wintersfirm.com Open in urlscan Pro
35.185.14.83  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wintersfirm.com/	102 KB 23 KB	533ms 150ms	Document text/html	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 7f93441c2fd35cbf86ef7d3d6733a04f87e2b8b12766fb6c07adc054f5d36af5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Wed, 24 Jan 2024 17:16:36 GMT link <https://wintersfirm.com/wp-json/>; rel="https://api.w.org/" <https://wintersfirm.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://wintersfirm.com/>; rel=shortlink server nginx vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 1 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine
GET H2	200	style.min.css wintersfirm.com/wp-includes/css/dist/block-library/	107 KB 15 KB	123ms 122ms	Stylesheet text/css	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT content-encoding br last-modified Sun, 05 Nov 2023 19:40:32 GMT server nginx etag W/"6547efb0-1add3" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	frontend.min.css wintersfirm.com/wp-content/plugins/wp-user-avatar/assets/css/	72 KB 11 KB	124ms 122ms	Stylesheet text/css	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.9 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 3a03eec8b6b8f7367f1b66ff53ac880713e88c910b739e00c7c022534c179e57 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT content-encoding br last-modified Mon, 28 Mar 2022 06:26:23 GMT server nginx etag W/"6241550f-11e7c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	flatpickr.min.css wintersfirm.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/	16 KB 3 KB	116ms 115ms	Stylesheet text/css	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.9 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT content-encoding br last-modified Mon, 28 Mar 2022 06:26:23 GMT server nginx etag W/"6241550f-3e52" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	select2.min.css wintersfirm.com/wp-content/plugins/wp-user-avatar/assets/select2/	15 KB 2 KB	124ms 122ms	Stylesheet text/css	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.4.2 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT content-encoding br last-modified Mon, 28 Mar 2022 06:26:23 GMT server nginx etag W/"6241550f-3a75" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	main.css wintersfirm.com/wp-content/themes/spk/css/	208 KB 39 KB	151ms 150ms	Stylesheet text/css	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/themes/spk/css/main.css?ver=1.0 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 48948bcf5e0b9ebb53e71dc85085b1d2620872bb67bf751c6ecf6f83e72f57f2 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT content-encoding br last-modified Wed, 22 Nov 2023 20:41:41 GMT server nginx etag W/"655e6785-3412c" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	js_composer.min.css wintersfirm.com/wp-content/plugins/js_composer/assets/css/	474 KB 46 KB	204ms 204ms	Stylesheet text/css	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.8.0 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 521457922129a04fbc4524021ac47021659a1e1931c5dfe1a0e13be5dcaaefba Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT content-encoding br last-modified Mon, 28 Mar 2022 06:28:02 GMT server nginx etag W/"62415572-76891" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	Logo.png wintersfirm.com/wp-content/uploads/2020/10/	10 KB 10 KB	151ms 150ms	Image image/png	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wintersfirm.com/wp-content/uploads/2020/10/Logo.png Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash cfc38cf09f86c075b28e25d587c82a3ac61d90d38bb11cad0b75b129f31ac958 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Fri, 08 Jan 2021 11:49:22 GMT server nginx etag "5ff846c2-264c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 9804
GET H2	200	Winters_Law_Firm___Secure_Future_For_You_And_Your_Family.mp4 wintersfirm.com/wp-content/uploads/2022/12/ Frame 0D92	0 0	220ms 219ms	Document video/mp4	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/uploads/2022/12/Winters_Law_Firm___Secure_Future_For_You_And_Your_Family.mp4 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers Referer https://wintersfirm.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control public, max-age=31536000 content-length 2800533 content-type video/mp4 date Wed, 24 Jan 2024 17:16:36 GMT etag "63885b59-2abb95" last-modified Thu, 01 Dec 2022 07:44:25 GMT server nginx vary Accept-Encoding
GET H2	200	Untitled-1_23.jpg wintersfirm.com/wp-content/uploads/2022/01/	30 KB 30 KB	220ms 219ms	Image image/jpeg	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wintersfirm.com/wp-content/uploads/2022/01/Untitled-1_23.jpg Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 49970b70fe1ca5a7fa1b9f6b6c685f73d3aa423cbf8bc3555fd1799590a10ab8 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Mon, 10 Jan 2022 05:14:23 GMT server nginx etag "61dbc0af-7737" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 30519
GET H2	200	Untitled-1_17.png wintersfirm.com/wp-content/uploads/2020/10/	118 KB 119 KB	220ms 220ms	Image image/png	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wintersfirm.com/wp-content/uploads/2020/10/Untitled-1_17.png Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash c6800e522e5a64d66c61d985b30270fd27e0a16fb7a23c1373b9d87ef4a764d4 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Fri, 08 Jan 2021 11:49:22 GMT server nginx etag "5ff846c2-1d93c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 121148
GET H2	200	newmap.jpg wintersfirm.com/wp-content/uploads/2022/01/	32 KB 32 KB	220ms 220ms	Image image/jpeg	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wintersfirm.com/wp-content/uploads/2022/01/newmap.jpg Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 7466089475dddf57cf7f289e649a30e9029320d7b2380d7dabb290d3141febcc Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Mon, 10 Jan 2022 05:14:01 GMT server nginx etag "61dbc099-80ae" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 32942
GET H2	200	js_composer_settings.min.css wintersfirm.com/wp-content/plugins/js_composer/assets/css/	57 KB 9 KB	219ms 219ms	Stylesheet text/css	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/plugins/js_composer/assets/css/js_composer_settings.min.css?ver=6.8.0 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash c01cbdc8e0e9b81440b76ea7cf8b8354a799e9584c80726cc78c634aec863788 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT content-encoding br last-modified Mon, 28 Mar 2022 06:28:02 GMT server nginx etag W/"62415572-e385" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	Untitled-1_19.jpg wintersfirm.com/wp-content/uploads/2022/01/	241 KB 241 KB	163ms 162ms	Image image/jpeg	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wintersfirm.com/wp-content/uploads/2022/01/Untitled-1_19.jpg?id=3478 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash e8b7814a9bcf1d776849f9baedcb0fa16e5cacfeaf74655a24f6338eb76455b3 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Mon, 10 Jan 2022 05:14:13 GMT server nginx etag "61dbc0a5-3c2ed" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 246509
GET DATA	200 OK	truncated / Frame 0D92	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	206	Winters_Law_Firm___Secure_Future_For_You_And_Your_Family.mp4 wintersfirm.com/wp-content/uploads/2022/12/ Frame 0D92	128 KB 0	157ms 157ms	Media video/mp4	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/uploads/2022/12/Winters_Law_Firm___Secure_Future_For_You_And_Your_Family.mp4 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers Referer https://wintersfirm.com/wp-content/uploads/2022/12/Winters_Law_Firm___Secure_Future_For_You_And_Your_Family.mp4 Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Range bytes=0- Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Thu, 01 Dec 2022 07:44:25 GMT server nginx etag "63885b59-2abb95" vary Accept-Encoding content-type video/mp4 access-control-allow-origin * Content-Range bytes 0-2800532/2800533 cache-control public, max-age=31536000 Content-Length 2800533
GET H2	200	banner.jpg wintersfirm.com/wp-content/uploads/2020/10/	205 KB 205 KB	133ms 133ms	Image image/jpeg	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wintersfirm.com/wp-content/uploads/2020/10/banner.jpg Requested by Host: wintersfirm.com URL: https://wintersfirm.com/wp-content/themes/spk/css/main.css?ver=1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 1985315e94fca4c53bef64ecf6601901838f292976fec52c78b86fc69f83cf73 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/wp-content/themes/spk/css/main.css?ver=1.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Fri, 08 Jan 2021 11:49:22 GMT server nginx etag "5ff846c2-33333" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 209715
GET H2	200	Helvetica-Bold.ttf wintersfirm.com/wp-content/themes/spk/css/	301 KB 302 KB	133ms 132ms	Font application/octet-stream	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/themes/spk/css/Helvetica-Bold.ttf Requested by Host: wintersfirm.com URL: https://wintersfirm.com/wp-content/themes/spk/css/main.css?ver=1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 05291f9de00325c3a3f1acdf9a35a8ce4b4fd7d32394482ebb1699ba7ac73ed5 Request headers Referer https://wintersfirm.com/wp-content/themes/spk/css/main.css?ver=1.0 Origin https://wintersfirm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Fri, 08 Jan 2021 11:49:22 GMT server nginx etag "5ff846c2-4b594" vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 308628
GET H2	200	fontawesome-webfont.woff2 wintersfirm.com/wp-content/themes/spk/fonts/	75 KB 76 KB	132ms 132ms	Font font/woff2	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://wintersfirm.com/wp-content/themes/spk/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: wintersfirm.com URL: https://wintersfirm.com/wp-content/themes/spk/css/main.css?ver=1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://wintersfirm.com/wp-content/themes/spk/css/main.css?ver=1.0 Origin https://wintersfirm.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Fri, 08 Jan 2021 11:49:22 GMT server nginx etag "5ff846c2-12d68" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 77160
GET DATA	200 OK	truncated / Frame 0D92	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 0D92	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 0D92	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 0D92	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 0D92	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	Logo.png wintersfirm.com/wp-content/uploads/2020/10/	10 KB 10 KB	114ms 113ms	Image image/png	35.185.14.83 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wintersfirm.com/wp-content/uploads/2020/10/Logo.png Requested by Host: wintersfirm.com URL: https://wintersfirm.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.185.14.83 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 83.14.185.35.bc.googleusercontent.com Software nginx / Resource Hash cfc38cf09f86c075b28e25d587c82a3ac61d90d38bb11cad0b75b129f31ac958 Request headers accept-language de-DE,de;q=0.9 Referer https://wintersfirm.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 17:16:36 GMT last-modified Fri, 08 Jan 2021 11:49:22 GMT server nginx etag "5ff846c2-264c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 9804

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpmeteor undefined| href

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wintersfirm.com/	1970-01-20 17:55:18	Name: ppwp_wp_session Value: 66be41bdf77ffc040f2b6e8115b4ac19%7C%7C1706118306%7C%7C1706117946

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

wintersfirm.com
35.185.14.83
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
05291f9de00325c3a3f1acdf9a35a8ce4b4fd7d32394482ebb1699ba7ac73ed5
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1985315e94fca4c53bef64ecf6601901838f292976fec52c78b86fc69f83cf73
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3a03eec8b6b8f7367f1b66ff53ac880713e88c910b739e00c7c022534c179e57
48948bcf5e0b9ebb53e71dc85085b1d2620872bb67bf751c6ecf6f83e72f57f2
49970b70fe1ca5a7fa1b9f6b6c685f73d3aa423cbf8bc3555fd1799590a10ab8
521457922129a04fbc4524021ac47021659a1e1931c5dfe1a0e13be5dcaaefba
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7466089475dddf57cf7f289e649a30e9029320d7b2380d7dabb290d3141febcc
7f93441c2fd35cbf86ef7d3d6733a04f87e2b8b12766fb6c07adc054f5d36af5
c01cbdc8e0e9b81440b76ea7cf8b8354a799e9584c80726cc78c634aec863788
c6800e522e5a64d66c61d985b30270fd27e0a16fb7a23c1373b9d87ef4a764d4
cfc38cf09f86c075b28e25d587c82a3ac61d90d38bb11cad0b75b129f31ac958
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e8b7814a9bcf1d776849f9baedcb0fa16e5cacfeaf74655a24f6338eb76455b3
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366