windoesmylifebetter.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cee Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://windoesmylifebetter.pages.dev/
Effective URL:
https://windoesmylifebetter.pages.dev/
Submission: On September 12 via automatic, source openphish (September 12th 2024, 1:06:35 pm UTC) — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 57 HTTP transactions. The main IP is 2606:4700:310c::ac42:2cee, located in United States and belongs to CLOUDFLARENET, US. The main domain is windoesmylifebetter.pages.dev.
TLS certificate: Issued by WE1 on August 2nd 2024. Valid for: 3 months.

This is the only time windoesmylifebetter.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:310... 2606:4700:310c::ac42:2cee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
24	2606:4700:10:... 2606:4700:10::6816:2c8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:f0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	7

28 2606:4700:310c::ac42:2cee (United States)

ASN13335 (CLOUDFLARENET, US)

windoesmylifebetter.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:10::6816:2c8e (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:f0e (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	pages.dev windoesmylifebetter.pages.dev	764 KB
25	tawk.to embed.tawk.to — Cisco Umbrella Rank: 12323 va.tawk.to — Cisco Umbrella Rank: 12027	261 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	41 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	66 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	3 KB
57	6

	Domain	Requested by
28	windoesmylifebetter.pages.dev	windoesmylifebetter.pages.dev
20	embed.tawk.to	windoesmylifebetter.pages.dev embed.tawk.to
5	va.tawk.to	embed.tawk.to
1	cdn.jsdelivr.net	embed.tawk.to
1	maxcdn.bootstrapcdn.com	windoesmylifebetter.pages.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	windoesmylifebetter.pages.dev
57	7

This site contains no links.

Subject Issuer	Validity	Valid
windoesmylifebetter.pages.dev WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
tawk.to WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://windoesmylifebetter.pages.dev/
Frame ID: 2AF9F7F185F396DF70A1C05538EFF843
Requests: 51 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66d916256f5/css/min-widget.css
Frame ID: EEAB75F9EB462A6B0E319E3F48525789
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66d916256f5/css/bubble-widget.css
Frame ID: CE717566F03D8502823DC50F83A1EF57
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66d916256f5/css/message-preview.css
Frame ID: 5AB61548247EF4380D3F41289B97F268
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66d916256f5/css/max-widget.css
Frame ID: 7E2FF738E823FB7CFD31900EE170366C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://windoesmylifebetter.pages.dev/ HTTP 307
https://windoesmylifebetter.pages.dev/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

57
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1182 kB
Transfer

2708 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://windoesmylifebetter.pages.dev/ HTTP 307
https://windoesmylifebetter.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
windoesmylifebetter.pages.dev/
Redirect Chain

http://windoesmylifebetter.pages.dev/
https://windoesmylifebetter.pages.dev/

39 KB
7 KB

252ms
109ms

Document
text/html

2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d637004fb7f2846e291e30f250560ef17bbd31b0e150e20d8362fb9704935f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d273d469a39-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 12 Sep 2024 13:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2F%2B3YXcAZ0LBzrd1rR9Os6eNkKBc59g8vlKDmw95vQe4WMmzWuXsIrrJ6QKgiy5DHiixcM0N5SSKLaW4aPe3O8VaatH2vzGogTwnBbtMIU0fr3i2CBAQ2%2F0l9VrTpnxz0tNfRLSYxdFcMKXi6fARErM2Ov1ze4ZBe9MEVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://windoesmylifebetter.pages.dev/
Non-Authoritative-Reason: HSTS

GET
H3 200 sLVo10NS.css
windoesmylifebetter.pages.dev/ 205 KB
28 KB 96ms
90ms Stylesheet
text/css 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/sLVo10NS.css

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10a99594267aa4bd3ea83586bbc93bea00f127ac756526763bdf856b437e413c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5cc47bb9cc790ea5549e98516d386279"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6u2JYV6Ft3Bl1CJkdMuMIak07Sr9ikRfrFpNB2Ofeqq3yue0KZHMY3tvYMu5WvngeVbmDjfttPrBvZcyBnnnTrQV7GVFNofzrQ47M%2FWhnDSClL7n90w80Rki3hYvNSkuJkctTd9bMhwyv8iLJ8L6RprdEk0vNsSRyr8hlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28ae7a9a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 68 KB
3 KB 174ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0dcf73b3ae74451091df71905883cc4e32d18ab16c3b36d552fc79bddec1be1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Sep 2024 11:10:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Sep 2024 13:06:17 GMT

GET
H3 200 oHXuIB1u.js Show response
windoesmylifebetter.pages.dev/ 84 KB
31 KB 118ms
114ms Script
application/javascript 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/oHXuIB1u.js

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ea34e325270be1c2d8c0d34c46871195"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTgd0KGXhotRX%2BBYqCIQeaw67zQ9bO%2F21YbtSpqzB8nj%2FNBz3FNE0Ygm8d85vb7ekdTIjt6hm0sGCNpG3PRe2K0HVYtzWcGnvCkw2FCVPitaeZK6iB5x0y7RLEGgD4sSHMSs0Drd2v3njIGZFIAyL6xpG%2Fb6qA4ryMPGrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28ae7d9a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 nQmUMRFX.css
windoesmylifebetter.pages.dev/ 20 KB
5 KB 126ms
121ms Stylesheet
text/css 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/nQmUMRFX.css

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbe69047f5509a4554e3e07b866caf3a106a3bc134c7ae78a7cd6d72cdd1339c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ac7221d6fc59b153b93c26f8f3f5de7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=we55xx6DSuUX53QSg6hF44J3p8zb%2F7QN8S%2Bs6EuixU4us%2BuELJvYGu%2Bkpdm%2B4MMS%2BHZq9FF8v2CjOmEF%2BYo4p2GI7eVg9DMTIlx%2BjE1%2FutN%2B6Pjd4Lc5LoetnVDpo0l7wwvTvNENN2Mb9Cv4VT8ITrAh3MMUIQLAx%2FHdbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28ae7f9a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 iOxCQ6mZ.css
windoesmylifebetter.pages.dev/ 27 KB
7 KB 87ms
83ms Stylesheet
text/css 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/iOxCQ6mZ.css

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1782a8e7e3ff0043f0b4312520e07f8477299e2ac89a11ec473f847c1bc3dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"940c23a36501493f0aef2b2b6ba3b962"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LsRmHdNbxKtjoNv4L2ABtbBpf%2FNi%2BXMq%2Bv%2BQPHHfTLIRWptmK9vNlesVkz6ojR8f5RyKVw7%2BggKdVSGCw3bDiNUAY0q7hX0yy8emYNoaqDZ5kq4IyIRRZNaGOEW68B%2FDmyUZJc94qJNWZS2qzMi%2B8zsovhunvmKqWwBY1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28ae839a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 xrtyQHXq.css
windoesmylifebetter.pages.dev/ 9 KB
2 KB 88ms
83ms Stylesheet
text/css 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/xrtyQHXq.css

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13a7e271b425c02455dfb3c68e89d7dcbc235611554376207e6e069109febb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"07666f45ae1eb5575cd659229570dad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QC2CZR2FyAUpjiJjAjBSKwthVhpLJ5yE8uc1FnlYGdsVnE4D6CTHQOFAcWOLjRWQ3FblKYjW7LsqfbmyIYgv6aCL5LXwW3Xu1QG1rXFn6M8fzm1f89u%2FPSy473j8P0TNvbOSH760KQXMZ3MuJy40zLz0BrGfwRiV0lTx9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28ae859a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 3Jwzo9Ls.jpg
windoesmylifebetter.pages.dev/ 542 KB
542 KB 125ms
120ms Image
image/jpeg 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/3Jwzo9Ls.jpg

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf941154983c1fa3e814b5080da22a414b0468bd3927bf6cb38b5b37303fe978

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2bc8e8a8f242a4c369dadd4b9a3bd979"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgbVgZOXYwZwgbggl54%2FE%2FfYUiwglO%2Fp1jfOr4SO39KgQClVr%2F02SVTvjP6HQIwndPpGkAFnF1fVhdAO27rW6ttsk9c9rePmCQMAF%2FrExdd16WQdnviiQTdPMB5XsHCScP3qwfXSEE%2BpzESGzDysi28siTmE1CxDYq4CNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28ae879a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 554571

GET
H3 200 yQKzOtTz.png
windoesmylifebetter.pages.dev/ 1 KB
2 KB 94ms
89ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/yQKzOtTz.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfcc16fd49167f62d2acb07ed991fb0535f5ca863c5c15cfa20cfd76c1b1cfbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31491e3dc46f0ef28d4b058ecee03490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylkExBZrDVn8N%2FIDCCPwSJU%2Bgs%2F0VGPhSuDTXOeGwST1Wu67%2FkGa%2BRVbHvoTV3Di%2B4r8%2FcnNlXzfFBY08%2FbB1qkf3QWY2kyU%2BLpY2UnfYxJORzEMVz8VJV0wvUggLJlcpFkDmP2Wi%2BcN%2BVCi%2Ft%2FcRxQilBTplqmeZqsYaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28ae899a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1443

GET
H3 200 DZTbLR6E.png
windoesmylifebetter.pages.dev/ 1 KB
2 KB 165ms
148ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/DZTbLR6E.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "784ab5e987249ef1422816edc26a250f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4IqRUyOQTUK38WXczOAUe5gctji22is7EpzhhNn4yzeSpiDJFb%2Fzl2Jd6JtgtCPtN5Ll2TJsNf3kd%2BkgR0h0iJn2cQoIuRYnvl44SpZ1hJsNscH%2B5IGKwvV7tM%2F1rSEMpBls1PPV9NobTKWqZtmudtiKrXtphzppstccg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eeab9a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1045

GET
H3 200 4s97PQyN.png
windoesmylifebetter.pages.dev/ 364 B
863 B 166ms
149ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/4s97PQyN.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ee63d8b934f54cf7e606ebae2b4bfcf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyi9Ec%2FEQP6jbcgEFxYeFzFiG6abuBCi0Bmhi3uf%2BETpc1gwqOt8jG5lbOMieQPOzk9p4p6DVsgzmHBrrY8hYo5cBomrhC9E3O5iAc6n2AI0xUxDc9Z3ya1zaY2MPGEftY09o3B7Bs6aQfkmS%2Fs3fijTjpfYtBqyewgc7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eead9a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 364

GET
H3 200 KxZw5CCu.png
windoesmylifebetter.pages.dev/ 349 B
861 B 195ms
180ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/KxZw5CCu.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0d6dd742fc1124fe244e6f4f212155f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jV3QyyX6WGHP96xKIHM%2BlSdbT%2FY8R0M2VVRn1tF9TdRJSk8IVduIQ1XU6m%2F39uK%2FuJLfrj0iccLWEtmVgkV2BARgwc%2FbXTAWfpvAVtzHmqEXQ%2B1n48znAqQI1P%2FK62YSotDegOzL%2FbW6i3wi%2Bu53WugwMQjizVbo%2BnE8dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eebb9a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 349

GET
H3 200 EBiJbF8b.png
windoesmylifebetter.pages.dev/ 25 KB
26 KB 195ms
181ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/EBiJbF8b.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cbc9ed14fa29655a591dc055c3db0f03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swg1bJBLU3HFJ0WSfP52hiF5uvFkgk7YfTGVz6Hgl4kqtMjYsd0lCjoUezfGLQ1pdVuxBLkwYdn6wdSzH5ztswlfuwM%2BGTmjO5r3XgVSksGXTIMPB%2BFu%2Bvz%2BG8ADxmgJnDAJ9HPb9reifDdFBJCXkb7hn5QSDI48KBjG2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eebd9a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25871

GET
H3 200 d7eiLLE4.png
windoesmylifebetter.pages.dev/ 1 KB
2 KB 218ms
204ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/d7eiLLE4.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f6cd0d4d62c919557f2ec23a8780264"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3EXzpakTtvAGjgeyfrpr6b4Fi9QOSDnCz9cepH6OyUBWVvpztKVXIG3ZTxGlgb6MwXphWTMbLStqoBszL25ROHuKRhCM9r2SL0NZDDQhyYLsyYE1GkEEAPM8fCgDEFWT0bOP%2B0DjoNTe8Gg3ABrvB3XD4rsPEatiNJE2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eebe9a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1108

GET
H3 200 tR7rVUoo.png
windoesmylifebetter.pages.dev/ 5 KB
5 KB 219ms
206ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/tR7rVUoo.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b60af58af358bbff1b64cbb0cae96f72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=54E0WW5WknpkLNTf9JDVtZGpj4H0RdyKJiEKE%2B6zLR4GBA5HM9D4FHqdij3psu4BlpVhqX00mN%2Fw1T5sLIjsy4rDxX0uetCVPRPwJgwDgU%2BhAdAqSZOXEfblN%2B%2BMR3mxqjybL8rWd0VONfGvMxspyAoCf8XniMQSd%2FGlcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eebf9a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4949

GET
H3 200 virus-images.png
windoesmylifebetter.pages.dev/ 33 KB
33 KB 215ms
207ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/virus-images.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870e9d768ba46521935ced4cee560acfbb4f12370e5476dc6a2a45f0141a8392

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b829b08b1fc77670b9955db66c1ff0a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6c97IvwI%2Byu9XMlMYGZS6LYJ%2FbbkBK4c%2BFLW6SbbhXXzFwhSVJswrYXsxoLy5Ib801WkpeOyYgOG56g1s7%2F83gSiWMqNcdwoYQk6w8P37XR0nOwDEc28nXjPAv88U56kk%2FY68CsW42IM4UniFNB%2FY19pUyBcxTzqLgidw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eec09a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33366

GET
H3 200 f3oof6R7.png
windoesmylifebetter.pages.dev/ 2 KB
3 KB 204ms
195ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/f3oof6R7.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67ff91ca43e4546132cde5d9ff94d26317b45dabbc913a8839d45270f9958f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6858043d480b28a4fdfb63baa28dd71e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVgmAEhHnzq0wJFjzK2btlo47LuoJzzN9Np2CGgMdoctX7L7ZZgyfThaXh1oOfgMCVYLL9qiR22zkSjAQvG8UWSpbRogLatKo9HUIA%2FY%2BgjanRNzpikHwJxyIwmFwoPsrI3lU6ltcbl8slsKZ5LZqpz20JlbiVhAzUlqVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eec19a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2499

GET
H3 200 FLmKLHAK.png
windoesmylifebetter.pages.dev/ 8 KB
9 KB 206ms
198ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/FLmKLHAK.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9b19e2154cfb3d7d1bbe75ab1d199099"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xEqpRx9ySXOHz55wNX%2FAdg5A9AeZw3XV6313MZ9D9rzKa9%2FFXQkZVNQ0Hm4FNR3zHuYR7%2FltbYtdkB0ejUatjKPaFRCDIafsl5U%2FZjiK8umJmpi4zD3GkOZiYFsF8hw0%2F%2FxWkARn1ChfG6o5oPKN93Xrf%2BriMxjP2Kkzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eec49a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8350

GET
H3 200 c3xwoEtl.png
windoesmylifebetter.pages.dev/ 12 KB
13 KB 195ms
187ms Image
image/png 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://windoesmylifebetter.pages.dev/c3xwoEtl.png

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a98d9b3734d7ef3ec1b562873c4cd212b86420e4e569b17a5414ab74c808581

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eb41a3bade1647262a8963cc1460251b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utJV64SdvDGJoKJN520pRYhi896KSO5ILlEInrFi92fo%2B6NiZDpKMdBZ1Pxr0NbrUmfA063R581HhX35zPIO91cv5FNu31%2BFhLxtL3CjiEVXhMnE3DmWyL%2FUFOLmNRZwsu7ehArDg5WrsbnzFMswR1sDdoRxGlycJ9UdQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eec89a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12436

GET
H3 200 Hx12ltjV.js Show response
windoesmylifebetter.pages.dev/ 11 KB
5 KB 166ms
150ms Script
application/javascript 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/Hx12ltjV.js

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"093fd854820014b019abb56df86b8c52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTtn%2BMijPH8dt5zF3hOwTpHUpo2PeNv6rVUIRQ3DSbFYxvn1uTR11zbNxGaywgZuFlB0QT4tD3rldrlFW9Bv8MYRQjf9zOmIHolLX%2F9uy4C2VCcHLGNmqBQxf4sfHUBYZ%2Fd4yQWC%2B6mxrPgiYquYUh6EhHiJ2NStxEsqww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eeaf9a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 BMmu5lH1.js Show response
windoesmylifebetter.pages.dev/ 82 KB
23 KB 166ms
150ms Script
application/javascript 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/BMmu5lH1.js

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4f31336b52b18c91e3052341d85138e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZz2dBpUzzLV%2F%2Bx7SOSUzUSv52R4z8GjAWP0yvbnh%2FucIG9nKPp51O7%2FXyO0%2FLGXdIk05Wv0VW8yzhk8BdhOf9pNXKEIve8jw3CB5zcn62TzBNsfJWlubsTdVkrZQR7CWDtieBusgx7Mxve%2BBIfz%2B1YRcIamlOyU%2B0eVmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eeb19a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 8kRMAoSZ.js Show response
windoesmylifebetter.pages.dev/ 245 B
638 B 184ms
167ms Script
application/javascript 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/8kRMAoSZ.js

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"970171d0b5647b73e4f0ab08c9b3d82a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqEOiweZsk%2BLTNKMVuW9I7y33dZRhVtgnJSsTNAeT2n5TL3H8VzOBb9jRBHFBWLSAjN0ON9VEt4jy%2Bx5pI5pq1k4HSbCgfkCLPTTNDz%2F382kwsgs45xySb0KAI3qlQipmlsBRRs0dpQOZWCWIXZXFm62z27qvw4EHrwyCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eeb29a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 8lCuzo7o.js Show response
windoesmylifebetter.pages.dev/ 366 B
693 B 193ms
177ms Script
application/javascript 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/8lCuzo7o.js

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"026063519afe3b7556ecd042295feae5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vzCKvxQdDBSOB%2FG1YPmERJUW2LGszhdVAIPPCybVOKT2%2F%2BCfdDIzCP0U9%2FTtrssiGbDEQA67sdBWkMMI1ahR74sLAcEDfaLDmrYEddbMO3WJoswarSq81HUxZRhjcxIlls8%2BpOkDAvkNxE4oBl3Kcg1eN06POWrI3Rzgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eeb59a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 2L5BwoLL.js Show response
windoesmylifebetter.pages.dev/ 2 KB
939 B 194ms
179ms Script
application/javascript 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/2L5BwoLL.js

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2914ee6a156ff3961c550cb5046423ca7080ac31d6378cfa264fe09e66d797aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"28d4ff99a81484ec2c4aefdaecbfad0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwNndVkQHXMJq1rk%2F2WiMRQ7Q%2BsofubYfdg8ytBA6BsYubJ8OkfMVqovqJ6AbjQ2eaUj41Xd8DTmXD%2BHv6GI%2FMSg%2FjtOG8mTVa9VQGPMVBU5x6SqOoTePpgJiDfS0Nt%2BkXdb1QTL0HhQElQCBorQ63kkLUQMzXPxVqTc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eeb69a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 4ardC69D.js Show response
windoesmylifebetter.pages.dev/ 503 B
729 B 195ms
180ms Script
application/javascript 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/4ardC69D.js

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"57ba525bb338c70835d5893885a8a80a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvUquqAlBW8pJl6RXcYXWDGD9ilSzclvmssTnet65yOx9dT7tV0FWb9feU6x6Xp5wahZ11ydGfTlGwn7SWj9PY9393V3JDbbgMDmnrY2mF5Is6n3rqVKRbkKz1n%2FSX8%2BZ2pyh1murzs6w685IPDQqPMdet0lBZWoXcJmyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d28eeb99a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 C2kHshoQ.mp3
windoesmylifebetter.pages.dev/ 96 KB
0 54ms
53ms Media
audio/mpeg 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/C2kHshoQ.mp3

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "46123800e269631384af04823e2e7901"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSeA4i6P%2BWJ76JCPySRbdq9cloX9MMjGbZPG5zVjoaL6VSJOWsXgiHg3LjlImvolF3gFHxbgrDf1K8J9MqPoHoU52WAx7HbiD%2FLUohuzGrKpSphhjNxTX3kSM8l53ZmjIsaKJllJNx%2Ft8LqFuYnRPIn4gzfh2w7nVjMwpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cf-ray: 8c201d2ad8469a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 98473

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 87ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 00:52:45 GMT
x-content-type-options: nosniff
age: 476012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 00:52:45 GMT

GET
H3 200 1hqpmeohl Show response
embed.tawk.to/661141601ec1082f04df7dc5/ 2 KB
970 B 407ms
376ms Script
application/x-javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/661141601ec1082f04df7dc5/1hqpmeohl

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae42df6f00451301cc3690e5373b25fd47e698824390fca04cf16a52a99284db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v4-66d916256f5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8c201d2b9d7f3aa2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 oejDcsjx.mp3
windoesmylifebetter.pages.dev/ 8 KB
9 KB 101ms
89ms Media
audio/mpeg 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/oejDcsjx.mp3

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5cf7987f8eda377da9ce7bb1aed3144eccc244cac88c225d3c3d2f7a1226494

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e39de85f235ca7fbbdaf874082f803ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSFYZjUrKQX9d0Jk%2BNsIslIq4F66ufpMstxhyMMaSj3Okej8VFy7sHqNxPFYBctO6FF4D%2B%2FkWAVWal4JeaFJF3SbPDSaJz4xecp7sDJduczj6CpMzqFPsLwAnmqekgizoExTEN3puzlEwwa25KEIaM19nZC7FIaJJC8NZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cf-ray: 8c201d2bb95d9a39-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8650

GET
H3 206
Partial Content C2kHshoQ.mp3
windoesmylifebetter.pages.dev/ 96 KB
0 150ms
137ms Media
audio/mpeg 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/C2kHshoQ.mp3

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 12 Sep 2024 13:06:17 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "46123800e269631384af04823e2e7901"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RckyagcyJBTz6qzZGY0ZgePFIVKlvhHXaZlirR8RbPOtpdX%2FBK%2Fk4CIqfXKt3PkMoedMTfaoH3n%2BpCGO%2F3RCnwdcVmDjhde6uwm0TOh518kCkLxe4r6mx5DSzrxo3OknqICFaerGFDTc4pmW2shgvBXC9I2Aktv8hz1Uag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
Content-Range: bytes 0-98472/98473
cf-ray: 8c201d2bb95f9a39-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 98473

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 121 B
341 B 190ms
149ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/661141601ec1082f04df7dc5/1hqpmeohl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d2f5a263aa2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 81 KB
32 KB 289ms
248ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/661141601ec1082f04df7dc5/1hqpmeohl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d2f5a2b3aa2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 212 KB
71 KB 309ms
268ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/661141601ec1082f04df7dc5/1hqpmeohl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"77a40166698f808a0942865537165b0f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d2f5a2f3aa2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 223 KB
63 KB 324ms
284ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/661141601ec1082f04df7dc5/1hqpmeohl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276b503567acd206fca8738419afb1a5c5c31d70205499c0b9a32239289529e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"d08418d7c591fb5f41409cea8b3f1c07"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d2f5a333aa2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 2 KB
1 KB 190ms
149ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/661141601ec1082f04df7dc5/1hqpmeohl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a42c7e96aafecb9b712cf133c31dc10c22c4fa79b2f32209e8011662273f4284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"41f45e1e121b68454341e33c85483c11"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d2f5a353aa2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 151 B
366 B 157ms
150ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/661141601ec1082f04df7dc5/1hqpmeohl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d2f5a363aa2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
windoesmylifebetter.pages.dev/ 39 KB
7 KB 112ms
106ms Other
text/html 2606:4700:310c::ac42:2cee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://windoesmylifebetter.pages.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d637004fb7f2846e291e30f250560ef17bbd31b0e150e20d8362fb9704935f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dh1y%2F%2B2hMxmke4IFqpsHt%2FDn9JhvyhHd4LAdtbwscQwTPwcF3J5McAT7Eth%2Bq4Toq76YOd%2F6DKP3NjjSTvwVfbEf6pAjSXusFexXhrV692thmP9Xb83zzuRwuNpdylQrWywwgv%2BuP7Hpwfb4XehvVlmfTTo4ybIQZfSegA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8c201d2facca9a39-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 377ms
367ms Fetch
application/json 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=661141601ec1082f04df7dc5&widgetId=1hqpmeohl&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18c752caa749e9cbac0ac0c5b7e5149ff54a7d0aaac4576d0a90a19ec3198cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-bfjq
server: cloudflare
etag: W/"2-4-0"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
vary: Accept-Encoding
cf-ray: 8c201d342ff33aa2-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 579ms
298ms Fetch
application/json 2606:4700:10::ac43:f0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:f0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da4637c07df0fc3bcbbb3c2c411c458b08af956c66cf1d57ad364db48237d746

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-c0jz
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://windoesmylifebetter.pages.dev
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8c201d36ccfdd361-FRA
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 133ms
132ms Preflight
text/html 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://windoesmylifebetter.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://windoesmylifebetter.pages.dev
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8c201d343ffe3aa2-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 12 Sep 2024 13:06:19 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-6zp9

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/languages/ 17 KB
5 KB 42ms
27ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b048a94a13087fea28ca2dfe0ac3125b59bee2ce84829943918114045c707d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 642213
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"1e587fa30ae5bd661c7a0887bb95b40a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d367833d364-FRA

GET
H3 200 twk-chunk-bf24a88e.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 10 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-bf24a88e.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 642216
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"c96127c9a0429d69fecbeb73fd410443"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfaad364-FRA

GET
H3 200 twk-chunk-71978bb6.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 18 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-71978bb6.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

917c738d6dee0d2d9a693554eadc86e36f0fa46176f03acaf27d3225232fad0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 642216
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"5cd0daead4a2fc66c7c1094d0e6be157"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfb3d364-FRA

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 11 KB
4 KB 55ms
55ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7065e0118d3b1cab0599b850fade765885079f17609163d0afcf78a82d90721

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 642174
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"365deac0ba718cc41576bb47271f6d97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfbcd364-FRA

GET
H3 200 twk-chunk-7c2f6ba4.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 5 KB
2 KB 56ms
55ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-7c2f6ba4.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 642216
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"977b0aa25f349861d14d837b480e5615"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfc0d364-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 20 KB
6 KB 18ms
18ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1691e6178177d92aa7c946d0da17b41106711b49d2f41ad214eddf254c44284

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 642216
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"aa3a42579b4365e4d010bac179989d07"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfc6d364-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 906 B
662 B 44ms
44ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 642216
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfcbd364-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 535 B
574 B 44ms
44ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 642216
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfd2d364-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/66d916256f5/js/ 119 KB
30 KB 44ms
43ms Script
application/javascript 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247a936be98e5214d74c6c8049b909a41bcb713b7f95f22773cc17d1371cfcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 642216
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 05 Sep 2024 02:24:11 GMT
server: cloudflare
etag: W/"edc384f15920007add95584e9d6f6342"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d38cfd6d364-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/66d916256f5/css/ Frame EEAB 24 KB
5 KB 21ms
21ms Stylesheet
text/css 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 642215
cf-polished: origSize=24809
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 05 Sep 2024 02:24:10 GMT
server: cloudflare
etag: W/"2d7f176b563b25833791f4844819b5ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d39ebafd364-FRA

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/66d916256f5/css/ Frame CE71 13 KB
3 KB 19ms
19ms Stylesheet
text/css 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 642200
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 05 Sep 2024 02:24:10 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d3a6d76d364-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/66d916256f5/css/ Frame 5AB6 41 KB
8 KB 24ms
22ms Stylesheet
text/css 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

871bb7d86e282ae5a277504f51b981aa1164807228acbb345ceb534b4e0b4a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:19 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 642215
cf-polished: origSize=42435
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 05 Sep 2024 02:24:10 GMT
server: cloudflare
etag: W/"4795e12c64cb6d657f901b9e902ea56f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d3abe9fd364-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/66d916256f5/css/ Frame 7E2F 78 KB
15 KB 20ms
19ms Stylesheet
text/css 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66d916256f5/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3df343f67f3f20631925c2cfb2a10ffcc0600a839c994edb6cd1b1fa6d2cebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 642215
cf-polished: origSize=80478
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 05 Sep 2024 02:24:10 GMT
server: cloudflare
etag: W/"9ea341deca224f29fb13e92c17fdd083"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8c201d3c3bf7d364-FRA

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 125ms
20ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: windoesmylifebetter.pages.dev
URL: https://windoesmylifebetter.pages.dev/iOxCQ6mZ.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
Origin: https://windoesmylifebetter.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 13909
cdn-cachedat: 10/31/2023 18:48:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6101e35343b3acd2081362e1754480f7
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8c201d3d2d9b693f-FRA
cdn-requestpullsuccess: True

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
41 KB 171ms
44ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 13:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1495465
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 41275
x-served-by: cache-fra-etou8220140-FRA, cache-lga21966-LGA
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nknyEV4t0kC1cjIvN0XYAgeqn8QELxUJUZtJtyIFjtLUWGYyYxXTKaXuw%2FR76RreWfkAUB1iPRgH9rMmlX9sMEYs2GA8WmAsMlxORBz7ixMZ86PDG8i2LYZ5R2wiw1s4JBJktLDJsZfwTJhLKgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c201d3d5bd9bc04-FRA

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
292 B 278ms
272ms Fetch
text/html 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66d916256f5/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://windoesmylifebetter.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 12 Sep 2024 13:06:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-6zp9
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://windoesmylifebetter.pages.dev
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8c201d3dccdb3aa2-FRA
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 131ms
130ms Preflight
text/html 2606:4700:10::6816:2c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://windoesmylifebetter.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://windoesmylifebetter.pages.dev
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8c201d3cebc23aa2-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 12 Sep 2024 13:06:20 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-7d5c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
windoesmylifebetter.pages.dev/	1969-12-31 23:59:59	Name: twk_idm_key Value: EGUMqxhNingSp-2OLYQpl
windoesmylifebetter.pages.dev/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.windoesmylifebetter.pages.dev/	1970-01-21 03:48:18	Name: twk_uuid_661141601ec1082f04df7dc5 Value: %7B%22uuid%22%3A%221.F1Ln6Liiqvqgm0gI751I9c1vSgJeekyLwt0A5HwCeer3D9kjDWvT9nUNOKCIo2rVo8oxa8nu9nNrCcCaSa5b3hJNBhbyPrlV7kLSN68UtKMDQT1UXJ25pM2fJHkWshC65JcIUmVonxDH%22%2C%22version%22%3A3%2C%22domain%22%3A%22windoesmylifebetter.pages.dev%22%2C%22ts%22%3A1726146379624%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
va.tawk.to
windoesmylifebetter.pages.dev
2606:4700:10::6816:2c8e
2606:4700:10::ac43:f0e
2606:4700:310c::ac42:2cee
2606:4700::6812:acf
2606:4700::6812:ba1f
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0dcf73b3ae74451091df71905883cc4e32d18ab16c3b36d552fc79bddec1be1c
10a99594267aa4bd3ea83586bbc93bea00f127ac756526763bdf856b437e413c
13a7e271b425c02455dfb3c68e89d7dcbc235611554376207e6e069109febb80
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea
18c752caa749e9cbac0ac0c5b7e5149ff54a7d0aaac4576d0a90a19ec3198cb1
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
247a936be98e5214d74c6c8049b909a41bcb713b7f95f22773cc17d1371cfcbe
276b503567acd206fca8738419afb1a5c5c31d70205499c0b9a32239289529e5
2914ee6a156ff3961c550cb5046423ca7080ac31d6378cfa264fe09e66d797aa
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
6a98d9b3734d7ef3ec1b562873c4cd212b86420e4e569b17a5414ab74c808581
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
74d637004fb7f2846e291e30f250560ef17bbd31b0e150e20d8362fb9704935f
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
870e9d768ba46521935ced4cee560acfbb4f12370e5476dc6a2a45f0141a8392
871bb7d86e282ae5a277504f51b981aa1164807228acbb345ceb534b4e0b4a6c
917c738d6dee0d2d9a693554eadc86e36f0fa46176f03acaf27d3225232fad0f
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
a42c7e96aafecb9b712cf133c31dc10c22c4fa79b2f32209e8011662273f4284
ae42df6f00451301cc3690e5373b25fd47e698824390fca04cf16a52a99284db
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
b9b048a94a13087fea28ca2dfe0ac3125b59bee2ce84829943918114045c707d
bbe69047f5509a4554e3e07b866caf3a106a3bc134c7ae78a7cd6d72cdd1339c
bf941154983c1fa3e814b5080da22a414b0468bd3927bf6cb38b5b37303fe978
c1782a8e7e3ff0043f0b4312520e07f8477299e2ac89a11ec473f847c1bc3dc3
c3df343f67f3f20631925c2cfb2a10ffcc0600a839c994edb6cd1b1fa6d2cebf
c7065e0118d3b1cab0599b850fade765885079f17609163d0afcf78a82d90721
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
da4637c07df0fc3bcbbb3c2c411c458b08af956c66cf1d57ad364db48237d746
dfcc16fd49167f62d2acb07ed991fb0535f5ca863c5c15cfa20cfd76c1b1cfbe
e1691e6178177d92aa7c946d0da17b41106711b49d2f41ad214eddf254c44284
e5cf7987f8eda377da9ce7bb1aed3144eccc244cac88c225d3c3d2f7a1226494
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f67ff91ca43e4546132cde5d9ff94d26317b45dabbc913a8839d45270f9958f9
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

windoesmylifebetter.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2cee Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

100 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1182 kBTransfer

2708 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windoesmylifebetter.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cee Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1182 kB
Transfer

2708 kB
Size

3
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!