02 Dec 2024 18:29:21 GMT
vary: Accept-Encoding
content-type: application/javascript
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 9211
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK 10505-layout-partial.js Show response
www.winutah.com/files/bb-plugin/cache/ 11 KB
3 KB 153ms
151ms Script
application/javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/files/bb-plugin/cache/10505-layout-partial.js?ver=e93af9bf106636c2cbe91ff05933cbac

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

6c2218f5e0401c9115efcdc3a5b57993e596d85d173317a18ed06425135d3cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
content-encoding: gzip
etag: "744010bb1fb8317ba33928f33808b918-gzip"
age: 15457
x-content-type-options: nosniff
expires: Tue, 07 Mar 2028 18:13:31 GMT
x-varnish: 50399037 7144841
date: Sun, 05 Jan 2025 08:26:51 GMT
last-modified: Mon, 02 Dec 2024 18:30:19 GMT
vary: Accept-Encoding
content-type: application/javascript
x-app-server: varnish_agent_sites/agent-varnish22-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 3038
x-proxy: haproxy23-pr
server: Apache

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 53ms
17ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4cc1v881128847za200&_p=1736081068261&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1679500016.1736081068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736081068&sct=1&seg=0&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1237
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 73ms
20ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M4R9KTHP2J&cid=1679500016.1736081068&gtm=45je4cc1v881128847za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:28 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 118ms
101ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M4R9KTHP2J&cid=1679500016.1736081068&gtm=45je4cc1v881128847za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2009315705

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 05 Jan 2025 12:44:29 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 css2
fonts.googleapis.com/ 1 KB
516 B 17ms
16ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:wght@600&display=swap

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-imgmap_style-2715d976365b511209160fd6cff36e7b.css?ver=A.3.49.20241218.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

ESF /

Resource Hash

1318a5da23d26c27b42ac11542124270429e0bb06eb20b1cf596d956bdf85504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 12:44:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 05 Jan 2025 12:44:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 198 KB
71 KB 115ms
114ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QLW2VK

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

987879a0fdc984b8d62b0fea39aa49ce25a4cfcce944c7c62dd6068299d71096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 05 Jan 2025 12:44:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 05 Jan 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 72531
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 172ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-O1mNoAL0' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-O1mNoAL0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=23, mss=1232, tbw=4668, tp=12, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: /RCDag6/nIBFbRcN8gtvfTDvzC2UZrzZOSmzLnODnl/4r+Mh6ggP0HYTLJmuVH0U6LJvoP/4MWyHNEwEu05UQg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62279
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 16ms
12ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4cc1v881128847za200&_p=1736081068261&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1679500016.1736081068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1736081068&sct=1&seg=0&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=scroll&epn.percent_scrolled=90&_et=5&tfd=1849
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 track.js Show response
cdn.funnelytics.io/ 14 KB
4 KB 618ms
453ms Script
application/javascript 3.160.150.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.funnelytics.io/track.js
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c4f4fef4854ff47dea38811dba91216b311ca8ed11a0d6f70498586a575c5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache
content-encoding: gzip
etag: W/"ae08e611755c6cdcaf13909504950c2b"
via: 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: DB5cfxbrsalPedOT5rZtsM8tKqcEXDlZ_MWF3uHYoMCiAP2KpVl_KA==
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
vary: accept-encoding

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 122ms
105ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://fonts.googleapis.com/

Response headers

age: 424976
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 14:41:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 14:41:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK Ultimate-Icons.ttf
winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ 92 KB
93 KB 544ms
163ms Font
font/ttf 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j

Requested by

Host: winutah.com
URL: https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

749e9e6c1652b50dde4385d73974f50d699f43ae8def9f78dad63ef837fbf556

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://winutah.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.7.3.2

Response headers

v-backend: agent13-pr
age: 0
x-app-server: varnish_agent_sites/agent-varnish22-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
x-varnish: 56328248
access-control-allow-origin: *
content-length: 94512
date: Sun, 05 Jan 2025 12:44:29 GMT
accept-ranges: bytes
last-modified: Mon, 29 Jul 2024 03:24:25 GMT
content-type: font/ttf
server: Apache
x-proxy: haproxy23-pr

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 212ms
211ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status: 200
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: font/woff2
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 12/15/2024 13:12:06
cdn-cache: HIT
cdn-requestpullcode: 200
priority: u=0,i=?0
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 73c5f914cf6f55bbd5e6d252f869cd5a
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.07
cf-ray: 8fd38f5a4e9fd2ab-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
cdn-edgestorageid: 1233
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 18 KB
18 KB 88ms
87ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A500&ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

0aabcea59f54b9ea215b79f429c8a37e68b83fdf5488204e11b87aada8dde514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://fonts.googleapis.com/

Response headers

age: 444610
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 09:14:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 09:14:19 GMT
last-modified: Wed, 06 Nov 2024 17:30:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18740
x-xss-protection: 0
server: sffe

GET
H3 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v29/ 19 KB
19 KB 89ms
88ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

166ad2077610fb480a48628aef1e5d6b0bf0b94b4b668f34750e20879f366e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://fonts.googleapis.com/

Response headers

age: 97556
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 04 Jan 2026 09:38:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 09:38:33 GMT
last-modified: Wed, 06 Nov 2024 17:30:51 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19284
x-xss-protection: 0
server: sffe

GET
H2 200 Hmv09b-TDro
www.youtube.com/embed/ Frame 7D9D 0
0 337ms
88ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Hmv09b-TDro

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winutah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Jan 2025 12:44:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK Windermere-Real-Estate-Utah-AIFY-TQ@4x.png
www.winutah.com/files/2020/03/ 14 KB
14 KB 261ms
149ms Image
image/png 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2020/03/Windermere-Real-Estate-Utah-AIFY-TQ@4x.png

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

a0555f8770abceb1635fc0b7b98d40341bc57c90b19aac3541c82b61e2ea784a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
etag: "0169f65eeb21548e6e8f8f159d77fdc6"
age: 86768
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Mon, 06 Mar 2028 22:25:00 GMT
x-varnish: 211322055 34407323
accept-ranges: bytes
content-length: 14295
date: Sat, 04 Jan 2025 12:38:20 GMT
last-modified: Sat, 28 Mar 2020 00:37:45 GMT
content-type: image/png
server: Apache
x-proxy: haproxy23-pr

GET
H/1.1 200
OK real-estate-window-shopping-e1525108535445.jpg
www.winutah.com/files/2017/11/ 201 KB
202 KB 223ms
223ms Image
image/jpeg 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2017/11/real-estate-window-shopping-e1525108535445.jpg

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

06c56c7dab8a9289813dc960fdb145f1511f405e3ac66f86cfa3ab4b5f69e82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
etag: "8ddc81b840e2174c4402f5e8de005a9b"
age: 74093
x-app-server: varnish_agent_sites/agent-varnish21-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Tue, 07 Mar 2028 01:56:15 GMT
x-varnish: 211322054 53052373
accept-ranges: bytes
content-length: 206258
date: Sat, 04 Jan 2025 16:09:35 GMT
last-modified: Mon, 30 Apr 2018 17:15:35 GMT
content-type: image/jpeg
server: Apache
x-proxy: haproxy23-pr

GET
H/1.1 200
OK f9514153062f9955_1116-w660-h439-b0-p0-contemporary-living-room.jpg
www.winutah.com/files/2017/11/ 54 KB
54 KB 244ms
244ms Image
image/jpeg 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/files/2017/11/f9514153062f9955_1116-w660-h439-b0-p0-contemporary-living-room.jpg

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

5a453970accd51884836b84c9c949483d1f1246912e6fa315f8f422127cb7d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent13-pr
etag: "aef8bacb26cb70a2a191f619d869fcfc"
age: 0
x-app-server: varnish_agent_sites/agent-varnish22-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Tue, 07 Mar 2028 22:31:09 GMT
x-varnish: 52495703
accept-ranges: bytes
content-length: 54974
date: Sun, 05 Jan 2025 12:44:29 GMT
last-modified: Fri, 17 Nov 2017 19:26:05 GMT
content-type: image/jpeg
server: Apache
x-proxy: haproxy23-pr

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 20ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R6ZBCNN3B8&gtm=45je4cc1v9135638518za200&_p=1736081068261&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=de-de&sr=1600x1200&cid=1679500016.1736081068&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sid=1736081069&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2051
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6ZBCNN3B8&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 495682720814542 Show response
connect.facebook.net/signals/config/ 78 KB
16 KB 599ms
599ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/495682720814542?v=2.9.179&r=stable&domain=www.winutah.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

2b6928b6424a4deaf79a186256a973a8304fd84018cc600a918f662d54193bbf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-pxlrsMWH' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 12:44:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-pxlrsMWH' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=71, mss=1232, tbw=70684, tp=68, tpl=0, uplat=587, ullat=0
pragma: public
x-fb-debug: BDdzmdLYl6/kZr7JIOJZXTSvlAln77iw/BJw3wwHOmI/bJI16/cJQVMKJC/oqRvAESfDuQXvFq9Fcgt7sSzgyA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST sessions
track-v2.funnelytics.io/ 0
0

GET
H3 200 489248118754364 Show response
connect.facebook.net/signals/config/ 30 KB
4 KB 328ms
328ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489248118754364?v=2.9.179&r=stable&domain=www.winutah.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C135%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C127%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

8d23d0c4641e71342a5b215bce880f1c986e469fefe0c3c64352302fc839c799

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-biCfSf9W' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-biCfSf9W' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=85, mss=1232, tbw=87724, tp=85, tpl=0, uplat=249, ullat=0
pragma: public
x-fb-debug: wAMzws9jR411MjRCZ5lBu14SAIegjUoN/gh7BMFhyvYjVwwOdt1o3RhtYR+HUsmPuior+UnDkSnukgK9kLPS5Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 92ms
8ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495682720814542&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1736081070082&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1736081070081.23234415948736271&cs_est=true&ler=empty&cdl=API_unavailable&it=1736081069370&coo=false&rqm=GET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4526, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 285ms
202ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495682720814542&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1736081070082&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1736081070081.23234415948736271&cs_est=true&ler=empty&cdl=API_unavailable&it=1736081069370&coo=false&rqm=FGET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7456411419137893870"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Av9ukIE1evTwPCdzg7orv/3wyAba1m3hI3NHZI32YXJ+3dhHBRBEdvXkkowLcaVm0C1trr0Dwb3fJrYx2yUoMQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7456411419137893870", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4894, tp=13, tpl=0, uplat=183, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 549 KB
218 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&ver=A.3.49.20241218.0.b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

content-encoding: gzip
age: 68179
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 04 Jan 2026 17:48:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 17:48:11 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222469
x-xss-protection: 0
server: sffe

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 36ms
21ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241218.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.winutah.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Sun, 05 Jan 2025 12:44:30 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK brytescore.min.js Show response
cdn.brytecore.com/brytescore.js/ 14 KB
5 KB 650ms
95ms Script
application/javascript 34.202.96.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.brytecore.com/brytescore.js/brytescore.min.js

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/wp-content/plugins/bwp-minify/cache/minify-b-jquery-ui-core-92f54398acaeb2f89b60f11476e454cd.js?ver=A.3.49.20241218.0.b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.96.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-96-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

35a8950d8d20ff8c89da0b12595a7da152cb007996ab6b557f16f0c5c63d4d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

Strict-Transport-Security: max-age=15768000
Cache-Control: max-age=43200
Content-Encoding: gzip
ETag: W/"66bce851-3914"
Pragma: public
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Mon, 06 Jan 2025 00:44:30 GMT
Access-Control-Allow-Origin: *
Content-Length: 4559
Date: Sun, 05 Jan 2025 12:44:30 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Aug 2024 17:24:33 GMT
Server: nginx

GET
H/1.1 200
OK mls Show response
svc.moxiworks.com/service/v1/profile/ 1015 KB
93 KB 433ms
433ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/profile/mls?callback=jQuery37106299993534292347_1736081069039&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1736081069040

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

2449ae3eff40213fab9a433cbfc5e350fb8c536b87e6d2c356ae91eec87fffb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 86c363ea-8ef4-49c6-8362-a7f96d715e43
content-encoding: gzip
etag: W/"2449ae3eff40213fab9a433cbfc5e350"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.270182
access-control-allow-headers: FROM_APP, FROM-APP
transfer-encoding: chunked
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-app-server: wms_svc_profile/svc24-pr
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: haproxy23-pr
server: nginx

GET
H/1.1 200
OK current_web_user.json Show response
svc.moxiworks.com/service/v1/auth/users/ 106 B
625 B 514ms
217ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/auth/users/current_web_user.json?&callback=jQuery37106299993534292347_1736081069041&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1736081069042

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

318524a5611cb63bace8899c937350d4a8d528f3d937520da2c9791c817a106e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

transfer-encoding: chunked
x-request-id: 97e5ea7d-fd1d-4ff0-a9b0-82188352bb6e
cache-control: max-age=0, private, must-revalidate
etag: W/"80ba995c7f9924b8a01c5db4859fec3a"
x-app-server: wms_svc_auth/internal-k8s
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 05 Jan 2025 12:44:30 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
x-proxy: haproxy23-pr
server: nginx
x-runtime: 0.007886

GET
H/1.1 200
OK company Show response
svc.moxiworks.com/service/v1/branding/ 102 KB
103 KB 527ms
231ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/branding/company?callback=jQuery37106299993534292347_1736081069043&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&company_uuid=1234567&agent_uuid=d9a18794-8755-4f19-989b-7c8ec9fe761b&office_uuid=8252352&_=1736081069044

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

2bca0957185afb080ec6cc4024aad81802831cab2775f51422863c987e2a94b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 9e88bc39-fa34-46ca-84e8-2688e48ad277
etag: W/"2bca0957185afb080ec6cc4024aad818"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, PUT, OPTIONS
status: 200 OK
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.027359
access-control-allow-headers: FROM_APP, FROM-APP
transfer-encoding: chunked
x-frame-options: SAMEORIGIN
cache-control: max-age=360, private
x-app-server: wms_svc_branding/internal-k8s
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: haproxy23-pr
server: nginx

GET
H/1.1 200
OK ajax-loader.gif
svc.moxiworks.com/service/v1/auth/images/ 4 KB
4 KB 472ms
175ms Image
image/gif 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://svc.moxiworks.com/service/v1/auth/images/ajax-loader.gif
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: c85ab34c0ffc6a71386c7e0ef87386f203992b46a3f519510f40545717f85400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "669564f5-f6f"
x-app-server: wms_svc_auth/internal-k8s
accept-ranges: bytes
content-length: 3951
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: image/gif
last-modified: Mon, 15 Jul 2024 18:05:41 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.winutah.com/wp-includes/js/ 18 KB
5 KB 154ms
154ms Script
application/javascript 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/wp-includes/js/wp-emoji-release.min.js?ver=35c8d3dd5fe5fc55f13b6ab1cf183375

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent11-pr
content-encoding: gzip
age: 0
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 12:44:30 GMT
x-varnish: 213058738
date: Sun, 05 Jan 2025 12:44:30 GMT
last-modified: Thu, 19 Dec 2024 18:26:38 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 5039
x-proxy: haproxy23-pr
server: Apache

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 61 KB
61 KB 68ms
40ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n7&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 2a3d47177bc866e138291102d44068436a280b2bf4852de4158fd0fae587e729

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "e53066f39e81b65441928edbbba31ddeafae7288"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 62384
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/4c4052/00000000000000003b9b3069/27/ 64 KB
64 KB 86ms
58ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4c4052/00000000000000003b9b3069/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i7&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: bd7c5d26d9eae6791c58a2030e37d66aee5d0ec8ff113c155d8c7d2721d9565d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "c6685947275869ea8f2e974f0ce3f03f614767c5"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 65304
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/576d53/00000000000000003b9b3066/27/ 59 KB
59 KB 49ms
21ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n6&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: bc1e7dc794733f6739eb8569fe98bd6447af7f475fc1509103f53ca9db444969

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "c8fb88eb5a9a89e3d720ef6a582076bb7fb5e7c8"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 60444
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 59 KB
59 KB 60ms
33ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n4&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 99f75a02bf319c4dcf6be997e2a1dd495cba095c0e5f16c4214a54aeba264caf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "d5cb6069705516762eca93710eba9bb7b559edfa"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 60524
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/ 62 KB
62 KB 39ms
12ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i4&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 9089445ec9edcbfe1963f7b38490aa317f2ba03000a52edc38243834844eefe8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "a05164ae4d04c4b7d0c3f83f103eaa481427df76"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 63472
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/6e816b/00000000000000003b9b3064/27/ 60 KB
60 KB 93ms
66ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6e816b/00000000000000003b9b3064/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n5&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 09b0f070bde3d0af1b07e4d8b4614f89b5a17f441896dca7fef8457f65637092

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "44739cd431c6a30b35dc0bd263a2b21167f0c106"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 61180
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/249031/00000000000000000001791a/27/ 24 KB
24 KB 36ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/249031/00000000000000000001791a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: edde01a168c1ae1f34f7d6e3966086c388e0e01d26a1084e073ce4a883363bcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "cd27775b4d900729b5e84d5c840ecfa84141b492"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 24504
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/088645/00000000000000000001791c/27/ 24 KB
24 KB 83ms
56ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/088645/00000000000000000001791c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 0756e594e5ce3e70088700bce73cfffb4c7dff156e92d78bc94f908b285f8d71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "2770121ef5f9952f085213bab3ff81ad363167cb"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 24640
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/c52a60/00000000000000000001791e/27/ 24 KB
24 KB 78ms
50ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c52a60/00000000000000000001791e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 6a22d043c18807dd3316a5fd7a4b135c14f0cf8c78d268d8a1ea574419df4e17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "dbe5590f10529748124149de68e7b50ca5c466e6"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 24744
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/ba4451/00000000000000000001791b/27/ 25 KB
25 KB 82ms
55ms Font
application/font-woff2 2a02:26f0:3500:16::215:1491
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ba4451/00000000000000000001791b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1491 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 05a402172cf3219677542a51ca892a565a6155bd376034ea51ec7b8f2c34153f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "4b24231f930f26d255922d8706139cf6a38e85e2"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 25512
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: application/font-woff2
server: nginx

GET
H/1.1 200
OK / Show response
www.winutah.com/services/get-widget/ 285 KB
38 KB 2078ms
2078ms XHR
text/html 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winutah.com/services/get-widget/?partialName=Custom%20Searches&class=customsearches&folder=customsearches&admin=0&options%5Bimagewidth%5D=437&options%5Bimageheight%5D=292&options%5Bshowarrows%5D=always&options%5Bcolumns%5D=3&options%5Brows%5D=1&options%5Basync%5D=true&status=partial&name=0&data%5Bformat%5D=search&data%5Btitle%5D=Featured%20Properties&data%5Blist%5D=4&data%5Bhide_cta_button%5D=1&data%5Bnumblocks%5D=20&data%5Bwidget_id%5D=5bf5d40dd84ac&data%5Bhidebuffer%5D=10&clientsearch=https%3A%2F%2Fsvc.moxiworks.com%2Fservice%2Fv1%2Flisting%2Fsearch_v2%3Fstatus%3Dactive%26sold_days%3D180%26pstatus%3D1%26ptype_tmp%3D9%26company_only%3D1%26location_search_field%3DUtah%252C%2520USA%26drive_time%3D09%253A00%26drive_duration%3D15%26drive_avoid_ferry%3D1%26drive_departure%3D1%26ss_description%3DUtah%26ss_email_freq%3D40%26ss_send_zero_result%3D1%26bounds_north%3D45.49772702371642%26bounds_east%3D-107.39272003222655%26bounds_south%3D33.03519807725522%26bounds_west%3D-115.70250396777342%26center_lat%3D39.3209801%26center_lon%3D-111.0937311%26center_lat_pan%3D39.5454000223157%26center_lon_pan%3D-111.54761199999999%26geotype%3DAdminDivision1%26user_lat%3D39.3209801%26user_lon%3D-111.0937311%26pgsize%3D30%26startidx%3D0%26zoom%3D7%26ls_conversion%3Dacres%26sort_by%3D10%26company_uuid%3D1234567%26commute%3D0%26buffer_miles%3D0%26geospatial%3Dtrue%26agent_uuid%3Dd9a18794-8755-4f19-989b-7c8ec9fe761b%26ptype%3D1%252C2%252C9%26searchType%3Dcriteria%26omit_hidden%3Dtrue%26mobileState%3Dlist&searchpath=https%3A%2F%2Fwww.winutah.com%2Fsearch%2F%23status%3Dactive%26sold_days%3D180%26pstatus%3D1%26ptype_tmp%3D9%26company_only%3D1%26location_search_field%3DUtah%252C%2520USA%26drive_time%3D09%253A00%26drive_duration%3D15%26drive_avoid_ferry%3D1%26drive_departure%3D1%26ss_description%3DUtah%26ss_email_freq%3D40%26ss_send_zero_result%3D1%26bounds_north%3D45.49772702371642%26bounds_east%3D-107.39272003222655%26bounds_south%3D33.03519807725522%26bounds_west%3D-115.70250396777342%26center_lat%3D39.3209801%26center_lon%3D-111.0937311%26center_lat_pan%3D39.5454000223157%26center_lon_pan%3D-111.54761199999999%26geotype%3DAdminDivision1%26user_lat%3D39.3209801%26user_lon%3D-111.0937311%26pgsize%3D20%26startidx%3D0%26zoom%3D7%26ls_conversion%3Dacres%26sort_by%3D10%26company_uuid%3D1234567%26commute%3D0%26buffer_miles%3D0%26geospatial%3Dtrue%26agent_uuid%3Dd9a18794-8755-4f19-989b-7c8ec9fe761b%26ptype%3D1%252C2%252C9%26searchType%3Dcriteria%26omit_hidden%3Dtrue%26mobileState%3Dlist&searchname=Our%20Exclusive%20Listings&fallbackupdate=true&cachebust=1736081070278

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

2b905d5cbdeaac42ba038d86196f221d76a69e27e82d67d5612aea2331297731

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*

Response headers

v-backend: agent12-pr
content-encoding: gzip
age: 0
x-renderedpage: true
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 12:52:00 GMT
x-varnish: 211322058
date: Sun, 05 Jan 2025 12:44:30 GMT
last-modified: Sun, 05 Jan 2025 12:44:30 GMT
vary: Accept-Encoding
content-type: text/html;charset=UTF-8
strict-transport-security: max-age=31536000
link: <https://www.winutah.com/wp-json/>; rel="https://api.w.org/"
content-security-policy: upgrade-insecure-requests
cache-control: private, max-age=0
x-app-server: varnish_agent_sites/agent-varnish21-pr
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
content-length: 38019
x-proxy: haproxy23-pr
server: Apache

GET
H/1.1 200
OK search_v2 Show response
svc.moxiworks.com/service/v1/listing/ 173 KB
174 KB 1429ms
1126ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/listing/search_v2?status=active&sold_days=180&pstatus=1&ptype_tmp=9&company_only=1&location_search_field=Utah%2C%20USA&drive_time=09%3A00&drive_duration=15&drive_avoid_ferry=1&drive_departure=1&ss_description=Utah&ss_email_freq=40&ss_send_zero_result=1&bounds_north=45.49772702371642&bounds_east=-107.39272003222655&bounds_south=33.03519807725522&bounds_west=-115.70250396777342&center_lat=39.3209801&center_lon=-111.0937311&center_lat_pan=39.5454000223157&center_lon_pan=-111.54761199999999&geotype=AdminDivision1&user_lat=39.3209801&user_lon=-111.0937311&pgsize=30&startidx=0&zoom=7&ls_conversion=acres&sort_by=10&company_uuid=1234567&commute=0&buffer_miles=0&geospatial=true&agent_uuid=d9a18794-8755-4f19-989b-7c8ec9fe761b&ptype=1%2C2%2C9&searchType=criteria&omit_hidden=true&mobileState=list&callback=jQuery37106299993534292347_1736081069045&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1736081069046

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

7f908936f3a69d15ad1e5964871ea8ca858060e6ca41a5e48dd761aba29b8c7d

Security Headers

Name	Value
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

access-control-max-age: 1728000
x-request-id: a5b770dd-ea27-40ca-956b-6609ae3d9712
etag: W/"7f908936f3a69d15ad1e5964871ea8ca"
access-control-allow-methods: GET, POST, PUT, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 05 Jan 2025 12:44:31 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.774558
access-control-allow-headers: FROM_APP, FROM-APP, X-AUTH-SR-HASH, X-AUTH-SR-TIMESTAMP, X_AUTH_SR_HASH, X_AUTH_SR_TIMESTAMP
transfer-encoding: chunked
x-frame-options: ALLOWALL
cache-control: max-age=120, private
x-app-server: wms_svc_listing/internal-k8s
access-control-allow-origin: *
x-xss-protection: 0
x-proxy: haproxy23-pr
server: nginx

GET
H/1.1 200
OK current_web_user.json Show response
svc.moxiworks.com/service/v1/auth/users/ 106 B
625 B 483ms
182ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/auth/users/current_web_user.json?&callback=jQuery37106299993534292347_1736081069047&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1736081069048

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

36315d5b3e24a9a6d36c707dcd8bb464b3571ad166deab1dc121582746e51425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

transfer-encoding: chunked
x-request-id: feccf45d-e793-413a-bdd6-568f818879e2
cache-control: max-age=0, private, must-revalidate
etag: W/"ed257c059bbabb0c5fbfd7001b595ecf"
x-app-server: wms_svc_auth/internal-k8s
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 05 Jan 2025 12:44:30 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
x-proxy: haproxy23-pr
server: nginx
x-runtime: 0.008656

GET
H/1.1 200
OK current_web_user.json Show response
svc.moxiworks.com/service/v1/auth/users/ 106 B
625 B 171ms
171ms Script
text/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL

https://svc.moxiworks.com/service/v1/auth/users/current_web_user.json?&callback=jQuery37106299993534292347_1736081069049&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1736081069050

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-140.greenhousedata.net

Software

nginx /

Resource Hash

898e0ab6572062bc97b08e3ed300910e73ac9c9458c022fe7c9aa532cb940df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

transfer-encoding: chunked
x-request-id: 7f27fdf3-6c0b-4fef-a31e-62c72589732c
cache-control: max-age=0, private, must-revalidate
etag: W/"8bb8327a492ba5fccf1a80a023c28d48"
x-app-server: wms_svc_auth/internal-k8s
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 05 Jan 2025 12:44:30 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
x-proxy: haproxy23-pr
server: nginx
x-runtime: 0.010075

GET
H2 200 location Show response
telize-v1.p.rapidapi.com/ 395 B
727 B 235ms
201ms Script
application/json 3.67.48.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://telize-v1.p.rapidapi.com/location?rapidapi-key=mKTYRiJxjxmshhou6VAm18RBVSJkp1eyJLYjsn6w8rRmBQPjDW&callback=jQuery37106299993534292347_1736081069051&send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1736081069052
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.48.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-48-175.eu-central-1.compute.amazonaws.com
Software: RapidAPI-1.2.8 /
Resource Hash: 1026b4ebdf0149ec9c7764ca64325aa871f1fd77363184c435dadf3cfee82ba9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-rapidapi-request-id: 5b214e46dba13f44364c67a542873f79404d0cdb962cc9bb8a19957799e0e933
x-ratelimit-requests-remaining: 29974
x-ratelimit-requests-reset: 12189
cache-control: no-cache
x-rapidapi-region: AWS - eu-central-1
access-control-allow-origin: *
content-length: 395
x-rapidapi-version: 1.2.8
date: Sun, 05 Jan 2025 12:44:30 GMT
x-ratelimit-requests-limit: 100000
content-type: application/json; charset=utf-8
server: RapidAPI-1.2.8

GET
H/1.1 200
OK loadingAnimation.gif
www.winutah.com/wp-includes/js/thickbox/ 15 KB
15 KB 164ms
164ms Image
image/gif 64.246.164.133
LUNAVI-WA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.winutah.com/wp-includes/js/thickbox/loadingAnimation.gif

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.246.164.133 , United States, ASN6295 (LUNAVI-WA, US),

Reverse DNS

ipv4-64-246-164-133.greenhousedata.net

Software

Apache /

Resource Hash

6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Response headers

v-backend: agent12-pr
cache-control: max-age=86400
age: 0
x-app-server: varnish_agent_sites/agent-varnish22-pr
x-content-type-options: nosniff
via: 1.1 varnish (Varnish/6.5)
expires: Mon, 06 Jan 2025 12:44:30 GMT
x-varnish: 56295531
accept-ranges: bytes
content-length: 15238
date: Sun, 05 Jan 2025 12:44:30 GMT
last-modified: Thu, 19 Dec 2024 18:29:19 GMT
content-type: image/gif
server: Apache
x-proxy: haproxy23-pr

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 22ms
22ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4cc1v881128847za200&_p=1736081068261&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1679500016.1736081068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=3&sid=1736081068&sct=1&seg=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=page_view&_ee=1&_et=605&tfd=3109
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 10ms
10ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=359723985&t=event&_s=2&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&ul=de-de&de=UTF-8&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Landing%20Page%20Interaction&ea=Content%20Page%20Form%20Show%20%7C%20from%20general%20contact&el=&_u=qEDAAAABAAAAACAAI~&jid=&gjid=&cid=1679500016.1736081068&tid=UA-384279-8&_gid=435834809.1736081068&z=1316187473

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

age: 76293
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 15:32:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 11ms
11ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

age: 76293
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 15:32:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 Hmv09b-TDro
www.youtube.com/embed/ Frame 3FAD 0
0 71ms
71ms Document
text/html 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Hmv09b-TDro?wmode=transparent&enablejsapi=1&rel=0

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winutah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Jan 2025 12:44:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 4F82 0
0 34ms
34ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&co=aHR0cHM6Ly93d3cud2ludXRhaC5jb206NDQz&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=xg5hfffhpoh6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OsA_jRx_PM5tK1D6DDNVdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winutah.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OsA_jRx_PM5tK1D6DDNVdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-security-policy-report-only: frame-ancestors 'self';report-uri https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Jan 2025 12:44:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 47ms
9ms Image
image/gif 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=bzd3nzl&ht=tk&h=www.winutah.com&f=139.140.173.175.176.25136.12047.12048.12049.12053&a=6994921&js=1.21.0&app=typekit&e=js&_=1736081070444
Requested by: Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: public, max-age=604800
etag: "64c3b732-23"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: image/gif
last-modified: Fri, 28 Jul 2023 12:40:18 GMT
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 10ms
10ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489248118754364&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1736081070460&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1736081070081.23234415948736271&cs_est=true&ler=empty&cdl=API_unavailable&it=1736081069370&coo=false&rqm=GET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=26, mss=1232, tbw=7806, tp=19, tpl=0, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
191 B 146ms
146ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=489248118754364&ev=PageView&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&rl=&if=false&ts=1736081070460&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1736081070081.23234415948736271&cs_est=true&ler=empty&cdl=API_unavailable&it=1736081069370&coo=false&rqm=FGET

Requested by

Host: www.winutah.com
URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7456411419906231673"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Jan 2025 12:44:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 2HbrgQ+tGiCGeCY499TSbMLjFV4F6SloztrWYB5cBpkg/6W91R3LtxYSHhE0qOKgs41clxloN4o8+p9jk5YtiQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7456411419906231673", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=26, mss=1232, tbw=8046, tp=22, tpl=0, uplat=138, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST 38fac9d5b82543fc4729580d18ff2d3d
csp.withgoogle.com/csp/frame-ancestors/ 0
0

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 289ms
94ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 05 Jan 2025 12:44:31 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 289ms
95ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 05 Jan 2025 12:44:31 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 288ms
94ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 05 Jan 2025 12:44:31 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H2 204 boost
api.brytecore.com/ Frame 0
0 288ms
94ms Preflight 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.brytecore.com/boost

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-69-56.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
content-security-policy: default-src 'none'; frame-ancestors 'none'
date: Sun, 05 Jan 2025 12:44:31 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content package.json
cdn.brytecore.com/packages/realestate/ Frame 0
0 371ms
94ms Preflight
text/plain 34.202.96.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.brytecore.com/packages/realestate/package.json

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.96.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-96-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Sun, 05 Jan 2025 12:44:31 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
242 B 97ms
96ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 05 Jan 2025 12:44:31 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
242 B 98ms
97ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 05 Jan 2025 12:44:31 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
242 B 95ms
93ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 05 Jan 2025 12:44:31 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

POST
H2 202 boost Show response
api.brytecore.com/ 44 B
242 B 96ms
94ms XHR
application/json 3.94.69.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brytecore.com/boost
Requested by: Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.69.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-69-56.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

etag: W/"2c-Oc0EIatHfl7RUTc90hHu4Ttdbq4"
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 44
date: Sun, 05 Jan 2025 12:44:31 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx

GET
H/1.1 200
OK package.json Show response
cdn.brytecore.com/packages/realestate/ 4 KB
1 KB 103ms
101ms XHR
application/json 34.202.96.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.brytecore.com/packages/realestate/package.json

Requested by

Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.96.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-96-196.compute-1.amazonaws.com

Software

nginx /

Resource Hash

17fdb963cf72e547a15edef792a9c1ae7852d8b25446deb69a433e13efc6eeec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.winutah.com/

Response headers

Strict-Transport-Security: max-age=15768000
Cache-Control: max-age=43200
Content-Encoding: gzip
ETag: W/"5d1580e4-1168"
Pragma: public
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Mon, 06 Jan 2025 00:44:31 GMT
Access-Control-Allow-Origin: *
Content-Length: 1020
Date: Sun, 05 Jan 2025 12:44:31 GMT
Content-Type: application/json
Last-Modified: Fri, 28 Jun 2019 02:52:20 GMT
Server: nginx

GET
H2 200 enabled Show response
chat-api.brytecore.com/settings/ 44 B
351 B 99ms
99ms XHR
application/json 34.192.224.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-api.brytecore.com/settings/enabled?apiKey=bda790d9-d2d9-46a2-a47d-74ab07310a97&domain=www.winutah.com&url=https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Requested by

Host: cdn.brytecore.com
URL: https://cdn.brytecore.com/brytescore.js/brytescore.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.224.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-224-11.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

22f3841cc8729cd3b17a1281c9983c779dcd14bdcec1f82fb0774b45ff72ca3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.winutah.com/

Response headers

strict-transport-security: max-age=15768000
etag: W/"2c-/UNVlg4M89HxWGGq86WZ0xA9pVk"
access-control-allow-credentials: true
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
content-length: 44
date: Sun, 05 Jan 2025 12:44:31 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
x-powered-by: Express
server: nginx
x-frame-options: DENY

OPTIONS
H2 204 enabled
chat-api.brytecore.com/settings/ Frame 0
0 295ms
93ms Preflight 34.192.224.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://chat-api.brytecore.com/settings/enabled?apiKey=bda790d9-d2d9-46a2-a47d-74ab07310a97&domain=www.winutah.com&url=https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.224.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-224-11.compute-1.amazonaws.com

Software

nginx / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.winutah.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 05 Jan 2025 12:44:31 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 0

GET
H/1.1 200
OK google_bypass.js Show response
svc.moxiworks.com/service/v1/branding/bypass/google/1234567/ 33 KB
33 KB 162ms
162ms Script
application/javascript 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://svc.moxiworks.com/service/v1/branding/bypass/google/1234567/google_bypass.js?send_from_agent=true&from_aws=true&from_app=aws%3Ahttps%3A%2F%2Fwww.winutah.com&source=agent%20website&source_display_name=Office%20Group%20Website&site_type=Office%20Group%20Website&_=1736081069053
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: de9843b43586d4cbaf0501337110a82af340f231289b9ff17a46966c98842e6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "65d7e207-849c"
x-app-server: wms_svc_branding/internal-k8s
accept-ranges: bytes
content-length: 33948
date: Sun, 05 Jan 2025 12:44:31 GMT
content-type: application/javascript
last-modified: Fri, 23 Feb 2024 00:08:39 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 267 KB
56 KB 51ms
51ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241218.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

sffe /

Resource Hash

87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 573800
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Mon, 29 Dec 2025 21:21:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Dec 2024 21:21:12 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56823
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 191 KB
58 KB 47ms
47ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241218.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

sffe /

Resource Hash

bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 85461
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sun, 04 Jan 2026 13:00:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 04 Jan 2025 13:00:11 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 59447
x-xss-protection: 0
server: sffe

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 98 KB
26 KB 39ms
39ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241218.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

sffe /

Resource Hash

d422128eea28ccdf1e598004f0e8ce733e387fd0b4978ac4dba23ff131461c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 443137
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 09:38:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 09:38:55 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 26360
x-xss-protection: 0
server: sffe

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/ 45 KB
14 KB 37ms
37ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20241218.0.b

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

sffe /

Resource Hash

d73129180354823437ac4b6f3144b7b8d90b59a7be95362e6636a8173578beee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

content-encoding: br
age: 445508
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 08:59:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 08:59:24 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 14038
x-xss-protection: 0
server: sffe

GET
H3 200 Vitruvius-icon-set.ttf
cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/fonts/ 17 KB
12 KB 36ms
22ms Font
font/ttf 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/fonts/Vitruvius-icon-set.ttf?xu4n51

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/project-vitruvius-icons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cea0cf25353bf8155b1f7a539b9f7d7b7bbd8c359e7f1f90996ae6437b5dc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.winutah.com
Referer: https://cdn.jsdelivr.net/npm/@moxiworks/project-vitruvius@0.0.21/build/project-vitruvius-icons.min.css

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"4420-qeHq3hdxFl0rdZdgpo15QPY1llg"
age: 5210114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WL0CexGA3ZXhXtzrOLG6GK9XMm4Qm%2Fr8jd0pbomviQN%2B47hLzXbMFMMKu2wDHydH42DED9eNpNaGXd5F3ybxn29nGWc3Ure3HxxMQaLiRjk9hxtpOO%2BFW15bH9WCgiyrSAk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: MISS, HIT
server-timing: cfExtPri
date: Sun, 05 Jan 2025 12:44:32 GMT
content-type: font/ttf
x-served-by: cache-fra-eddf8230124-FRA, cache-lga21951-LGA
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8fd38f6fdf2c1e56-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11451
server: cloudflare
x-jsd-version: 0.0.21

GET
H/1.1 200
OK favicon.ico
images-static.moxiworks.com/static/images/br/windermere/icons2/ 1 KB
1 KB 835ms
153ms Other
image/x-icon 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://images-static.moxiworks.com/static/images/br/windermere/icons2/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx /
Resource Hash: 710137d0cf763abd9bc6e0f2ca91c322d1e68f3e7b353e3e85f505bdadc2384d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "5bc9204d-47e"
x-app-server: static_image_host/client23-pr
accept-ranges: bytes
content-length: 1150
date: Sun, 05 Jan 2025 12:44:33 GMT
content-type: image/x-icon
last-modified: Fri, 19 Oct 2018 00:07:41 GMT
server: nginx
x-proxy: haproxy23-pr

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 64ms
30ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 12:44:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:32 GMT
content-type: image/png
last-modified: Tue, 18 May 2021 19:15:00 GMT
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
content-length: 1616
x-xss-protection: 0
server: sffe

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 65ms
32ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 12:44:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:32 GMT
content-type: image/png
last-modified: Tue, 18 May 2021 19:15:00 GMT
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
content-length: 3351
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK favicon-32x32.png
images-static.moxiworks.com/static/images/br/windermere/icons2/ 2 KB
3 KB 152ms
152ms Other
image/png 64.246.164.140
LUNAVI-WA

General

Check archive.org

Show headers Download Go to

Full URL: https://images-static.moxiworks.com/static/images/br/windermere/icons2/favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.246.164.140 , United States, ASN6295 (LUNAVI-WA, US),
Reverse DNS: ipv4-64-246-164-140.greenhousedata.net
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 728520d84b85d07f804d1bf2a681ea0fcc230fb716291b22bf68ced3c96dad4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

etag: "5bc9202e-9d0"
x-app-server: static_image_host/client12-pr
accept-ranges: bytes
content-length: 2512
date: Sun, 05 Jan 2025 12:44:33 GMT
content-type: image/png
last-modified: Fri, 19 Oct 2018 00:07:10 GMT
server: nginx/1.4.6 (Ubuntu)
x-proxy: haproxy23-pr

GET 1_3_small.jpg
i3.moxi.onl/img-pr-002043/prk/56438636fb15fc198a5cd8b31dfdf469bda56d84/ 0
0

GET
H2 200 0_2_small.jpg
i1.moxi.onl/img-pr-002042/was/e24aa5dcccf70e2d6c4755964b2486f24ab95f2c/ 235 KB
235 KB 458ms
32ms Image
image/jpeg 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.moxi.onl/img-pr-002042/was/e24aa5dcccf70e2d6c4755964b2486f24ab95f2c/0_2_small.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fce39c51c670bd6f902f80bf50ff8eb6d1d1538efb0c7f474b6c140431799bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

x-request-id: 36bc6d92-735f-442e-8752-3b623cf9e01a
etag: W/"fce39c51c670bd6f902f80bf50ff8eb6"
age: 748809
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Sun, 05 Jan 2025 12:44:34 GMT
content-type: image/jpeg
content-disposition: inline
x-runtime: 0.212996
x-cache-hits: 17, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-bfi-krnt7300047-BFI, cache-fra-etou8220050-FRA
cache-control: max-age=2629746, public
x-timer: S1736081075.748929,VS0,VE2
x-app-server: wms_svc_ivs/internal-k8s
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 240436
x-xss-protection: 1; mode=block
x-proxy: haproxy22-pr
server: nginx

GET 0_3_small.jpg
i10.moxi.onl/img-pr-002042/was/7947fe28df0f6f044d3b336dc9ca274148dc9512/ 0
0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 16ms
15ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R6ZBCNN3B8&gtm=45je4cc1v9135638518za200&_p=1736081068261&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=de-de&sr=1600x1200&cid=1679500016.1736081068&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=2&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&sid=1736081069&sct=1&seg=0&en=Content%20Page%20Form%20Show%20%7C%20from%20general%20contact&_ee=1&ep.event_category=Landing%20Page%20Interaction&_et=1056&tfd=8107
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6ZBCNN3B8&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:35 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 16ms
15ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M4R9KTHP2J&gtm=45je4cc1v881128847za200&_p=1736081068261&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1679500016.1736081068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1736081068&sct=1&seg=1&dl=https%3A%2F%2Fwww.winutah.com%2F%3Futm_source%3Dredirects%26utm_medium%3DAIFPC%26utm_campaign%3DAIFY&dt=Home%20-%20Windermere%20Real%20Estate%20Utah&en=lead_form_opened&_ee=1&ep.formtype=generic_contact&ep.schedule_a_showing=false&ep.is_overlay=false&ep.location_type=Content%20Page%20Form&_et=1259&tfd=8110
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4R9KTHP2J
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.winutah.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.winutah.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 12:44:35 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.winutah.com
URL: blob:https://www.winutah.com/0a355b10-0a09-456b-8e09-0393571f51f0

Domain: track-v2.funnelytics.io
URL: https://track-v2.funnelytics.io/sessions

Domain: csp.withgoogle.com
URL: https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d

Domain: i3.moxi.onl
URL: https://i3.moxi.onl/img-pr-002043/prk/56438636fb15fc198a5cd8b31dfdf469bda56d84/1_3_small.jpg

Domain: i10.moxi.onl
URL: https://i10.moxi.onl/img-pr-002042/was/7947fe28df0f6f044d3b336dc9ca274148dc9512/0_3_small.jpg

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.winutah.com/	1970-01-21 11:50:41	Name: _ga Value: GA1.1.1679500016.1736081068
www.winutah.com/	1970-01-21 02:16:07	Name: _gid Value: GA1.1.435834809.1736081068
www.winutah.com/	1970-01-21 02:14:41	Name: _gat Value: 1
www.winutah.com/	1970-01-21 02:14:41	Name: _gat_altTracker Value: 1
.winutah.com/	1970-01-21 11:50:41	Name: _ga Value: GA1.1.1679500016.1736081068
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: So6TEvSTnqQ
.youtube.com/	1970-01-21 06:33:53	Name: __Secure-ROLLOUT_TOKEN Value: CKH6ounO8qib8QEQuqzC-83eigMYuqzC-83eigM%3D
.youtube.com/	1970-01-21 06:33:53	Name: VISITOR_INFO1_LIVE Value: X6qI1EvSrbI
.youtube.com/	1970-01-21 06:33:53	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgLA%3D%3D
.vimeo.com/	1970-01-21 02:14:42	Name: __cf_bm Value: lz2EXxf9jKeW4Q1KAE9oXLdYVsVPnd6sgBfKplG_gAs-1736081069-1.0.1.1-XWwOHmYbaJ57KWiBp0WUnJg5O4N49elRGxMJwV0_xOdlbKebE5FVwRhxPyxf.0f3
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: CzBqDrKBgY_RfkABKyZ.j7gBPQJggxhz.xQzmSMje9c-1736081069487-0.0.1.1-604800000
.winutah.com/	1970-01-21 04:24:17	Name: _fbp Value: fb.1.1736081070081.23234415948736271
www.winutah.com/	1970-01-21 11:50:41	Name: _ga_R6ZBCNN3B8 Value: GS1.1.1736081069.1.0.1736081070.0.0.0
.winutah.com/	1970-01-21 11:50:41	Name: _ga_M4R9KTHP2J Value: GS1.1.1736081068.1.1.1736081070.58.0.0
www.winutah.com/	1969-12-31 23:59:59	Name: brytescore_apikey Value: %7B%22apikey%22%3A%22bda790d9-d2d9-46a2-a47d-74ab07310a97%22%7D
www.winutah.com/	1970-01-21 11:00:17	Name: brytescore_uu Value: %7B%22aid%22%3A%22952d8043-56c0-4a78-9e72-c314881d9ea8%22%2C%22uid%22%3A%22%22%7D
www.winutah.com/	1970-01-21 02:14:42	Name: brytescore_session Value: %7B%22sid%22%3A%22641d0f0e-932c-41ec-bf9f-6a3d70566de9%22%2C%22brw%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22aid%22%3A%22952d8043-56c0-4a78-9e72-c314881d9ea8%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track-v2.funnelytics.io/sessions Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
rendering	warning	URL: https://www.winutah.com/?utm_source=redirects&utm_medium=AIFPC&utm_campaign=AIFY Message: [GroupMarkerNotSet(crbug.com/242999)!:A0302B02C43E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	error	Message: [Report Only] Refused to frame 'https://www.google.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.brytecore.com
cdn.brytecore.com
cdn.funnelytics.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
chat-api.brytecore.com
connect.facebook.net
csp.withgoogle.com
fonts.googleapis.com
fonts.gstatic.com
i1.moxi.onl
i10.moxi.onl
i3.moxi.onl
images-static.moxiworks.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
p.typekit.net
player.vimeo.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
svc.moxiworks.com
telize-v1.p.rapidapi.com
track-v2.funnelytics.io
use.typekit.net
winutah.com
www.allinforparkcity.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.winutah.com
www.youtube.com
csp.withgoogle.com
i10.moxi.onl
i3.moxi.onl
track-v2.funnelytics.io
www.winutah.com
104.17.24.14
104.18.11.207
104.18.186.31
142.250.185.174
142.250.185.99
151.101.3.52
157.240.0.35
157.240.0.6
162.159.138.60
172.217.16.202
172.217.16.206
172.217.18.3
172.217.18.4
2001:4860:4802:34::36
216.239.34.36
216.58.212.170
2606:4700::6812:ba1f
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200a
2a00:1450:400c:c04::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:1491
3.160.150.74
3.33.251.168
3.67.48.175
3.94.69.56
34.192.224.11
34.202.96.196
64.246.164.133
64.246.164.140
05a402172cf3219677542a51ca892a565a6155bd376034ea51ec7b8f2c34153f
06c56c7dab8a9289813dc960fdb145f1511f405e3ac66f86cfa3ab4b5f69e82e
0756e594e5ce3e70088700bce73cfffb4c7dff156e92d78bc94f908b285f8d71
083cb87fc0a83eae38b7155d44c547b321ebc83a38d6190fc354c63d9f19b44e
08f99e7e6a3abc3d4cb195ab43c13c8de151f42c72e877846d1513efd3aa0ac3
09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d
09b0f070bde3d0af1b07e4d8b4614f89b5a17f441896dca7fef8457f65637092
0aabcea59f54b9ea215b79f429c8a37e68b83fdf5488204e11b87aada8dde514
1026b4ebdf0149ec9c7764ca64325aa871f1fd77363184c435dadf3cfee82ba9
1318a5da23d26c27b42ac11542124270429e0bb06eb20b1cf596d956bdf85504
166ad2077610fb480a48628aef1e5d6b0bf0b94b4b668f34750e20879f366e40
17fdb963cf72e547a15edef792a9c1ae7852d8b25446deb69a433e13efc6eeec
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f95309bf4c48a4a71d4a98ceda67bcf65b34be50024f0fb40096aa1ee7994fd
22f3841cc8729cd3b17a1281c9983c779dcd14bdcec1f82fb0774b45ff72ca3b
2449ae3eff40213fab9a433cbfc5e350fb8c536b87e6d2c356ae91eec87fffb4
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
29ae54c93f2a0652cbf646b4dc5ae5ac4b73e54446a70d03d45d1651e082bfd3
2a0cc99682552d20a8d475814629c3a84f72a596e13a9005f8ad8338b8dffa13
2a3d47177bc866e138291102d44068436a280b2bf4852de4158fd0fae587e729
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6928b6424a4deaf79a186256a973a8304fd84018cc600a918f662d54193bbf
2b905d5cbdeaac42ba038d86196f221d76a69e27e82d67d5612aea2331297731
2bca0957185afb080ec6cc4024aad81802831cab2775f51422863c987e2a94b1
318524a5611cb63bace8899c937350d4a8d528f3d937520da2c9791c817a106e
329174abb95b8434fb36bf265869bf8a53c0ddc18d64d8f75e65e7ed4832bb4a
35a8950d8d20ff8c89da0b12595a7da152cb007996ab6b557f16f0c5c63d4d04
36315d5b3e24a9a6d36c707dcd8bb464b3571ad166deab1dc121582746e51425
403b621795be0d3dbbe618ce35500056cbbd0e47975c22532f7370678ba4126c
498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5
4b851bd9af5635c2682387427eb718d453b8e7aeefdbb01c8521ab32a49004b3
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5275d1f3e5f35d1e1a592af7fe987c969b0dcbd45a59244d6b36486c331682ba
5a453970accd51884836b84c9c949483d1f1246912e6fa315f8f422127cb7d64
634c29f0b8765a21d56727eaeb9d2d04fef137f47daa3931ad184b1c495c027b
653cfe0393d050fcbe2df90f6a5c62aa4c26fa0fe7327f695df4d195479713b0
66a02a33df473ee1fa6a74cc1ab6638e44fe460d3ff953ccb9c78f4db49f403e
6a22d043c18807dd3316a5fd7a4b135c14f0cf8c78d268d8a1ea574419df4e17
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6c2218f5e0401c9115efcdc3a5b57993e596d85d173317a18ed06425135d3cf1
6cea0cf25353bf8155b1f7a539b9f7d7b7bbd8c359e7f1f90996ae6437b5dc67
6d57d9de75cb4a832e81ababd248d04ce41d448575d88082e9d87671ae0ba5fe
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
710137d0cf763abd9bc6e0f2ca91c322d1e68f3e7b353e3e85f505bdadc2384d
728520d84b85d07f804d1bf2a681ea0fcc230fb716291b22bf68ced3c96dad4c
749e9e6c1652b50dde4385d73974f50d699f43ae8def9f78dad63ef837fbf556
780ade59401f9e89e78a1e7e418b9e08bd3cd34d5e0930da5b8e9947fbf964a9
793952039d38075b96dfd76c5cb10a4d67a7120c9dfe3c5617c0d62be3e5e7f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f908936f3a69d15ad1e5964871ea8ca858060e6ca41a5e48dd761aba29b8c7d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374f1d6c1968c1456cc9ad256a7714f5c327ceee91fa4adc5fbcbac47000ada
85a0a37e677b5386667a97230cc583313b74bb70a7a1d616f2ce5729bbf04085
8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a
87969313ec0e62ca6dd87f362f5d80be5d5850df5cc92e40aea16d405a80b9b0
898e0ab6572062bc97b08e3ed300910e73ac9c9458c022fe7c9aa532cb940df8
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8d23d0c4641e71342a5b215bce880f1c986e469fefe0c3c64352302fc839c799
9089445ec9edcbfe1963f7b38490aa317f2ba03000a52edc38243834844eefe8
987879a0fdc984b8d62b0fea39aa49ce25a4cfcce944c7c62dd6068299d71096
99c4f4fef4854ff47dea38811dba91216b311ca8ed11a0d6f70498586a575c5a
99f75a02bf319c4dcf6be997e2a1dd495cba095c0e5f16c4214a54aeba264caf
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a0555f8770abceb1635fc0b7b98d40341bc57c90b19aac3541c82b61e2ea784a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0af20e084d37ac0a3a46c11624f67f32b2426eacbe17732e842ec03fcc2957e
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
bc1e7dc794733f6739eb8569fe98bd6447af7f475fc1509103f53ca9db444969
bd7c5d26d9eae6791c58a2030e37d66aee5d0ec8ff113c155d8c7d2721d9565d
bfd7735ba4bbccdafb1fd3c00d9182d5ed058e194a1c33a15c096091b5a2a630
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c85ab34c0ffc6a71386c7e0ef87386f203992b46a3f519510f40545717f85400
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd6e005c24840c65da9b4c49fa81ff6ab0bc1c485fda4a1a338c0436574d8e65
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d07b9b24ebb07dbaa28febf9c5c0f77fa97fd30c7bd408177ce13267599a8210
d422128eea28ccdf1e598004f0e8ce733e387fd0b4978ac4dba23ff131461c0e
d7164359335410ec419a77092da938069d980761ba7cfd8bcfcc1fee56969fab
d73129180354823437ac4b6f3144b7b8d90b59a7be95362e6636a8173578beee
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9843b43586d4cbaf0501337110a82af340f231289b9ff17a46966c98842e6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9b430678365f31ebe9d2e17f841a1b9d1eba39765029b437a868f8d97b1080
edde01a168c1ae1f34f7d6e3966086c388e0e01d26a1084e073ce4a883363bcf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8be62cd3cbecfdbeb9c1d200f4c9f25fa322e6f7b434738bcb90df0e0d7c942
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fce39c51c670bd6f902f80bf50ff8eb6d1d1538efb0c7f474b6c140431799bf4
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

www.winutah.com Open in urlscan Pro 64.246.164.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

96 %HTTPS

36 %IPv6

23 Domains

37 Subdomains

36 IPs

4 Countries

3386 kBTransfer

8442 kBSize

17 Cookies

14 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winutah.com Open in urlscan Pro
64.246.164.133 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

96 %
HTTPS

36 %
IPv6

23
Domains

37
Subdomains

36
IPs

4
Countries

3386 kB
Transfer

8442 kB
Size

17
Cookies

116 HTTP transactions
2 data transactions