app.gowinston.ai Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.gowinston.ai/
Effective URL:
https://app.gowinston.ai/login
Submission: On April 22 via api (April 22nd 2024, 11:25:53 pm UTC) from US — Scanned from NL

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 57 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is app.gowinston.ai.
TLS certificate: Issued by GTS CA 1P5 on April 1st 2024. Valid for: 3 months.

This is the only time app.gowinston.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:275... 2600:9000:275d:7e00:b:54c8:6240:21	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:10:... 2606:4700:10::6816:3a5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:9200:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.74.204.68 54.74.204.68	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.64.148.76 172.64.148.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	172.67.38.66 172.67.38.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	172.64.153.206 172.64.153.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.231.166.89 54.231.166.89	16509 (AMAZON-02) (AMAZON-02)
2	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.87.20 104.16.87.20	() ()
57	17

3 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.gowinston.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:7e00:b:54c8:6240:21 (United States)

ASN16509 (AMAZON-02, US)

d2bxp9q9224yh5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:3a5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9200:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.204.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-204-68.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.148.76 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

omnisnippet1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.38.66 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.153.206 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

forms.soundestlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.166.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

winston-app-production-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.20 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9860 va.tawk.to — Cisco Umbrella Rank: 9519	212 KB
8	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 8378	78 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 c.clarity.ms — Cisco Umbrella Rank: 1371 n.clarity.ms — Cisco Umbrella Rank: 6137	30 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 337 c.bing.com — Cisco Umbrella Rank: 228	16 KB
3	gowinston.ai 1 redirects app.gowinston.ai	64 KB
2	soundestlink.com forms.soundestlink.com — Cisco Umbrella Rank: 17307	1 KB
2	gstatic.com fonts.gstatic.com	51 KB
2	omnisnippet1.com omnisnippet1.com — Cisco Umbrella Rank: 17212	34 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 9135	305 B
2	cloudfront.net d2bxp9q9224yh5.cloudfront.net	71 KB
1	jsdelivr.net cdn.jsdelivr.net	39 KB
1	amazonaws.com winston-app-production-public.s3.amazonaws.com	2 KB
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 25448	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	114 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	914 B
57	15

	Domain	Requested by
18	embed.tawk.to	app.gowinston.ai embed.tawk.to
8	cdn-cookieyes.com	app.gowinston.ai cdn-cookieyes.com
5	va.tawk.to	embed.tawk.to
3	bat.bing.com	app.gowinston.ai bat.bing.com
3	www.clarity.ms	app.gowinston.ai bat.bing.com www.clarity.ms
3	app.gowinston.ai	1 redirects app.gowinston.ai
2	n.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	forms.soundestlink.com	omnisnippet1.com
2	fonts.gstatic.com	fonts.googleapis.com
2	omnisnippet1.com	app.gowinston.ai omnisnippet1.com
2	log.cookieyes.com	cdn-cookieyes.com
2	d2bxp9q9224yh5.cloudfront.net	app.gowinston.ai
1	cdn.jsdelivr.net	embed.tawk.to
1	winston-app-production-public.s3.amazonaws.com
1	c.bing.com	1 redirects
1	r.wdfl.co	app.gowinston.ai
1	www.googletagmanager.com	app.gowinston.ai
1	fonts.googleapis.com	app.gowinston.ai
57	19

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com

Subject Issuer	Validity	Valid
gowinston.ai GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2024-03-26` - `2025-04-25`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-22` - `2024-06-27`	2 months	crt.sh
omnisnippet1.com E1	`2024-02-27` - `2024-05-27`	3 months	crt.sh
tawk.to GTS CA 1P5	`2024-03-28` - `2024-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
soundestlink.com Cloudflare Inc ECC CA-3	`2023-12-25` - `2024-12-24`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://app.gowinston.ai/login
Frame ID: 5BEA3FA9793EBEB5D0F003AEF6253341
Requests: 52 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css
Frame ID: A601C05906CD05DC25639F3D1DF76B7D
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css
Frame ID: A2F083A9291880B4FA0D8D74F38356D5
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css
Frame ID: 510B17D2D6FB5C6F1521472877618019
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Winston AI

Page URL History Show full URLs

http://app.gowinston.ai/ HTTP 307
https://app.gowinston.ai/ HTTP 302
https://app.gowinston.ai/login Page URL

Detected technologies

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

57
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

715 kB
Transfer

2443 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.gowinston.ai/ HTTP 307
https://app.gowinston.ai/ HTTP 302
https://app.gowinston.ai/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9CD2BEE148354DCCB4C239FB0067747E&RedC=c.clarity.ms&MXFR=3EE1D8B68AD66A4A026FCCDF8ED66450 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9CD2BEE148354DCCB4C239FB0067747E&MUID=20E4B7F526D469E6135BA39C279C6854

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request login Show response
app.gowinston.ai/
Redirect Chain

http://app.gowinston.ai/
https://app.gowinston.ai/
https://app.gowinston.ai/login

21 KB
11 KB

514ms
513ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gowinston.ai/login

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74db4f6a86920be383bd0666e7959108af17bcc6442e6d44880690d4bfcce61c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src 'self' https://winston-app-production-public.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://embed.tawk.to https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: ; font-src 'self' .gowinston.ai data: https://embed.tawk.to https://fonts.gstatic.com https://d2bxp9q9224yh5.cloudfront.net 'unsafe-inline'; connect-src 'self' ws: wss: https://embed.tawk.to https://www.google-analytics.com https://stats.g.doubleclick.net https://winston-app-production-public.s3.amazonaws.com .clarity.ms https://cdn-cookieyes.com https://log.cookieyes.com https://www.google.ca https://analytics.google.com https://bat.bing.com https://va.tawk.to https://forms.soundestlink.com; media-src 'self'; script-src-elem 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://unpkg.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://forms.soundestlink.com https://googleads.g.doubleclick.net https://omnisnippet1.com https://embed.tawk.to https://ajax.googleapis.com https://www.googletagmanager.com https://r.wdfl.co https://bat.bing.com https://www.clarity.ms https://cdn-cookieyes.com 'unsafe-inline'; frame-src 'self' https://td.doubleclick.net; object-src 'none'; base-uri 'self'; report-uri
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 87895fff98e09fd2-AMS
content-encoding: br
content-security-policy: default-src 'self'; manifest-src 'self' https://winston-app-production-public.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://embed.tawk.to https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' * data: ; font-src 'self' *.gowinston.ai data: https://embed.tawk.to https://fonts.gstatic.com https://d2bxp9q9224yh5.cloudfront.net 'unsafe-inline'; connect-src 'self' ws: wss: https://embed.tawk.to https://www.google-analytics.com https://stats.g.doubleclick.net https://winston-app-production-public.s3.amazonaws.com *.clarity.ms https://cdn-cookieyes.com https://log.cookieyes.com https://www.google.ca https://analytics.google.com https://bat.bing.com https://va.tawk.to https://forms.soundestlink.com; media-src 'self'; script-src-elem 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://unpkg.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://forms.soundestlink.com https://googleads.g.doubleclick.net https://omnisnippet1.com https://embed.tawk.to https://ajax.googleapis.com https://www.googletagmanager.com https://r.wdfl.co https://bat.bing.com https://www.clarity.ms https://cdn-cookieyes.com 'unsafe-inline'; frame-src 'self' https://td.doubleclick.net; object-src 'none'; base-uri 'self'; report-uri
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 22 Apr 2024 23:25:47 GMT
expect-ct: enforce, max-age=30
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAEQFZ%2FQ%2F3AUYTlFHUU3I2WsgsWQY0VdELEabKqR%2F%2Bxgzzu6QoFrA%2Blmb0e1hR3PxG%2FmdCkOlkkJiP8Wx35VVMf4nD0ju8FVIGcWIAxrtotdslVkkNcXNstqGKN2Qpo%2FaKEu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 95e331271d583b113f2793246bc6205c.cloudfront.net (CloudFront)
x-amz-apigw-id: Wpq_RGtVIAMEvww=
x-amz-cf-id: LtmqnbVqKA5f7umEnzDdEG5LmC5TthttWyaSuiLCozVGlNEV23KgXg==
x-amz-cf-pop: AMS58-P2
x-amzn-remapped-date: Mon, 22 Apr 2024 23:25:47 GMT
x-amzn-requestid: 3312ca8b-07ab-468e-a7df-541683f7f507
x-amzn-trace-id: Root=1-6626f1fb-1a6f3e137c65570f03847199;Parent=7f93f1e367a6f56a;Sampled=0;lineage=07ba02eb:0
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 87895ffb9de09fd2-AMS
content-security-policy: default-src 'self'; manifest-src 'self' https://winston-app-production-public.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://embed.tawk.to https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' * data: ; font-src 'self' *.gowinston.ai data: https://embed.tawk.to https://fonts.gstatic.com https://d2bxp9q9224yh5.cloudfront.net 'unsafe-inline'; connect-src 'self' ws: wss: https://embed.tawk.to https://www.google-analytics.com https://stats.g.doubleclick.net https://winston-app-production-public.s3.amazonaws.com *.clarity.ms https://cdn-cookieyes.com https://log.cookieyes.com https://www.google.ca https://analytics.google.com https://bat.bing.com https://va.tawk.to https://forms.soundestlink.com; media-src 'self'; script-src-elem 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://unpkg.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://forms.soundestlink.com https://googleads.g.doubleclick.net https://omnisnippet1.com https://embed.tawk.to https://ajax.googleapis.com https://www.googletagmanager.com https://r.wdfl.co https://bat.bing.com https://www.clarity.ms https://cdn-cookieyes.com 'unsafe-inline'; frame-src 'self' https://td.doubleclick.net; object-src 'none'; base-uri 'self'; report-uri
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 22 Apr 2024 23:25:46 GMT
expect-ct: enforce, max-age=30
location: https://app.gowinston.ai/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2Dsp38ZuDb%2B4UIRl0wV4POaBQ6Pb8lSnTneKcZoduejjqIoTqquaPYeJOOOx2rU1YJRcQNyPkL5C3JFZYLrwyGZ1C4ysTdcAe3wqAZKR25gUBKvUcdD3n4wFNkhyMyRg8hQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 95e331271d583b113f2793246bc6205c.cloudfront.net (CloudFront)
x-amz-apigw-id: Wpq_KHsLIAMEe2g=
x-amz-cf-id: unliwe5obI4D_n1fprjXwgh7y0h7oNDl0HnA8YYQE0tDVhB8pmkQuA==
x-amz-cf-pop: AMS58-P2
x-amzn-remapped-date: Mon, 22 Apr 2024 23:25:46 GMT
x-amzn-requestid: f621ebe4-4555-42ef-8ce7-d658d083aa4a
x-amzn-trace-id: Root=1-6626f1fa-2e25c098539a41327adf5cc4;Parent=2221f4daa54728ec;Sampled=0;lineage=07ba02eb:0
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
914 B 114ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Requested by

Host: app.gowinston.ai
URL: https://app.gowinston.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d71bfc92f4e65c3c6dfc015b5493391ba44026c9ab95eff36b21b12e97656356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Apr 2024 23:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 23:25:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Apr 2024 23:25:47 GMT

GET
H2 200 app-e51ebdfd.css
d2bxp9q9224yh5.cloudfront.net/bc85f5ab-df5e-4ba6-a603-87275adbf202/build/assets/ 70 KB
12 KB 110ms
25ms Stylesheet
text/css 2600:9000:275d:7e00:b:54c8:6240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2bxp9q9224yh5.cloudfront.net/bc85f5ab-df5e-4ba6-a603-87275adbf202/build/assets/app-e51ebdfd.css
Requested by: Host: app.gowinston.ai
URL: https://app.gowinston.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:7e00:b:54c8:6240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e51ebdfd42c0ebe1f9b0fe3da057e973dd192ed5b8ee7917c00d8863cab2b4ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:33:40 GMT
content-encoding: br
via: 1.1 0be2062deeede74cb37dc047454ddbce.cloudfront.net (CloudFront)
last-modified: Sat, 20 Apr 2024 16:29:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 197528
etag: W/"779bbbb99e12482f969fd7ecae34f649"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: mKbazEDf5kdvCigoNkBIycKicPJGKXQ9smSD6TpfXYm0njXAA2ofYQ==
expires: Mon, 20 May 2024 16:29:40 GMT

GET
H2 200 app-9ee7fb7c.js Show response
d2bxp9q9224yh5.cloudfront.net/bc85f5ab-df5e-4ba6-a603-87275adbf202/build/assets/ 188 KB
59 KB 111ms
27ms Script
application/javascript 2600:9000:275d:7e00:b:54c8:6240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2bxp9q9224yh5.cloudfront.net/bc85f5ab-df5e-4ba6-a603-87275adbf202/build/assets/app-9ee7fb7c.js
Requested by: Host: app.gowinston.ai
URL: https://app.gowinston.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:7e00:b:54c8:6240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9962bfde6c951d93cb0032daca5ee89ff1cc11d0d4961b2f1aae69b5eec838de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 16:33:40 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 197528
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 20 Apr 2024 16:29:45 GMT
server: AmazonS3
etag: W/"490e4abde54bf85fb67f6aa8848e4fb6"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET, PUT, POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: jC_i9mVH2-2apDbqWhknKPh-G8WGEpGxpN7uNAELVOTzIIJP_G7X3Q==
expires: Sun, 19 May 2024 20:29:31 GMT

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/ 95 KB
34 KB 104ms
28ms Script
application/javascript 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/script.js
Requested by: Host: app.gowinston.ai
URL: https://app.gowinston.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53668332a16a108e2152f97eae375603a3e90b42abfef4aff42fab2aeed22a53

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 02:32:58 GMT
server: cloudflare
age: 586006
etag: "17ded-61513ec9ba652-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 87896004afeb1cc6-AMS
content-length: 34709

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 347 KB
114 KB 329ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y0GEXDY6QT

Requested by

Host: app.gowinston.ai
URL: https://app.gowinston.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a277fd77a6772abe724802459388193e60ea2bb5654fce7a938f488efcd22a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Apr 2024 23:25:47 GMT

GET
H2 200 rw.js Show response
r.wdfl.co/ 18 KB
5 KB 286ms
23ms Script
text/javascript 2600:9000:225e:9200:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: app.gowinston.ai
URL: https://app.gowinston.ai/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9200:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82e3de55583c2729c794628b44343ee5325ad55e29115f2d652e7cd364a7532e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:23:49 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified: Mon, 22 Apr 2024 12:23:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 118
x-amz-server-side-encryption: AES256
etag: W/"7b7fac517f50c4d11f3f96084f931635"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: i_YIZtXZTEGSzugivhfVlhOtfe4aAq7_o4YpeS-j-QaLZC1Mk-lHGA==

GET
H3 200 livewire.min.js Show response
app.gowinston.ai/livewire/ 137 KB
50 KB 31ms
30ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gowinston.ai/livewire/livewire.min.js?id=239a5c52

Requested by

Host: app.gowinston.ai
URL: https://app.gowinston.ai/login

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c515ce8eb8416492814c1da6e29025e47931f8e202988e76e747dd7452660c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; manifest-src 'self' https://winston-app-production-public.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://embed.tawk.to https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: ; font-src 'self' .gowinston.ai data: https://embed.tawk.to https://fonts.gstatic.com https://d2bxp9q9224yh5.cloudfront.net 'unsafe-inline'; connect-src 'self' ws: wss: https://embed.tawk.to https://www.google-analytics.com https://stats.g.doubleclick.net https://winston-app-production-public.s3.amazonaws.com .clarity.ms https://cdn-cookieyes.com https://log.cookieyes.com https://www.google.ca https://analytics.google.com https://bat.bing.com https://va.tawk.to https://forms.soundestlink.com; media-src 'self'; script-src-elem 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://unpkg.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://forms.soundestlink.com https://googleads.g.doubleclick.net https://omnisnippet1.com https://embed.tawk.to https://ajax.googleapis.com https://www.googletagmanager.com https://r.wdfl.co https://bat.bing.com https://www.clarity.ms https://cdn-cookieyes.com 'unsafe-inline'; frame-src 'self' https://td.doubleclick.net; object-src 'none'; base-uri 'self'; report-uri
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; manifest-src 'self' https://winston-app-production-public.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://embed.tawk.to https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' * data: ; font-src 'self' *.gowinston.ai data: https://embed.tawk.to https://fonts.gstatic.com https://d2bxp9q9224yh5.cloudfront.net 'unsafe-inline'; connect-src 'self' ws: wss: https://embed.tawk.to https://www.google-analytics.com https://stats.g.doubleclick.net https://winston-app-production-public.s3.amazonaws.com *.clarity.ms https://cdn-cookieyes.com https://log.cookieyes.com https://www.google.ca https://analytics.google.com https://bat.bing.com https://va.tawk.to https://forms.soundestlink.com; media-src 'self'; script-src-elem 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://unpkg.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://forms.soundestlink.com https://googleads.g.doubleclick.net https://omnisnippet1.com https://embed.tawk.to https://ajax.googleapis.com https://www.googletagmanager.com https://r.wdfl.co https://bat.bing.com https://www.clarity.ms https://cdn-cookieyes.com 'unsafe-inline'; frame-src 'self' https://td.doubleclick.net; object-src 'none'; base-uri 'self'; report-uri
content-encoding: br
age: 380397
x-amzn-requestid: 28c32f36-9129-4a9c-88b1-3e3d0ff56728
x-vapor-base64-encode: True
cross-origin-resource-policy: same-site
x-amz-apigw-id: WbKSVE7LoAMEqVg=
referrer-policy: no-referrer-when-downgrade
x-amzn-trace-id: Root=1-6621240e-01dac5d2109efb701727e28b;Parent=5794f692d40f4bfd;Sampled=0;lineage=07ba02eb:0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Fri, 18 Apr 2025 13:45:50 GMT
date: Mon, 22 Apr 2024 23:25:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 140575
via: 1.1 8e6f6d7e57b70cc43be20c132da08b18.cloudfront.net (CloudFront)
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P2
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Apr 2024 16:03:45 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
expect-ct: enforce, max-age=30
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGjDvCTLyfu%2Bu4myeHtaH%2FcCGg%2Bz8ny5q7U%2F7xOS5AZbfLmNA3fAmWh2OOE556D12bbgyzKdrmTxt%2BD8uDLl7Ks3PKQ4aavKWIkNSEbmv9UWq1aYp4Mb0Roc7Jl9hC%2BrRt0I"}],"group":"cf-nel","max_age":604800}
permissions-policy: autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()
cf-ray: 878960043c1b9fd2-AMS
x-amzn-remapped-date: Thu, 18 Apr 2024 13:45:50 GMT
x-amz-cf-id: qleJoCSA1aZIbPKFnkAcFuZTiiDscFhi4bKuO9KGUrGJ9fpZ7lT7ww==

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 324ms
57ms Ping
text/plain 54.74.204.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.204.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-204-68.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary1sj2V1hCbKyvWUNZ

Response headers

access-control-allow-origin: *
date: Mon, 22 Apr 2024 23:25:47 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/ 96 KB
32 KB 27ms
26ms Script
application/javascript 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222e2427c02d63fc9742b285bb28ce319ad0dffcf3662d57431b0ef161ce9cdc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 02:32:58 GMT
server: cloudflare
age: 586006
etag: W/"1803a-61513ec9b96b2-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges: bytes
cf-ray: 87896005083f1cc6-AMS
content-length: 33000

GET
H2 200 fq6o4ru1xl Show response
www.clarity.ms/tag/ 1 KB
1 KB 461ms
199ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fq6o4ru1xl
Requested by: Host: app.gowinston.ai
URL: https://app.gowinston.ai/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 50b5e5a3452d89ac75441ed4468cc3226551890100421477d61354f0d1ef2029

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 22 Apr 2024 23:25:48 GMT
x-azure-ref: 20240422T232547Z-16f6b7d4654bvrd4bybhw53vs800000003h0000000009c9n
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1035
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 308ms
43ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: app.gowinston.ai
URL: https://app.gowinston.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 22 Apr 2024 23:25:47 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B7096C255DDF4CAAB2F8589DAD287E3B Ref B: BRU30EDGE0920 Ref C: 2024-04-22T23:25:47Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H3 200 launcher-v2.js Show response
omnisnippet1.com/inshop/ 55 KB
15 KB 292ms
32ms Script
application/javascript 172.64.148.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisnippet1.com/inshop/launcher-v2.js

Requested by

Host: app.gowinston.ai
URL: https://app.gowinston.ai/login

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.76 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ec2fa4f23d0d0fde9025d89eaf39c8212dbb2e8dd2e798d2fab89c09cfeb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 3065
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Apr 2024 07:29:28 GMT
server: cloudflare
etag: W/"661e28d8-db42"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 87896006a8800bbc-AMS
expires: Mon, 22 Apr 2024 23:34:42 GMT

GET
H3 200 1gkcatt42 Show response
embed.tawk.to/639bd2adb0d6371309d4ac15/ 2 KB
914 B 283ms
33ms Script
application/x-javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/639bd2adb0d6371309d4ac15/1gkcatt42

Requested by

Host: app.gowinston.ai
URL: https://app.gowinston.ai/login

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

304125770b9400f6adb1eb5b0cb766d7f999266e91584f48382a5ae6c1e961e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 539
etag: W/"stable-v4-6625f366c87"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 878960069df51c82-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 36 KB
37 KB 272ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 00:32:19 GMT
x-content-type-options: nosniff
age: 255208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36848
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 00:32:19 GMT

GET
H2 200 97100496.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 44ms
44ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97100496.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

83ba66986ca02d793a718de06b910a3147b5e6c4b2f11cbc7480af47dae9d80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 22 Apr 2024 23:25:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FBEA62B8BC204007B5E084B60F963294 Ref B: BRU30EDGE0920 Ref C: 2024-04-22T23:25:48Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 70ms
70ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97100496&Ver=2&mid=8e4b72c2-d6c1-41d6-b0ef-cd17baeee26f&sid=a666095000ff11efabc6f728005460bd&vid=a6664fc000ff11ef85f447b3397cd63b&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=Login%20%7C%20Winston%20AI&p=https%3A%2F%2Fapp.gowinston.ai%2Flogin&r=&lt=1610&evt=pageLoad&sv=1&rn=988723

Requested by

Host: app.gowinston.ai
URL: https://app.gowinston.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Apr 2024 23:25:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D98D52B4001748F08F3C14F1C0D4490E Ref B: BRU30EDGE0920 Ref C: 2024-04-22T23:25:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 getSettings Show response
forms.soundestlink.com/REST/inShop/v1/ 241 B
655 B 172ms
102ms Script
application/json 172.64.153.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=app.gowinston.ai&shopType=api&brandID=639c6aea5f284a3563fc2bef

Requested by

Host: omnisnippet1.com
URL: https://omnisnippet1.com/inshop/launcher-v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed05a2cbb90df8ee5ba886e624f9788d1750a35cea2c8413744013c6dc44efa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 23:20:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, s-maxage=600, public
x-envoy-upstream-service-time: 7
cf-ray: 87896007ad800b7c-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 97100496 Show response
www.clarity.ms/tag/uet/ 845 B
1 KB 216ms
202ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/97100496
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/97100496.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1ea151052ceec32b8cfd0980becab00af72b07f86e859677a3f65f6ba322618c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 22 Apr 2024 23:25:48 GMT
x-azure-ref: 20240422T232548Z-16f6b7d4654bvrd4bybhw53vs800000003h0000000009c9r
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 845
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.31/ 61 KB
26 KB 45ms
45ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fq6o4ru1xl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2024 00:57:09 GMT
etag: W/"0x8DC6267236793AD"
vary: Accept-Encoding
x-azure-ref: 20240422T232548Z-16f6b7d4654bvrd4bybhw53vs800000003h0000000009c9s
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 2da0f1f1-801e-0015-39a3-943968000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 main.js Show response
omnisnippet1.com/forms/ 66 KB
18 KB 31ms
30ms Script
application/javascript 172.64.148.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisnippet1.com/forms/main.js?v=2024-04-22T23

Requested by

Host: omnisnippet1.com
URL: https://omnisnippet1.com/inshop/launcher-v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.148.76 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

226d7c15bc6135cc4e501a0ae820f905658c67844bbc8f835eb7f7f73760541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 346
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 Apr 2024 13:14:58 GMT
server: cloudflare
etag: W/"660d5652-109c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8789600859ec0bbc-AMS
expires: Tue, 23 Apr 2024 00:20:02 GMT

GET
H3 200 renderedForms Show response
forms.soundestlink.com/REST/forms/v1/ 2 B
514 B 55ms
34ms Fetch
application/json 172.64.153.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.soundestlink.com/REST/forms/v1/renderedForms?v=2024-04-22T23&brandID=639c6aea5f284a3563fc2bef&displayType=popup,embedded,flyout

Requested by

Host: omnisnippet1.com
URL: https://omnisnippet1.com/forms/main.js?v=2024-04-22T23

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
via: 1.1 google
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 554
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 2
last-modified: Mon, 22 Apr 2024 23:10:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=600, public
accept-ranges: bytes
cf-ray: 878960099c746716-AMS
expires: Mon, 22 Apr 2024 23:20:19 GMT

GET
H2 200 -qy7rnR9.json Show response
cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/ 43 B
335 B 65ms
26ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/-qy7rnR9.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38fcf7fb734e4cbf7f32b0de3098ba14b20db47c1213b83722b4bc41c5f8f652

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 02:32:58 GMT
server: cloudflare
age: 584780
etag: W/"2b-61513ec9b8712"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 87896009aed05c46-AMS

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 121 B
347 B 27ms
26ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/639bd2adb0d6371309d4ac15/1gkcatt42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49679
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960097fc71c82-AMS

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 81 KB
29 KB 30ms
28ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/639bd2adb0d6371309d4ac15/1gkcatt42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49679
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960097fc81c82-AMS

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 212 KB
62 KB 47ms
45ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/639bd2adb0d6371309d4ac15/1gkcatt42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49679
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"1c73b4eb89bbe24ecf154b671ddbcafc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960097fc91c82-AMS

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 220 KB
44 KB 80ms
78ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/639bd2adb0d6371309d4ac15/1gkcatt42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49679
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"5ff5b56dd253d3fd717915b2773593d3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960097fca1c82-AMS

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 2 KB
1 KB 29ms
27ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/639bd2adb0d6371309d4ac15/1gkcatt42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49679
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"d1dc816c161b3a7313b3d42f478f140a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960097fcb1c82-AMS

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 151 B
371 B 27ms
25ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/639bd2adb0d6371309d4ac15/1gkcatt42

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 49679
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960097fcc1c82-AMS

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9CD2BEE148354DCCB4C239FB0067747E&RedC=c.clarity.ms&MXFR=3EE1D8B68AD66A4A026FCCDF8ED66450
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9CD2BEE148354DCCB4C239FB0067747E&MUID=20E4B7F526D469E6135BA39C279C6854

42 B
442 B

32ms
32ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9CD2BEE148354DCCB4C239FB0067747E&MUID=20E4B7F526D469E6135BA39C279C6854
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://app.gowinston.ai/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Apr 2024 23:25:48 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 22 Apr 2024 23:25:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28613EB833E647AF890CECC716D989C9 Ref B: BRU30EDGE0920 Ref C: 2024-04-22T23:25:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9CD2BEE148354DCCB4C239FB0067747E&MUID=20E4B7F526D469E6135BA39C279C6854
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK favicon-32x32.png
winston-app-production-public.s3.amazonaws.com/ 1 KB
2 KB 700ms
150ms Other
image/png 54.231.166.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://winston-app-production-public.s3.amazonaws.com/favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.166.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 24ecaee306a1b7a8805519d58a1b7cfbc7f55e205355e27f83e7fb0c1a466732

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 22 Apr 2024 23:25:49 GMT
x-amz-version-id: PLKzGOpCdGyGS58ul984SHfaxhj6cvB9
Last-Modified: Thu, 14 Mar 2024 20:43:47 GMT
Server: AmazonS3
x-amz-request-id: BGJK9GCM7ZJ13FXC
ETag: "49d39f44d4c1217a132d9004ea70af49"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1468
x-amz-id-2: hYqKLseYSFNBgglgl+nr1Y+9Zfo3ioBzymhuMVeHHDS2voeaF88VOh0ccYXB7sGv7hWnkOFE+cU=

GET
H2 200 91XTeBYx.json Show response
cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/config/ 32 KB
6 KB 31ms
31ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/config/91XTeBYx.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e016272272cbd0563b83df2a8f483bb6c67824ae5f565d535473b12f77278acc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 02:32:58 GMT
server: cloudflare
age: 584780
etag: W/"7e62-61513ec9b96b2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 87896009dee85c46-AMS

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
296 B 586ms
105ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.31/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://app.gowinston.ai
Date: Mon, 22 Apr 2024 23:25:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 487ms
478ms Fetch
application/json 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=639bd2adb0d6371309d4ac15&widgetId=1gkcatt42&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8484d3c9d8adf62db3b3c20da90f3603a3fa0c0abb135a5745667dcd3486797d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-dgr4
server: cloudflare
etag: W/"2-40-1"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8789600a384c1c82-AMS
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 f39ClcPa.json Show response
cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/translations/ 2 KB
817 B 27ms
26ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/translations/f39ClcPa.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de059be36fa3924307eead3cde43546467f695181804528945151ebe0e5a0c51

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 02:32:58 GMT
server: cloudflare
age: 584780
etag: W/"6eb-61513ec9ba652"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8789600a3f1f5c46-AMS

GET
H2 200 xX4176Rf.json Show response
cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/audit-table/ 9 KB
3 KB 29ms
29ms Fetch
application/json 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/audit-table/xX4176Rf.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c5f263ec0ac7468442c2b5d5a530f4e18e80034aa0ca992d3d72e35555b4a58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Apr 2024 02:32:58 GMT
server: cloudflare
age: 584780
etag: W/"23f9-61513ec9b96b2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 8789600ce8f55c46-AMS

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1021 B
1 KB 3038ms
3037ms Fetch
application/json 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a192d2adc7bee891de01322f77bd73ab60518fd8376251aa1573919e2f3100a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-nnl2
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://app.gowinston.ai
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8789600f48336673-AMS
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 367ms
366ms Preflight
text/html 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.gowinston.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://app.gowinston.ai
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8789600cf9d51c82-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 22 Apr 2024 23:25:49 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-nnl2

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
841 B 26ms
24ms Image
image/svg+xml 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:50 GMT
server: cloudflare
age: 446680
etag: W/"541-5da3a66c769d4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8789600d5dd51cc6-AMS

GET
H2 200 poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 4 KB
2 KB 26ms
25ms Image
image/svg+xml 2606:4700:10::6816:3a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:41:24 GMT
server: cloudflare
age: 456184
etag: W/"eb2-5da3a68c50d09"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 8789600d5dd61cc6-AMS

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
152 B 38ms
35ms Ping
text/plain 54.74.204.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/c647123956d555e34e6c9e29/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.204.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-204-68.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7ABNGcURenoD3Yfr

Response headers

access-control-allow-origin: *
date: Mon, 22 Apr 2024 23:25:49 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDV30TGc.woff2
fonts.gstatic.com/s/dmsans/v15/ 15 KB
15 KB 26ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDV30TGc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a458047b82f88ea6ecc145fc93030a84349765a15772b5e26de9fa0e78f9299a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://app.gowinston.ai
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 21:06:48 GMT
x-content-type-options: nosniff
age: 267541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15104
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 23:59:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Apr 2025 21:06:48 GMT

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/languages/ 17 KB
4 KB 53ms
31ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54105
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8789600ddf256673-AMS

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
296 B 104ms
103ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.31/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://app.gowinston.ai
Date: Mon, 22 Apr 2024 23:25:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 10 KB
3 KB 30ms
29ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54108
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960225b416673-AMS

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 18 KB
5 KB 30ms
28ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54108
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"6bf62c737dec7d16542425992be5986c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960225b436673-AMS

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 699 B
675 B 27ms
26ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54108
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960225b446673-AMS

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 19 KB
6 KB 46ms
44ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54108
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"4f773fe8050dcfd8fd096e061eed08a7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960225b456673-AMS

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 906 B
661 B 29ms
28ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54108
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960225b466673-AMS

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 535 B
574 B 29ms
28ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54108
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960225b476673-AMS

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/6625f366c87/js/ 110 KB
24 KB 30ms
29ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54107
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 05:20:13 GMT
server: cloudflare
etag: W/"44934d48f839e3143311bc044e6e0d89"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960225b486673-AMS

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/6625f366c87/css/ Frame A601 24 KB
5 KB 30ms
27ms Stylesheet
text/css 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54108
cf-polished: origSize=24831
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960235bb56673-AMS

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/6625f366c87/css/ Frame A2F0 40 KB
8 KB 32ms
30ms Stylesheet
text/css 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54107
cf-polished: origSize=40905
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
server: cloudflare
etag: W/"7060c2e317491c949f29253a1286dad2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 878960237bda6673-AMS

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/6625f366c87/css/ Frame 510B 76 KB
15 KB 30ms
30ms Stylesheet
text/css 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6625f366c87/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 54107
cf-polished: origSize=78232
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 22 Apr 2024 05:20:12 GMT
server: cloudflare
etag: W/"05d886069cda40a8e20243d226b04764"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 87896023abec6673-AMS

GET
H3 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 54ms
29ms Script
application/javascript 104.16.87.20

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 23:25:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3470685
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230136-FRA, cache-lga21957-LGA
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuzI3d%2FuhkYMGWY8%2BGtbTmVWimg2PMerBzN70YWELWb7mLPMRgaMyk9MWPeurYCfWsaR4WuZkbiCAtj4tdP5v0Bfed8Pyls4uc%2BcfHgvQdy8Ex3k26l1t%2FzToYNLBApG4jM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87896023f9369ff3-AMS

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 422ms
422ms Preflight
text/html 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.gowinston.ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://app.gowinston.ai
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 878960265cbb1c82-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 22 Apr 2024 23:25:53 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-l6sw

POST
H3 200 v3
va.tawk.to/log-performance/ 5 B
282 B 144ms
144ms Fetch
text/html 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6625f366c87/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://app.gowinston.ai/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 22 Apr 2024 23:25:53 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-b3w3
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://app.gowinston.ai
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 87896028fe8d1c82-AMS
access-control-allow-headers: content-type,x-tawk-token

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.app.gowinston.ai/	1970-01-20 20:03:55	Name: XSRF-TOKEN Value: eyJpdiI6ImdiWjNkN1RHaDlUcGpUdWlqVUo1b2c9PSIsInZhbHVlIjoiTTIrT1luNVhkU3RtMFlDb2d0N3lEenNhaE8wUGNSZDg2aVU3S284TnlHUnBmaFBsNXpMb05UM0ROR0tWOGExbFd1dkdTOExSVWNTUU1SMk5zNzJ3RXgrYmc1V1paWEd2cDZZRG01NTF4di9zWmJuLzU3QktyTCtMa2pmRGVYODAiLCJtYWMiOiIzMTA5OGJkY2QyYTAzZGIzOGRkMWVmZWE5MDlhMjBhNDljMjgzYmMzNTZkZDk2YWRiZjBkZWRiNWNkZWFiZjVmIiwidGFnIjoiIn0%3D
.app.gowinston.ai/	1970-01-20 20:03:55	Name: winston_ai_sessions Value: eyJpdiI6IlJWOWVvMGs0SWRuL0xScmw5cnNva1E9PSIsInZhbHVlIjoickhzemRXdktVaHE0NGoyMkt4cUtLTmE0c1ZicFhJWFdMY2pPbE14TjZIVHZXRFpidlhjSHRnMnppdjEwQXNRNTAwWGNLN2dGa1BzRDNZQ0w1RmlzUENCTWo1bVplM1RWMGU4bE4rcmRYYnBDS0lvM3JXK3RoZVJFZ3cyYktPWHAiLCJtYWMiOiI1NTVkYjgyNzkxZmI1MjFmNTFkZGI1YjdmYzExMDhhYjIxYzA1OTM1MjkyNzIwMDFmMjUzNWY1YzQzNGZhMmQ1IiwidGFnIjoiIn0%3D
.app.gowinston.ai/	1970-01-20 20:03:55	Name: MwLGDgdBxU62FrMwwXVYxhbb28Igl1SiKbJlREyS Value: eyJpdiI6Im1XcTZmeFRtM0wyNTV2cFVMTjFtK0E9PSIsInZhbHVlIjoibWdrQVNZV1ZXeURUMFZJZjNlMVdSSitNaVFreXlkbFR0Qy82eGladFB3aDU1djd6K1E4UjZUSkxrVk03TVhGa25vUXYvNk5Gc0ZUaGhJemM2V01FcFdJMjl5b2hGbjcvVFFhaXZSRitpeXJNQUZkMVkzQWY1S0tnak5BbXBuOXZJaGU1aHF2ek9zSVdvTDJDeW5uaWVUMmJsdzFlWGR3YUtTd25yaXZKZGVUT2NOMGpnYzA2bWo5SWIrTExHMXpUNE5XUXJGRzlDeWZzM2hKNUNwTVdsWmh0dUlrRnZTVllGeklmQzFRL3FyZjJBVEZGcUtNVGtqcXRRWjZVWmFVemVlV2c5VEQrcndNZ2ErMWVneGNsaE0wWU95akNVOUtxQXlkOStEWldUc012blNKcTBya0IvY0cvU3dGWDBwaDl1Q3duSmFTL2hJRFVKSzVjT21qaWRqZ3E4cEIxaXVyQTRRZWpwTXdnRmU5OU45SEJZSU9rVFJZUEtxRVMxU0tjSzU2Z3krVlBwRkRuYWlQcW4zY3dtdmlGWm5haUpLc3JkeWVzV29zSERHWnZNYzJGWUk3Y1c4QTFmQitWMm1hcUhSck1ETlprL0ZNclc3ZkRqQVZLWmc9PSIsIm1hYyI6ImMyOTM5MjM2MzNlMGQ1MWU2MTkyOTEyNDdhZmQ3ZTU4NmE0MTZkYjdmMjFlYzZmNTc2ZGIzMzY4MGI5MGYyYTkiLCJ0YWciOiIifQ%3D%3D
.bing.com/	1970-01-21 05:25:24	Name: MUID Value: 20E4B7F526D469E6135BA39C279C6854
.forms.soundestlink.com/	1970-01-20 20:03:50	Name: __cf_bm Value: T4od_3PrLcL_MMWYzVu9fWNFkCiClP.a46UvtqgzKSQ-1713828348-1.0.1.1-kAXXZ4krOOOyCkoAgSb4L8NZZsKH.i5Xjm7iF2tZ_01ya2QUxK.aEAhYOFVijKvu56pSEmFE1LujZPDlYjtk5g
www.clarity.ms/	1970-01-21 04:49:24	Name: CLID Value: f543fd383f8a439bb808833e19a6a0e0.20240422.20250422
.gowinston.ai/	1970-01-21 04:49:24	Name: cookieyes-consent Value: consentid:ZkNyQjVWcHRRdzZOTVVmWnQ3RW1BU2Y5eGZkZ0JGZ0o,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no
.gowinston.ai/	1970-01-20 20:05:14	Name: _clsk Value: 11ycwrc%7C1713828349066%7C1%7C1%7Cn.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 20:13:53	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:25:24	Name: SRM_B Value: 20E4B7F526D469E6135BA39C279C6854
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:25:24	Name: MUID Value: 20E4B7F526D469E6135BA39C279C6854
.c.clarity.ms/	1970-01-20 20:13:53	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:03:48	Name: ANONCHK Value: 0
app.gowinston.ai/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.gowinston.ai/	1970-01-21 00:23:00	Name: twk_uuid_639bd2adb0d6371309d4ac15 Value: %7B%22uuid%22%3A%221.SwsnwXCFNNQcaOd4r074AXhAXGpgHaZ4aZs6f0YIODWY5IHJOyvrANstG9AgzWjq958GsmwwXYkBdJTubN1e2Fpd3giJJ1weRjK3tjDjpAGw38iK4q2Q1%22%2C%22version%22%3A3%2C%22domain%22%3A%22gowinston.ai%22%2C%22ts%22%3A1713828352359%7D

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://app.gowinston.ai/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.gowinston.ai/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; manifest-src 'self' https://winston-app-production-public.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://embed.tawk.to https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: ; font-src 'self' .gowinston.ai data: https://embed.tawk.to https://fonts.gstatic.com https://d2bxp9q9224yh5.cloudfront.net 'unsafe-inline'; connect-src 'self' ws: wss: https://embed.tawk.to https://www.google-analytics.com https://stats.g.doubleclick.net https://winston-app-production-public.s3.amazonaws.com .clarity.ms https://cdn-cookieyes.com https://log.cookieyes.com https://www.google.ca https://analytics.google.com https://bat.bing.com https://va.tawk.to https://forms.soundestlink.com; media-src 'self'; script-src-elem 'self' *.gowinston.ai https://d2bxp9q9224yh5.cloudfront.net https://unpkg.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://forms.soundestlink.com https://googleads.g.doubleclick.net https://omnisnippet1.com https://embed.tawk.to https://ajax.googleapis.com https://www.googletagmanager.com https://r.wdfl.co https://bat.bing.com https://www.clarity.ms https://cdn-cookieyes.com 'unsafe-inline'; frame-src 'self' https://td.doubleclick.net; object-src 'none'; base-uri 'self'; report-uri
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.gowinston.ai
bat.bing.com
c.bing.com
c.clarity.ms
cdn-cookieyes.com
cdn.jsdelivr.net
d2bxp9q9224yh5.cloudfront.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
forms.soundestlink.com
log.cookieyes.com
n.clarity.ms
omnisnippet1.com
r.wdfl.co
va.tawk.to
winston-app-production-public.s3.amazonaws.com
www.clarity.ms
www.googletagmanager.com
104.16.87.20
172.64.148.76
172.64.153.206
172.67.38.66
188.114.97.3
2600:9000:225e:9200:1b:348c:b140:93a1
2600:9000:275d:7e00:b:54c8:6240:21
2606:4700:10::6816:3a5b
2620:1ec:46::45
2620:1ec:c11::237
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
52.184.204.244
54.231.166.89
54.74.204.68
68.219.88.97
12ec2fa4f23d0d0fde9025d89eaf39c8212dbb2e8dd2e798d2fab89c09cfeb55
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
162951e9132b74bf11c97d7f234d998954df2729c604e2925291a28699aca260
1ea151052ceec32b8cfd0980becab00af72b07f86e859677a3f65f6ba322618c
222e2427c02d63fc9742b285bb28ce319ad0dffcf3662d57431b0ef161ce9cdc
226d7c15bc6135cc4e501a0ae820f905658c67844bbc8f835eb7f7f73760541a
24ecaee306a1b7a8805519d58a1b7cfbc7f55e205355e27f83e7fb0c1a466732
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f
29704f658e0a24af40a7ec9f1ba5800e7bf3366de3feae6e044bd20c28c89018
2a192d2adc7bee891de01322f77bd73ab60518fd8376251aa1573919e2f3100a
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2deaae9c5e06df6c98b9775e2a5fbb66eab1a591458f9d1982e8f0e350fdb59e
304125770b9400f6adb1eb5b0cb766d7f999266e91584f48382a5ae6c1e961e0
38fcf7fb734e4cbf7f32b0de3098ba14b20db47c1213b83722b4bc41c5f8f652
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500d20e95a2ed662891673d812fe9a71e2e2c31b170bcd331c33b97114879fa6
50b5e5a3452d89ac75441ed4468cc3226551890100421477d61354f0d1ef2029
5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c
53668332a16a108e2152f97eae375603a3e90b42abfef4aff42fab2aeed22a53
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c5f263ec0ac7468442c2b5d5a530f4e18e80034aa0ca992d3d72e35555b4a58
6c515ce8eb8416492814c1da6e29025e47931f8e202988e76e747dd7452660c8
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
74db4f6a86920be383bd0666e7959108af17bcc6442e6d44880690d4bfcce61c
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82e3de55583c2729c794628b44343ee5325ad55e29115f2d652e7cd364a7532e
83ba66986ca02d793a718de06b910a3147b5e6c4b2f11cbc7480af47dae9d80c
8484d3c9d8adf62db3b3c20da90f3603a3fa0c0abb135a5745667dcd3486797d
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f
9962bfde6c951d93cb0032daca5ee89ff1cc11d0d4961b2f1aae69b5eec838de
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a277fd77a6772abe724802459388193e60ea2bb5654fce7a938f488efcd22a11
a458047b82f88ea6ecc145fc93030a84349765a15772b5e26de9fa0e78f9299a
cc6265bb78fc4f136d1e4843b385d90a1faba320821361b71895dcaf2077630f
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703
d71bfc92f4e65c3c6dfc015b5493391ba44026c9ab95eff36b21b12e97656356
de059be36fa3924307eead3cde43546467f695181804528945151ebe0e5a0c51
e016272272cbd0563b83df2a8f483bb6c67824ae5f565d535473b12f77278acc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51ebdfd42c0ebe1f9b0fe3da057e973dd192ed5b8ee7917c00d8863cab2b4ca
ed05a2cbb90df8ee5ba886e624f9788d1750a35cea2c8413744013c6dc44efa0
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

app.gowinston.ai Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

47 %IPv6

15 Domains

19 Subdomains

17 IPs

4 Countries

715 kBTransfer

2443 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.gowinston.ai Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

715 kB
Transfer

2443 kB
Size

16
Cookies

57 HTTP transactions
0 data transactions