urlscan.io logo urlscan.io
SecurityTrails logo

login.welcometotwind.io Open in urlscan Pro
2620:1ec:29:1::72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Effective URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6...
Submission: On October 18 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 48 HTTP transactions. The main IP is 2620:1ec:29:1::72, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.welcometotwind.io.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on September 8th 2024. Valid for: 6 months.
This is the only time login.welcometotwind.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.107.253.44 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
5 151.101.1.229 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a0b:4d07:102::1 44239 (PROINITY ...)
19 2620:1ec:29:1... 8075 (MICROSOFT...)
1 104.26.12.205 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 107.23.214.99 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
1 142.250.186.35 15169 (GOOGLE)
2 34.236.69.154 14618 (AMAZON-AES)
1 13.248.221.98 16509 (AMAZON-02)
48 15
2    13.107.253.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
welcometotwind.io
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
cdn.tooltip.io
file.tooltip.io
19    2620:1ec:29:1::72 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
junolayout.welcometotwind.io
junotranslations.welcometotwind.io
login.welcometotwind.io
junoassets.welcometotwind.io
junoidentityassets.welcometotwind.io
1    104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    107.23.214.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-214-99.compute-1.amazonaws.com
pp.signalayer.com
1    2600:9000:223d:1c00:6:36e8:9f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
data.tooltip.io
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    34.236.69.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-69-154.compute-1.amazonaws.com
t.signalayer.com
1    13.248.221.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com
ctaima.freshchat.com
Apex Domain
Subdomains		 Transfer
21 welcometotwind.io
welcometotwind.io
junolayout.welcometotwind.io
junotranslations.welcometotwind.io
login.welcometotwind.io
junoassets.welcometotwind.io
junoidentityassets.welcometotwind.io
3 MB
7 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
78 KB
6 tooltip.io
cdn.tooltip.io — Cisco Umbrella Rank: 201090
data.tooltip.io — Cisco Umbrella Rank: 197180
file.tooltip.io
169 KB
3 signalayer.com
pp.signalayer.com — Cisco Umbrella Rank: 161083
t.signalayer.com — Cisco Umbrella Rank: 193764
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
178 KB
1 freshchat.com
ctaima.freshchat.com
22 KB
1 gstatic.com
fonts.gstatic.com
39 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2041
165 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
0 Failed
function sub() { [native code] }. Failed
48 11
Domain Requested by
7 cdn.jsdelivr.net welcometotwind.io
cdn.jsdelivr.net
6 junolayout.welcometotwind.io cdn.jsdelivr.net
junolayout.welcometotwind.io
5 junoidentityassets.welcometotwind.io login.welcometotwind.io
junoidentityassets.welcometotwind.io
4 cdn.tooltip.io welcometotwind.io
cdn.tooltip.io
3 junoassets.welcometotwind.io
3 login.welcometotwind.io junolayout.welcometotwind.io
login.welcometotwind.io
2 t.signalayer.com cdn.tooltip.io
2 junotranslations.welcometotwind.io junolayout.welcometotwind.io
2 www.googletagmanager.com welcometotwind.io
www.googletagmanager.com
2 welcometotwind.io cdn.jsdelivr.net
1 file.tooltip.io cdn.tooltip.io
1 ctaima.freshchat.com welcometotwind.io
ctaima.freshchat.com
1 fonts.gstatic.com fonts.googleapis.com
1 data.tooltip.io cdn.tooltip.io
1 pp.signalayer.com cdn.tooltip.io
1 region1.google-analytics.com www.googletagmanager.com
1 api.ipify.org cdn.tooltip.io
1 fonts.googleapis.com welcometotwind.io
0 truncated Failed junoidentityassets.welcometotwind.io
48 19

This site contains links to these domains. Also see Links.

Domain
www.ctaima.com
Subject Issuer Validity Valid
*.welcometotwind.io
Go Daddy Secure Certificate Authority - G2		 2024-10-07 -
2025-11-07		 a year crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
cdn.tooltip.io
R10		 2024-08-27 -
2024-11-25		 3 months crt.sh
junolayout.welcometotwind.io
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-10-07 -
2025-04-07		 6 months crt.sh
ipify.org
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh
*.signalayer.com
Amazon RSA 2048 M02		 2024-02-07 -
2025-03-05		 a year crt.sh
*.tooltip.io
Amazon RSA 2048 M02		 2024-02-18 -
2025-03-18		 a year crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
junotranslations.welcometotwind.io
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-10-07 -
2025-04-07		 6 months crt.sh
*.freshchat.com
Amazon RSA 2048 M02		 2024-01-22 -
2025-02-18		 a year crt.sh
login.welcometotwind.io
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-09-08 -
2025-03-08		 6 months crt.sh
junoassets.welcometotwind.io
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-10-07 -
2025-04-07		 6 months crt.sh
file.tooltip.io
R10		 2024-08-27 -
2024-11-25		 3 months crt.sh
junoidentityassets.welcometotwind.io
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-10-07 -
2025-04-07		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Frame ID: B4E8FCBA116F5C5B3C778084FBFFE742
Requests: 47 HTTP requests in this frame

Frame: https://ctaima.freshchat.com/widget/config_iframe.html?host=https://ctaima.freshchat.com&token=616864b3-e721-4db3-9c16-22e2ffc67961&origin=https://welcometotwind.io&widgetUuid=573103b5-f9b3-4fc5-823c-6a4e8086e2fd
Frame ID: E233A68A3D42C65FDAA40766431B9576
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Twind

Page URL History Show full URLs

  1. https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t= Page URL
  2. https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

48
Requests

92 %
HTTPS

50 %
IPv6

11
Domains

19
Subdomains

15
IPs

4
Countries

3759 kB
Transfer

4691 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t= Page URL
  2. https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
&scope=3Dopenid&response_type=3Did_t=
welcometotwind.io/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a6d316f1424488a5aa6cf8ef8061de46d6ff752da2cfe923fd885ca2a54964bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
4756
content-type
text/html
date
Fri, 18 Oct 2024 10:22:44 GMT
x-azure-ref
20241018T102244Z-er1787bdbf44bxkzcr1676f1c4000000023g00000000fhys
x-cache
CONFIG_NOCACHE
x-ms-error-code
WebContentNotFound
x-ms-request-id
c86f5abb-a01e-0016-4647-21a3de000000
x-ms-version
2018-03-28
css2
fonts.googleapis.com/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,500;0,600;1,400;1,500;1,600&family=Poppins:wght@400;600&display=swap
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae1a9439449ab0f9b59db469f863677f8f58f3d02f371ac2d31be7e3e9be6f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 10:22:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 18 Oct 2024 10:22:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
runtime.min.js
cdn.jsdelivr.net/npm/regenerator-runtime@0.13.7/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.7/runtime.min.js
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
587bbee639da5a2f097ba99b12ffd33e10a64378b29624945b8ab3a5514d5107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1a73-bnmptAFfOvFXhGrxwrCcGHiq7DM"
age
3738370
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220087-FRA, cache-mad2200139-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
2529
x-jsd-version
0.13.7
import-map-overrides.js
cdn.jsdelivr.net/npm/import-map-overrides@2.2.0/dist/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/import-map-overrides@2.2.0/dist/import-map-overrides.js
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1252b23b5ba7cd633182ea88889403fbaa292ba571ff676844e75a512cbb604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"af61-/QXMy/3aRblSUh1Rz5IDzUNVYkI"
age
3671204
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220026-FRA, cache-mad2200139-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
13221
x-jsd-version
2.2.0
system.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
age
2684499
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230042-FRA, cache-mad22036-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4684
x-jsd-version
6.8.3
amd.min.js
cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/extras/amd.min.js
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d4fb1b44c663281b646f71734a9655cb49ae083857eb7cc704c5fadfd2b47a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"665-BQHyV2OT0XsgsHcuM1F7Bi7HRVI"
age
4184579
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220059-FRA, cache-mad22036-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
833
x-jsd-version
6.8.3
gtm.js
www.googletagmanager.com/ 		206 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGQSM8T
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be4a6735e52ba75cb43c317ce38441bc1f65c7f086b576fc628a2138f105365c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 10:22:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
74915
x-xss-protection
0
server
Google Tag Manager
player.js
cdn.tooltip.io/static/ 		465 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/player.js
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
b11201e3ebb002fcd9ae537ca24656ec64310a695a6e399496cb612f392bc462

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-encoding
gzip
etag
"5697609e37f5e87ac5b971c76e65b432"
expires
Fri, 25 Oct 2024 10:22:44 GMT
x-cache
HIT
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 31 Jan 2023 15:03:33 GMT
x-amz-id-2
qGNiJWPeFipTMVzlGauGwB8h8m0Ec93a4MSumh5iD8tKqrpwFuAdy0Z2JIeq8hZwJxvUD8naRjI=
link
<https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
x-amz-request-id
HH845JKJ819S7HXR
accept-ranges
bytes
access-control-allow-origin
*
content-length
78864
server
keycdn
x-amz-server-side-encryption
AES256
juno-root-config.js
welcometotwind.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welcometotwind.io/juno-root-config.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ec4c211f36e66ea5896e63cbb201bfd29ef6dfc99b4377f935a34b18e68d51aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=

Response headers

content-md5
7E8UOVOBdfIWbdWGNCHzkg==
cache-control
no-cache
x-ms-version
2018-03-28
etag
"0x8DCE917D47F522F"
x-ms-request-id
c86f5bbe-a01e-0016-3b47-21a3de000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
1512
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 10:39:33 GMT
x-azure-ref
20241018T102244Z-er1787bdbf44bxkzcr1676f1c4000000023g00000000fhzb
single-spa.min.js
cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/single-spa@5.9.4/lib/system/single-spa.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://welcometotwind.io
Referer
https://welcometotwind.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"5059-2wiyzGMvQ5lqQS+Z7/KQHjyi1Ac"
age
3644862
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230073-FRA, cache-mad22062-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
6770
x-jsd-version
5.9.4
juno-layout-spa.js
junolayout.welcometotwind.io/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://junolayout.welcometotwind.io/juno-layout-spa.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8fcc8028acd82b28ee2a5787a10a60f28956a62af5e0963f9d3e7c92f009ec46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://welcometotwind.io
Referer
https://welcometotwind.io/

Response headers

content-md5
4aD97ZSUKejr9UySacF+EA==
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
etag
"0x8DCE917D764EDD0"
x-ms-request-id
ac59bcfc-201e-003f-0247-21f908000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
1709769
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 10:39:38 GMT
x-azure-ref
20241018T102244Z-er1787bdbf4ldf6pg61qm95s2s00000001w000000001dryw
/
api.ipify.org/ 		30 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=getIP
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8369f9b10aae15c97291741af760c73d89f1dc7d136d9a316e3236944b12e42d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

cf-ray
8d47cf1b1af1d2de-FRA
content-length
30
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/javascript
vary
Origin
server
cloudflare
js
www.googletagmanager.com/gtag/ 		311 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W6EKKZEV5E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGQSM8T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19d5b1bec5e0f88ebec1b4ae27b0b714c294dee028e0f043e083468593407b30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 10:22:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 10:22:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106240
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W6EKKZEV5E&gtm=45je4ah0v899052921z8898983844za200zb898983844&_p=1729246964719&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823847&cid=278531177.1729246965&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729246965&sct=1&seg=0&dl=https%3A%2F%2Fwelcometotwind.io%2F%26scope%3D3Dopenid%26response_type%3D3Did_t%3D&dt=Twind&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=801
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W6EKKZEV5E&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://welcometotwind.io
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
text/plain
server
Golfe2
9b75ade5-d814-4d42-9b45-8b17fe7f6d22
pp.signalayer.com/ 		2 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pp.signalayer.com/9b75ade5-d814-4d42-9b45-8b17fe7f6d22
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.214.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-214-99.compute-1.amazonaws.com
Software
nginx/1.15.8 / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://welcometotwind.io/

Response headers

etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
content-length
2
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
server
nginx/1.15.8
access-control-allow-headers
Content-Type,Authorization
9b75ade5-d814-4d42-9b45-8b17fe7f6d22.json
data.tooltip.io/player/fetch/ 		47 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.tooltip.io/player/fetch/9b75ade5-d814-4d42-9b45-8b17fe7f6d22.json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1c00:6:36e8:9f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
265537dc00da654dac5089e451d1b34c7c67317a60e52d4598c192d01fd99ed5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://welcometotwind.io/

Response headers

vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-max-age
3000
content-encoding
gzip
etag
W/"8f603db96079c2bebf05e70f0ae1133d"
access-control-allow-methods
GET
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
DNCK4SY7sJudGf-PDuw2mvmfssnkul0Kl-kR2hFbObH7Kfi8HDPAbg==
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
application/json
last-modified
Tue, 01 Oct 2024 14:52:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
x-amz-server-side-encryption
AES256
react.production.min.js
cdn.jsdelivr.net/npm/react@18/umd/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/react@18/umd/react.production.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d949f1c3687aedadcedac85261865f29b17cd273997e7f6b2bfc53b2f9d4c4dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://welcometotwind.io
Referer
https://welcometotwind.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"29ff-qneuTEn1Jbwh3h0E8Ipdc5YsfM4"
age
41522
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220143-FRA, cache-mad22062-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4467
x-jsd-version
18.3.1
react-dom.production.min.js
cdn.jsdelivr.net/npm/react-dom@18/umd/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/react-dom@18/umd/react-dom.production.min.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35f4f974f4b2bcd44da73963347f8952e341f83909e4498227d4e26b98f66f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://welcometotwind.io
Referer
https://welcometotwind.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"202fb-/rjdydBWak+glxpuEThlhhjNrP4"
age
38894
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220112-FRA, cache-mad22062-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
44549
x-jsd-version
18.3.1
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,500;0,600;1,400;1,500;1,600&family=Poppins:wght@400;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://welcometotwind.io
Referer
https://fonts.googleapis.com/

Response headers

age
293753
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 00:46:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 00:46:52 GMT
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39412
x-xss-protection
0
server
sffe
261.juno-layout-spa.js
junolayout.welcometotwind.io/ 		238 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://junolayout.welcometotwind.io/261.juno-layout-spa.js
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9da46ab6cdb45e5d58bc924bbaace235e044f0c0e2c7a78bb654093bfaec24d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
jcy4gpv1ujg294+kCRGCCw==
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
etag
"0x8DCE917D75BA05E"
x-ms-request-id
0fff5db1-401e-0016-4e47-21c77c000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
243992
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 10:39:38 GMT
x-azure-ref
20241018T102245Z-166dfbc8549b7wdwxkbm903upn00000001yg0000000165x6
686.juno-layout-spa.js
junolayout.welcometotwind.io/ 		649 KB
650 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://junolayout.welcometotwind.io/686.juno-layout-spa.js
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c49a1a1edfaeb46b9130dcc6163a7627226e6b58170f58c841a140ac53a520e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
dgs/+OoN6B0riTF8QMxLGQ==
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
etag
"0x8DCE917D75CFFB8"
x-ms-request-id
ec2e9451-d01e-0066-4d47-217e8b000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
664274
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 10:39:38 GMT
x-azure-ref
20241018T102245Z-166dfbc8549b7wdwxkbm903upn00000001yg0000000165xa
373.juno-layout-spa.js
junolayout.welcometotwind.io/ 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://junolayout.welcometotwind.io/373.juno-layout-spa.js
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44af6d3dc8962e55b2bc4c992487ace92bf22987300f295d12260a87055ab5fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
07wxQGWXx8F7QhwCKWdocA==
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
etag
"0x8DCE917D758938A"
x-ms-request-id
564bf068-501e-0078-7747-219253000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
30106
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 10:39:38 GMT
x-azure-ref
20241018T102245Z-166dfbc8549b7wdwxkbm903upn00000001yg0000000165x8
958.juno-layout-spa.js
junolayout.welcometotwind.io/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://junolayout.welcometotwind.io/958.juno-layout-spa.js
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f17be6f74cef541e724a1d77c39936690b40d220a10c7a323a9f4d773a5b16cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
N1M4iu5OiaufBY+vaMTazA==
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
etag
"0x8DCE917D7592FB6"
x-ms-request-id
c14b2ec1-e01e-0052-6447-214d43000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
32240
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 10:39:38 GMT
x-azure-ref
20241018T102245Z-166dfbc8549b7wdwxkbm903upn00000001yg0000000165x7
469.juno-layout-spa.js
junolayout.welcometotwind.io/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://junolayout.welcometotwind.io/469.juno-layout-spa.js
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aba5741b71e1c7035ddc4b13506ad94c5f2ae5c47274a70f9239fdee673166a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
DVdWls/jisKeEYuKLeXkWA==
access-control-expose-headers
Accept-Ranges,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version
cache-control
no-cache
x-ms-version
2018-03-28
etag
"0x8DCE917D7592FB6"
x-ms-request-id
08e30a54-001e-0065-4b47-219fef000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
26044
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 10:39:38 GMT
x-azure-ref
20241018T102245Z-166dfbc8549b7wdwxkbm903upn00000001yg0000000165x9
de-DE.json
junotranslations.welcometotwind.io/junolayout/i18n/ 		42 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://junotranslations.welcometotwind.io/junolayout/i18n/de-DE.json
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7906a1b881f73e4d8b7c4fd58ec22cc2e53fe59a032d3f73fd8545129d9d3bca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
nloIuSRatwwzbq29/FC0LA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE91805B70D16
x-cache
CONFIG_NOCACHE
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/json
last-modified
Thu, 10 Oct 2024 10:40:56 GMT
cache-control
no-cache
x-ms-request-id
0795c660-a01e-0002-5847-21b71f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
43021
x-azure-ref
20241018T102245Z-166dfbc8549b7wdwxkbm903upn000000023000000000c796
x-ms-blob-type
BlockBlob
/
t.signalayer.com/user/identify/ 		645 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.signalayer.com/user/identify/
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.69.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-69-154.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Referer
https://welcometotwind.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, application/xml, text/play, text/html, *.*
Content-Type
application/json

Response headers

ETag
W/"285-ufrYTReEALON1Nt1KcQzTO8Gs0c"
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
645
Date
Fri, 18 Oct 2024 10:22:46 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
/
t.signalayer.com/user/identify/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.signalayer.com/user/identify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.69.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-69-154.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://welcometotwind.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin
*
Allow
POST
Connection
keep-alive
Content-Length
4
Content-Type
text/html; charset=utf-8
Date
Fri, 18 Oct 2024 10:22:45 GMT
ETag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
X-Powered-By
Express
de-DE.json
junotranslations.welcometotwind.io/junolayout/i18n/ 		42 KB
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://junotranslations.welcometotwind.io/junolayout/i18n/de-DE.json
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7906a1b881f73e4d8b7c4fd58ec22cc2e53fe59a032d3f73fd8545129d9d3bca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
nloIuSRatwwzbq29/FC0LA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE91805B70D16
x-cache
CONFIG_NOCACHE
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
application/json
last-modified
Thu, 10 Oct 2024 10:40:56 GMT
cache-control
no-cache
x-ms-request-id
0795c6a1-a01e-0002-1247-21b71f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
43021
x-ms-blob-type
BlockBlob
x-azure-ref
20241018T102245Z-166dfbc8549b7wdwxkbm903upn000000023000000000c79k
widget.js
ctaima.freshchat.com/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ctaima.freshchat.com/js/widget.js
Requested by
Host: welcometotwind.io
URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
faaa2e35-014b-4a2b-b506-aa056d360ca7
cache-control
max-age=900, must-revalidate
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
content-encoding
gzip
x-fw-ratelimiting-managed
false
x-envoy-upstream-service-time
2
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-trace-id
00-41f4704f614220597901e0e5878a5057-e0718bfaaa086894-00
date
Fri, 18 Oct 2024 10:22:46 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 16:56:07 GMT
server
fwe
x-server
ptj4j
openid-configuration
login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8599e62f34901875b33830cf94eb37805b9db896ab735663341c793e9c8ea27
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.azureedge.net *.welcometotwind.io; script-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io; img-src 'self' *.azureedge.net *.welcometotwind.io; style-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.azureedge.net *.welcometotwind.io; script-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io; img-src 'self' *.azureedge.net *.welcometotwind.io; style-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io;
cache-control
no-cache
x-ms-gateway-requestid
e04310d5-9aa0-41cb-aead-810d4f30a547
public
OPTIONS,TRACE,GET,HEAD,POST
allow
OPTIONS, TRACE, GET, HEAD, POST
accept-ranges
bytes
access-control-allow-origin
https://welcometotwind.io
content-length
1483
x-xss-protection
1; mode=block
x-azure-ref
20241018T102245Z-166dfbc85492dszl6r6w5sxxpw00000001ng0000000194w7
favicon.ico
junoassets.welcometotwind.io/images/layout/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://junoassets.welcometotwind.io/images/layout/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6a55563e26356bc6b71ea8afffa6acd8c0d63162bd011d196b3f3e2f3f9b338

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://welcometotwind.io/

Response headers

content-md5
/W468f2SFKIKbJBqvyw3Lg==
x-azure-ref
20241018T102245Z-er1787bdbf4z7qlhtz36upag40000000021g00000000daqw
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE917E26C56FA
x-ms-request-id
e0a42440-601e-0036-6d47-21d879000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
15406
date
Fri, 18 Oct 2024 10:22:45 GMT
content-type
image/x-icon
last-modified
Thu, 10 Oct 2024 10:39:57 GMT
x-ms-blob-type
BlockBlob
Primary Request authorize
login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/ 		154 KB
156 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Requested by
Host: junolayout.welcometotwind.io
URL: https://junolayout.welcometotwind.io/juno-layout-spa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c07b83cdb356e01c4e2567280900ad002b09a9f6c3539f7ea9837168a6070b00
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.azureedge.net *.welcometotwind.io; script-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io; img-src 'self' *.azureedge.net *.welcometotwind.io; style-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://welcometotwind.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
allow
OPTIONS TRACE GET HEAD POST
cache-control
no-cache
content-length
157187
content-security-policy
default-src 'self' *.azureedge.net *.welcometotwind.io; script-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io; img-src 'self' *.azureedge.net *.welcometotwind.io; style-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io;
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 10:22:46 GMT
expires
-1
public
OPTIONS,TRACE,GET,HEAD,POST
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
20241018T102246Z-er1787bdbf4gc6r9fn0nk9dk9g00000001tg000000012xp7
x-build
1.1.271.0
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-ms-gateway-requestid
4400cf33-ae71-4407-85f5-a6011eed9f3e
x-request-id
ff4ca10e-8c62-4396-ba3f-59d66f0a2dba
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
poppins-regular.ttf
file.tooltip.io/9b75ade5-d814-4d42-9b45-8b17fe7f6d22/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://file.tooltip.io/9b75ade5-d814-4d42-9b45-8b17fe7f6d22/poppins-regular.ttf
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://welcometotwind.io/

Response headers

content-encoding
gzip
etag
W/"093ee89be9ede30383f39a899c485a82"
access-control-allow-methods
GET
expires
Fri, 25 Oct 2024 10:22:46 GMT
x-cache
HIT
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
font/ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified
Tue, 09 Apr 2024 14:23:30 GMT
x-amz-id-2
oWxJpKh6NI3G+wpiTnlYQOlZMbCxvr0rYXzfDiiJ7EFKApn/Jcc6JHPdNAYgd0kGGQBqK/pVEDKfTYlGFyYHLYzbkxTEuLsa
link
<https://s3.amazonaws.com/signalayer-files/9b75ade5-d814-4d42-9b45-8b17fe7f6d22/poppins-regular.ttf>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
x-amz-request-id
JPMWXSX7397835GJ
access-control-allow-origin
*
server
keycdn
x-amz-server-side-encryption
AES256
poppins-semibold.ttf
file.tooltip.io/9b75ade5-d814-4d42-9b45-8b17fe7f6d22/ 		0
0
BrandonRegular.otf
cdn.tooltip.io/static/fonts/BrandonText/ 		0
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/fonts/BrandonText/BrandonRegular.otf
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://welcometotwind.io/

Response headers

content-encoding
gzip
etag
"544178604df8b22e082195f16679b078"
access-control-allow-methods
GET
expires
Fri, 25 Oct 2024 10:22:46 GMT
x-cache
HIT
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
font/otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified
Thu, 18 Aug 2022 13:05:49 GMT
x-amz-id-2
uEPTJh0sysICt+sOzbSZMw4PBx4QlxQoUoXVBCz7FRKBghU7kZPPtn71H0VFWIf/zRg/kGxV9+w=
link
<https://s3.amazonaws.com/tooltip-static-player/static/fonts/BrandonText/BrandonRegular.otf>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
x-amz-request-id
B0YA1ESZ3BCPTWVF
accept-ranges
bytes
access-control-allow-origin
*
content-length
42603
server
keycdn
BrandonMedium.otf
cdn.tooltip.io/static/fonts/BrandonText/ 		0
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/fonts/BrandonText/BrandonMedium.otf
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://welcometotwind.io/

Response headers

content-encoding
gzip
etag
"701f269b0005c71d4acd2159fcca3de8"
access-control-allow-methods
GET
expires
Fri, 25 Oct 2024 10:22:46 GMT
x-cache
HIT
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
font/otf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified
Thu, 18 Aug 2022 13:05:42 GMT
x-amz-id-2
5L4NPc70h37bFnFBJ8EHzrH6dEfNk/p1YqpjG5k/gFbYDo3/J78WuZHfbVjYjELh9qcK7RILTdg=
link
<https://s3.amazonaws.com/tooltip-static-player/static/fonts/BrandonText/BrandonMedium.otf>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
x-amz-request-id
B0Y1VVD997ENP76R
accept-ranges
bytes
access-control-allow-origin
*
content-length
44342
server
keycdn
sl-icon-2.ttf
cdn.tooltip.io/static/icons/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/icons/sl-icon-2.ttf
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://welcometotwind.io/

Response headers

content-encoding
gzip
etag
"1ecbd759eb285d3cef19f1f6b13a8070"
access-control-allow-methods
GET
expires
Fri, 25 Oct 2024 10:22:46 GMT
x-cache
HIT
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
font/ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified
Sun, 28 Apr 2019 16:04:05 GMT
x-amz-id-2
KQF1njjffMUEC2QXhY091Wz6Uw3hYAC+DTZ+BgonZ6AXFAaQ2/mcQ7EXDyxrnOb6k1BPzDRC2p4=
link
<https://s3.amazonaws.com/tooltip-static-player/static/icons/sl-icon-2.ttf>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
x-amz-request-id
NCAJ5HACN2AM4A0D
accept-ranges
bytes
access-control-allow-origin
*
content-length
713
server
keycdn
config_iframe.html
ctaima.freshchat.com/widget/ Frame E233 		0
0
collect
region1.google-analytics.com/g/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0
login.html
junoidentityassets.welcometotwind.io/templates/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://junoidentityassets.welcometotwind.io/templates/login.html
Requested by
Host: login.welcometotwind.io
URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be8e88c95dc5c26c6250e52e3a6ae4c9542c5a061d1d7ba65b75cbbacf27424c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.welcometotwind.io/

Response headers

content-md5
rdEzMPHG5326Jml9nn1/sg==
x-azure-ref
20241018T102246Z-166dfbc8549df49za9n26pa6zs00000001rg00000000upsg
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE9170767FC81
x-ms-request-id
bb4d31a6-f01e-0066-0f47-21b292000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
2167
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
text/html
last-modified
Thu, 10 Oct 2024 10:33:49 GMT
x-ms-blob-type
BlockBlob
logo.svg
junoassets.welcometotwind.io/images/layout/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://junoassets.welcometotwind.io/images/layout/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee2b0010ff59d3dbd9ed0ab351bacabe27edd4d32aaa4a78edc956721c9e7df7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.welcometotwind.io/

Response headers

content-md5
ZU3yts7t/kmrik4iCW3Bxw==
x-azure-ref
20241018T102246Z-er1787bdbf4z7qlhtz36upag40000000021g00000000dasg
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE917E26EA0A3
x-ms-request-id
e0a42577-601e-0036-0a47-21d879000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
5547
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2024 10:39:57 GMT
x-ms-blob-type
BlockBlob
style.css
junoidentityassets.welcometotwind.io/assets/ 		349 KB
349 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://junoidentityassets.welcometotwind.io/assets/style.css
Requested by
Host: login.welcometotwind.io
URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a15a6725421d8b5214479df77e5f8111332cb7af97262eb19f43d50c5cba0c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://login.welcometotwind.io
Referer
https://login.welcometotwind.io/

Response headers

content-md5
sSO+vvg7emDByTIMYFyziw==
x-azure-ref
20241018T102246Z-166dfbc8549df49za9n26pa6zs00000001rg00000000upsp
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE91712D936CE
x-ms-request-id
bb4d31b1-f01e-0066-1847-21b292000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
357030
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
text/css
last-modified
Thu, 10 Oct 2024 10:34:08 GMT
x-ms-blob-type
BlockBlob
favicon.ico
junoassets.welcometotwind.io/images/layout/ 		15 KB
214 B 		Other
General
Check archive.org
Download Go to
Full URL
https://junoassets.welcometotwind.io/images/layout/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6a55563e26356bc6b71ea8afffa6acd8c0d63162bd011d196b3f3e2f3f9b338

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.welcometotwind.io/

Response headers

content-md5
/W468f2SFKIKbJBqvyw3Lg==
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE917E26C56FA
x-ms-blob-type
BlockBlob
x-ms-request-id
ed6d3d68-d01e-007e-1747-21c54e000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
15406
date
Fri, 18 Oct 2024 10:22:46 GMT
x-azure-ref
20241018T102246Z-er1787bdbf4z7qlhtz36upag40000000021g00000000dask
content-type
image/x-icon
last-modified
Thu, 10 Oct 2024 10:39:57 GMT
script.common.js
junoidentityassets.welcometotwind.io/assets/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://junoidentityassets.welcometotwind.io/assets/script.common.js
Requested by
Host: login.welcometotwind.io
URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3231c0d0f83f7a8c6e0b0be3d93bd589d05ce3ab33d7c16a3da4c312178e70e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.welcometotwind.io/

Response headers

content-md5
NtJ1TJWyzRF01NxjM5cCKA==
x-azure-ref
20241018T102246Z-166dfbc85492dszl6r6w5sxxpw00000001r000000000w168
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE91712D5DBE8
x-ms-request-id
1a5d9291-601e-0064-3547-210c2a000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
8423
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 10:34:08 GMT
x-ms-blob-type
BlockBlob
script.login.js
junoidentityassets.welcometotwind.io/assets/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://junoidentityassets.welcometotwind.io/assets/script.login.js
Requested by
Host: login.welcometotwind.io
URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ebaa941675c3332cd032c36ada901985c46b3d857dd20aaa0f347c0220d6cf69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://login.welcometotwind.io/

Response headers

content-md5
XjPdjM9cMHYv5F4KWQZlFA==
x-azure-ref
20241018T102246Z-166dfbc85492dszl6r6w5sxxpw00000001r000000000w169
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE91712C93396
x-ms-request-id
6138176b-801e-0021-7447-21d9c9000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
5889
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 10:34:08 GMT
x-ms-blob-type
BlockBlob
perftrace
login.welcometotwind.io/junoprod.onmicrosoft.com/B2C_1A_signup_signin/client/ 		0
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.welcometotwind.io/junoprod.onmicrosoft.com/B2C_1A_signup_signin/client/perftrace?tx=StateProperties=eyJUSUQiOiJmZjRjYTEwZS04YzYyLTQzOTYtYmEzZi01OWQ2NmYwYTJkYmEifQ&p=B2C_1A_signup_signin
Requested by
Host: login.welcometotwind.io
URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.azureedge.net *.welcometotwind.io; script-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io; img-src 'self' *.azureedge.net *.welcometotwind.io; style-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-TOKEN
TVVab2JFaElPcU1NL3RzUm9YalBpUkVKMGVOVDF1cFRSTmdXSFlLVnA3RjZMOXZ6c0RsaU9rbWtLdkpyaFZKMjFYeVFxU1RlQmlIQXJxdFFvM1lLRWc9PTsyMDI0LTEwLTE4VDEwOjIyOjQ2LjIwNzUxMjVaO2krUHFncncrSzRVa1k2WmVNRzNablE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
Referer
https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json; charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'self' *.azureedge.net *.welcometotwind.io; script-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io; img-src 'self' *.azureedge.net *.welcometotwind.io; style-src 'self' 'unsafe-inline' *.azureedge.net *.welcometotwind.io;
cache-control
no-cache
x-ms-gateway-requestid
5634c541-13dd-4672-8905-a2f52049d45d
public
OPTIONS,TRACE,GET,HEAD,POST
x-content-type-options
nosniff
allow
OPTIONS, TRACE, GET, HEAD, POST
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 18 Oct 2024 10:22:46 GMT
x-xss-protection
1; mode=block
x-azure-ref
20241018T102246Z-er1787bdbf4gc6r9fn0nk9dk9g00000001tg000000012xq8
x-frame-options
DENY
background_image_over_1200.gif
junoidentityassets.welcometotwind.io/assets/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://junoidentityassets.welcometotwind.io/assets/images/background_image_over_1200.gif
Requested by
Host: junoidentityassets.welcometotwind.io
URL: https://junoidentityassets.welcometotwind.io/assets/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90e0c8aa41f866dfcb3dd8db408b3d18a3d62551d8f7d236bd0bb9467f9be340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://junoidentityassets.welcometotwind.io/assets/style.css

Response headers

content-md5
RdrUWqbr/v+jW7lHFjs6pg==
x-azure-ref
20241018T102246Z-166dfbc85492dszl6r6w5sxxpw00000001r000000000w16f
cache-control
no-cache
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCE91712D3443D
x-ms-request-id
d770e49e-301e-0056-2b47-210c5d000000
accept-ranges
bytes
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
25706
date
Fri, 18 Oct 2024 10:22:46 GMT
content-type
image/gif
last-modified
Thu, 10 Oct 2024 10:34:08 GMT
x-ms-blob-type
BlockBlob
truncated
/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
file.tooltip.io
URL
https://file.tooltip.io/9b75ade5-d814-4d42-9b45-8b17fe7f6d22/poppins-semibold.ttf
Domain
ctaima.freshchat.com
URL
https://ctaima.freshchat.com/widget/config_iframe.html?host=https://ctaima.freshchat.com&token=616864b3-e721-4db3-9c16-22e2ffc67961&origin=https://welcometotwind.io&widgetUuid=573103b5-f9b3-4fc5-823c-6a4e8086e2fd
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W6EKKZEV5E&gtm=45je4ah0v899052921za200zb898983844&_p=1729246964719&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823847&cid=278531177.1729246965&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729246965&sct=1&seg=0&dl=https%3A%2F%2Fwelcometotwind.io%2F%26scope%3D3Dopenid%26response_type%3D3Did_t%3D&dt=Twind&en=scroll&epn.percent_scrolled=90&_et=3&tfd=1994
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W6EKKZEV5E&gtm=45je4ah0v899052921za200zb898983844&_p=1729246964719&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823847&cid=278531177.1729246965&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1729246965&sct=1&seg=0&dl=https%3A%2F%2Fwelcometotwind.io%2F%26scope%3D3Dopenid%26response_type%3D3Did_t%3D&dt=Twind&en=user_engagement&_et=1187&tfd=1994
Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady string| language object| email object| pwd object| emailRequiredErr object| passwordRequiredErr object| emailsError function| getLanguage function| toggleRequiredPasswordFieldMessage function| toggleRequiredEmailFieldMessage function| setupLoginPage function| getContactLabel function| getContactLinkText function| checkForAdminRequest function| setupContactUs function| getFooterText function| setSignInPasswordField object| validationMessage

10 Cookies

Domain/Path Name / Value
.welcometotwind.io/ Name: _ga
Value: GA1.1.278531177.1729246965
welcometotwind.io/ Name: _sl_ping_marker
Value: initial
welcometotwind.io/ Name: _sl_session
Value: {%22firstVisit%22:1729246965590%2C%22lastVisit%22:1729246965590%2C%22number%22:1}
welcometotwind.io/ Name: _sl_session_beat
Value: current
welcometotwind.io/ Name: _slid
Value: 72f4d918-042b-42fb-a6c7-3aa85078882f
welcometotwind.io/ Name: _sl_analytics_visitor
Value: true
.login.welcometotwind.io/ Name: x-ms-cpim-csrf
Value: TVVab2JFaElPcU1NL3RzUm9YalBpUkVKMGVOVDF1cFRSTmdXSFlLVnA3RjZMOXZ6c0RsaU9rbWtLdkpyaFZKMjFYeVFxU1RlQmlIQXJxdFFvM1lLRWc9PTsyMDI0LTEwLTE4VDEwOjIyOjQ2LjIwNzUxMjVaO2krUHFncncrSzRVa1k2WmVNRzNablE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
.login.welcometotwind.io/ Name: x-ms-cpim-cache|dqfm_2kmlko6p1nwbwotug_0
Value: m1.IMl5lWb6SxhLPdP8.vFkL22WymQdLLpwcDCvhiQ==.0.Gb7/F8/wzWVQ8Oioo0F2vbrrE8Ob/iIZfOnnqVbTKGwt7nQQ2LUsTtP723KwUrnko6f79Q3jnMR6mk6IzjjkyaxV5Diq3YH2HD//JKGThAgtl32OTNKv/e5GPoy2R+laiDYNjsWwiboejeI7wDoPHiT8gm1b6Vmo6fuDHAcKo1PA6TJFEtsqnd7kasmFxuAgL/4JmPGa8++ed8ZgiorFXudeUzKZ/1vcXG0qH+J0InYjX2lsfeur5cxjn9ybB6weA7c99qZbuzOLCVUIKKOTfOtSqtcu/lOgr/G+50z+8B2x//bSmphXMKjmtZiYRnVbLXCyiDZuawehXVVw3eKdt4uyCj7/xnkLJj+0lf3Cy79MvhKj23Afpg2sPjhLGpHbvXRANIwIkv+plWNn+reeFerFzpa5TToPfyuMnMYxnVak7SHt6Aj5DUaBZt+1jyQPc7BSPmU8cr4Za4VINs1I7dsprLK9cL07rVWhCDXOUaErAgJN3hxo74yaXkBcKbc/7qF0m2P2Bun8r5PX5K8XSfnYSw8gPjZWm0UpABbgG9aymzyVN/KtrqrebKb9s5CDttiCPubIeEBa58gbOrCjl8R2V4ukn+y+6su8qJoPt1Et4Wz7hfhGouUJ1Sbu9OLRtm7xxInOSxG9uXTgCHtwcgbRN4etMA8VkeWPg9aj5hg1Due8kViuSICsIm5L18v1GQxTb5VnfIMD0w6+im+VJp1VQjbtog8OVo9zpDPl9E7Zu+TQTEQoPFtFZUNQJfwGgb5vq2uz1NMtpfbFI1QzI69wPDvnikUR+wPVAuNylJnLdD+Rb36PzrH3wTjtEEmQejTqgtu/ogWl/3aUhQBFsWtv6JDMwqaP36zjZxxKm8O2FRnt8lnclm8mqIsp94g72sq/zoBaGvqwCSp5BsCzN3xarY6SKLQVl8fW0Jal6a4WyOqVpkl5J+QRHQhZDWDLgJGd9DUjUJQqVXD7R+oPGaUW3GPvYzBmSgSlhKEPChjz+LhlRkJGUnA38HmQZ/s=
.login.welcometotwind.io/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImZmNGNhMTBlLThjNjItNDM5Ni1iYTNmLTU5ZDY2ZjBhMmRiYSIsIlQiOiJqdW5vcHJvZC5vbm1pY3Jvc29mdC5jb20iLCJQIjoiYjJjXzFhX3NpZ251cF9zaWduaW4iLCJDIjoiYjJhMDhjMmQtOTJiOC00OGM2LThmZWYtYjczNThhMTEwNDk2IiwiUyI6MSwiTSI6e30sIkQiOjAsIkUiOiIifV0sIkNfSUQiOiJmZjRjYTEwZS04YzYyLTQzOTYtYmEzZi01OWQ2NmYwYTJkYmEifQ==
.welcometotwind.io/ Name: _ga_W6EKKZEV5E
Value: GS1.1.1729246965.1.0.1729246966.0.0.0

4 Console Messages

Source Level URL
Text
network error URL: https://welcometotwind.io/&scope=3Dopenid&response_type=3Did_t=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D(Line 7)
Message:
Refused to load the image 'data:;base64,iVBORw0KGgo=' because it violates the following Content Security Policy directive: "img-src 'self' *.azureedge.net *.welcometotwind.io".
recommendation verbose URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o
security error URL: https://login.welcometotwind.io/junoprod.onmicrosoft.com/b2c_1a_signup_signin/oauth2/v2.0/authorize?client_id=b2a08c2d-92b8-48c6-8fef-b7358a110496&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwelcometotwind.io%2F&client-request-id=382aa79e-f8a6-4689-9b3c-36041e703155&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.38.0&client_info=1&code_challenge=ASrM_9A5gclmmAWhuF0qVnrWbOUjmscmw5TSsj_w2B4&code_challenge_method=S256&nonce=91fc0913-391e-4c44-8b5b-81306421a891&state=eyJpZCI6Ijk5NDY5MzE1LWY1NzgtNDI3MC04M2Y0LWMwYzg0NTU5OTE4NSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D
Message:
Refused to load the image 'data:image/svg+xml,%3C%3Fxml version='1.0' standalone='no'%3F%3E%3Csvg xmlns='http://www.w3.org/2000/svg' class='icon' fill='%23d9d9d9' viewBox='0 0 1024 1024'%3E%3Cpath d='M942.2 486.2C847.4 286.5 704.1 186 512 186c-192.2 0-335.4 100.5-430.2 300.3a60.3 60.3 0 0 0 0 51.5C176.6 737.5 319.9 838 512 838c192.2 0 335.4-100.5 430.2-300.3 7.7-16.2 7.7-35 0-51.5zM512 766c-161.3 0-279.4-81.8-362.7-254C232.6 339.8 350.7 258 512 258c161.3 0 279.4 81.8 362.7 254C791.5 684.2 673.4 766 512 766zm-4-430c-97.2 0-176 78.8-176 176s78.8 176 176 176 176-78.8 176-176-78.8-176-176-176zm0 288c-61.9 0-112-50.1-112-112s50.1-112 112-112 112 50.1 112 112-50.1 112-112 112z'/%3E%3C/svg%3E' because it violates the following Content Security Policy directive: "img-src 'self' *.azureedge.net *.welcometotwind.io".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn.jsdelivr.net
cdn.tooltip.io
ctaima.freshchat.com
data.tooltip.io
file.tooltip.io
fonts.googleapis.com
fonts.gstatic.com
junoassets.welcometotwind.io
junoidentityassets.welcometotwind.io
junolayout.welcometotwind.io
junotranslations.welcometotwind.io
login.welcometotwind.io
pp.signalayer.com
region1.google-analytics.com
t.signalayer.com
truncated
welcometotwind.io
www.googletagmanager.com
ctaima.freshchat.com
file.tooltip.io
region1.google-analytics.com
truncated
104.26.12.205
107.23.214.99
13.107.253.44
13.248.221.98
142.250.186.35
151.101.1.229
2001:4860:4802:34::36
2600:9000:223d:1c00:6:36e8:9f00:93a1
2620:1ec:29:1::72
2a00:1450:4001:80e::2008
2a00:1450:4001:82a::200a
2a04:4e42:200::485
2a0b:4d07:102::1
34.236.69.154
0d4fb1b44c663281b646f71734a9655cb49ae083857eb7cc704c5fadfd2b47a9
19d5b1bec5e0f88ebec1b4ae27b0b714c294dee028e0f043e083468593407b30
265537dc00da654dac5089e451d1b34c7c67317a60e52d4598c192d01fd99ed5
35f4f974f4b2bcd44da73963347f8952e341f83909e4498227d4e26b98f66f0d
44af6d3dc8962e55b2bc4c992487ace92bf22987300f295d12260a87055ab5fe
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587bbee639da5a2f097ba99b12ffd33e10a64378b29624945b8ab3a5514d5107
7906a1b881f73e4d8b7c4fd58ec22cc2e53fe59a032d3f73fd8545129d9d3bca
8369f9b10aae15c97291741af760c73d89f1dc7d136d9a316e3236944b12e42d
8fcc8028acd82b28ee2a5787a10a60f28956a62af5e0963f9d3e7c92f009ec46
90e0c8aa41f866dfcb3dd8db408b3d18a3d62551d8f7d236bd0bb9467f9be340
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9a15a6725421d8b5214479df77e5f8111332cb7af97262eb19f43d50c5cba0c6
a6d316f1424488a5aa6cf8ef8061de46d6ff752da2cfe923fd885ca2a54964bf
aba5741b71e1c7035ddc4b13506ad94c5f2ae5c47274a70f9239fdee673166a6
ae1a9439449ab0f9b59db469f863677f8f58f3d02f371ac2d31be7e3e9be6f09
b11201e3ebb002fcd9ae537ca24656ec64310a695a6e399496cb612f392bc462
b6a55563e26356bc6b71ea8afffa6acd8c0d63162bd011d196b3f3e2f3f9b338
be4a6735e52ba75cb43c317ce38441bc1f65c7f086b576fc628a2138f105365c
be8e88c95dc5c26c6250e52e3a6ae4c9542c5a061d1d7ba65b75cbbacf27424c
c07b83cdb356e01c4e2567280900ad002b09a9f6c3539f7ea9837168a6070b00
c3231c0d0f83f7a8c6e0b0be3d93bd589d05ce3ab33d7c16a3da4c312178e70e
c49a1a1edfaeb46b9130dcc6163a7627226e6b58170f58c841a140ac53a520e2
c9da46ab6cdb45e5d58bc924bbaace235e044f0c0e2c7a78bb654093bfaec24d
d1252b23b5ba7cd633182ea88889403fbaa292ba571ff676844e75a512cbb604
d949f1c3687aedadcedac85261865f29b17cd273997e7f6b2bfc53b2f9d4c4dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebaa941675c3332cd032c36ada901985c46b3d857dd20aaa0f347c0220d6cf69
ec4c211f36e66ea5896e63cbb201bfd29ef6dfc99b4377f935a34b18e68d51aa
ee2b0010ff59d3dbd9ed0ab351bacabe27edd4d32aaa4a78edc956721c9e7df7
f17be6f74cef541e724a1d77c39936690b40d220a10c7a323a9f4d773a5b16cb
f8599e62f34901875b33830cf94eb37805b9db896ab735663341c793e9c8ea27
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
fda24b7112d59c7417df5bd735ebc7c4bf22c68fc6403497f35dd5245ef04371