urlscan.io logo urlscan.io
SecurityTrails logo

whomam.com Open in urlscan Pro
2606:4700:3037::6815:e4c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://g52eu.info/PrLbc
Effective URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=174082...
Submission: On April 20 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::6815:e4c, located in United States and belongs to CLOUDFLARENET, US. The main domain is whomam.com.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2023. Valid for: 3 months.
This is the only time whomam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 35.244.245.136 15169 (GOOGLE)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
16 5
1    2606:4700:3030::ac43:aa04 (United States)

ASN13335 (CLOUDFLARENET, US)
g52eu.info
1    35.244.245.136 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 136.245.244.35.bc.googleusercontent.com
www.ker2clk.com
2    2606:4700:3033::ac43:8050 (United States)

ASN13335 (CLOUDFLARENET, US)
campfireprocess.com
12    2606:4700:3037::6815:e4c (United States)

ASN13335 (CLOUDFLARENET, US)
whomam.com
1    2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3033::6815:595 (United States)

ASN13335 (CLOUDFLARENET, US)
bonusshunter.com
1    2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 whomam.com
whomam.com
1 MB
2 campfireprocess.com
campfireprocess.com
2 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 bonusshunter.com
bonusshunter.com
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
969 B
1 ker2clk.com
www.ker2clk.com
705 B
1 g52eu.info
g52eu.info
1010 B
16 7
Domain Requested by
12 whomam.com whomam.com
2 campfireprocess.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 bonusshunter.com whomam.com
1 fonts.googleapis.com whomam.com
1 www.ker2clk.com 1 redirects
1 g52eu.info 1 redirects
16 7

This site contains no links.

Subject Issuer Validity Valid
*.campfireprocess.com
GTS CA 1P5		 2023-03-26 -
2023-06-24		 3 months crt.sh
*.whomam.com
GTS CA 1P5		 2023-03-26 -
2023-06-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-23 -
2023-10-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Frame ID: D977DD6DA69C89969B309FF603C69DDF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SuperSpin

Page URL History Show full URLs

  1. http://g52eu.info/PrLbc HTTP 302
    https://www.ker2clk.com/65WLXC/GTLRJ2K/?tt=mwE31Al6X-XZ_gC_L0HrCBiuES6Q13uw8AFuBcXj_vygurTfaeEucjsms... HTTP 302
    https://campfireprocess.com/?flux_fts=tcizoqctltiaczcztxxetptxztpcaolpotxczcaa7e83&sub5=&affid=114-&tran... HTTP 307
    https://campfireprocess.com/go/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8... Page URL
  2. https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

1483 kB
Transfer

1594 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://g52eu.info/PrLbc HTTP 302
    https://www.ker2clk.com/65WLXC/GTLRJ2K/?tt=mwE31Al6X-XZ_gC_L0HrCBiuES6Q13uw8AFuBcXj_vygurTfaeEucjsmsRowZsAGTHMJW7A7KrPCWUcP1icQuw%3D%3D&firstname=Eleen&city=Richmond&extra2=&extra3=&message_id=107797&extra1=&extra4=&link_id=4725&token=1858747340&phone=%2B16043039197&surname=Goyer&schedule_id=48445 HTTP 302
    https://campfireprocess.com/?flux_fts=tcizoqctltiaczcztxxetptxztpcaolpotxczcaa7e83&sub5=&affid=114-&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&firstname=Eleen&phone=%2B16043039197&surname=Goyer&city=Richmond&link_id=4725&schedule_id=48445&message_id=107797&token=1858747340&extra1=&extra2=&extra3=&extra4=&extra5=&tt=mwE31Al6X-XZ_gC_L0HrCBiuES6Q13uw8AFuBcXj_vygurTfaeEucjsmsRowZsAGTHMJW7A7KrPCWUcP1icQuw%3D%3D HTTP 307
    https://campfireprocess.com/go/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=%2016043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797 Page URL
  2. https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://g52eu.info/PrLbc HTTP 302
  • https://www.ker2clk.com/65WLXC/GTLRJ2K/?tt=mwE31Al6X-XZ_gC_L0HrCBiuES6Q13uw8AFuBcXj_vygurTfaeEucjsmsRowZsAGTHMJW7A7KrPCWUcP1icQuw%3D%3D&firstname=Eleen&city=Richmond&extra2=&extra3=&message_id=107797&extra1=&extra4=&link_id=4725&token=1858747340&phone=%2B16043039197&surname=Goyer&schedule_id=48445 HTTP 302
  • https://campfireprocess.com/?flux_fts=tcizoqctltiaczcztxxetptxztpcaolpotxczcaa7e83&sub5=&affid=114-&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&firstname=Eleen&phone=%2B16043039197&surname=Goyer&city=Richmond&link_id=4725&schedule_id=48445&message_id=107797&token=1858747340&extra1=&extra2=&extra3=&extra4=&extra5=&tt=mwE31Al6X-XZ_gC_L0HrCBiuES6Q13uw8AFuBcXj_vygurTfaeEucjsmsRowZsAGTHMJW7A7KrPCWUcP1icQuw%3D%3D HTTP 307
  • https://campfireprocess.com/go/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=%2016043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
campfireprocess.com/go/casimba/superspin/ca/direct/org/
Redirect Chain
  • http://g52eu.info/PrLbc
  • https://www.ker2clk.com/65WLXC/GTLRJ2K/?tt=mwE31Al6X-XZ_gC_L0HrCBiuES6Q13uw8AFuBcXj_vygurTfaeEucjsmsRowZsAGTHMJW7A7KrPCWUcP1icQuw%3D%3D&firstname=Eleen&city=Richmond&extra2=&extra3=&message_id=1077...
  • https://campfireprocess.com/?flux_fts=tcizoqctltiaczcztxxetptxztpcaolpotxczcaa7e83&sub5=&affid=114-&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&firstname=Eleen&phone=%2B16043039197&surname=Goye...
  • https://campfireprocess.com/go/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com...
1 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://campfireprocess.com/go/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=%2016043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8050 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7baf9e0b591c59c8-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Apr 2023 18:58:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrHgWjw7sHOMOBuUGkoWrvEwZAqU2jByi07ie1Z6sQ8EA9%2BzjB7VBmU33BszDFOQaxSi0QEqNj6ijydJErMlOIDzSuKZj6jWavP5GuzKe%2FX5Z2x%2B9ISg4BphWQT3JRJ68UjmpbZfnGh1%2FRt%2F6MQGn37s"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7baf9e0a4fc159c8-IAD
content-type
text/html; charset=utf-8
date
Thu, 20 Apr 2023 18:58:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://campfireprocess.com/go/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone= 16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="This is not a P3P policy"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26yvBYGna3hZek837Z4dMzxgVGt0izEWBmtVQNOQp8BzHTtIGsq3p5N7PEGF5cDzollKtaRjKoqbHw24PO%2BHiGIF%2FQiofeyDmehgbd8amyFpQNUry%2F5xIhbnYBgJb7zWKGe%2BO46oCEvTRKyDmgghors9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33
x-robots-tag
noindex, noarchive, nofollow
Primary Request index.html
whomam.com/casimba/superspin/ca/direct/org/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cceb2c11290d49b395656c0a1839e056df3c43e8d0bec97d643dc1448dee9752

Request headers

Referer
https://campfireprocess.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7baf9e0cfc0159b6-IAD
content-encoding
br
content-type
text/html
date
Thu, 20 Apr 2023 18:58:12 GMT
last-modified
Thu, 15 Dec 2022 06:50:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4%2FmfJjh4Fe3%2B13T5zDoL8RJIPKfBaLmbIiy9uwzMPPJwKK0EbZRVhy47GB%2BfOJ1E3Sr4uouKk1iyGJk3QfnpQqw5qw%2BTxnjWhxnuHu1MtPXjBlYfDuTu8b0MSBtu4KFtgdi%2BpAyyg%2B9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery-3.6.0.min.js
whomam.com/casimba/superspin/ca/direct/org/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/js/jquery-3.6.0.min.js
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:52:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2882
etag
W/"639ac415-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vrYtGk00%2Be7kTpNG7q9wlOAWrHU5VXqG4IkmmnKB3KqZccAugivYp%2FAXLhSkG0K4xzN%2BUOjyERbClplUksOTlix914nE5wTJLaLC8OOHVwbSKtiJLJR2gav3htRa4VlWrLWC6ESXXB%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7baf9e0dedbb59b6-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
texts.js
whomam.com/casimba/superspin/ca/direct/org/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/js/texts.js
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5811a20dd06427560838dd7c6f49a3780c80b60d828cf601da0966a1755ba138

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:52:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2882
etag
W/"639ac416-7bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D13Wf74ypeDrZRIPhvqOWA4QhgG4uLxtWMam2M5TXkozTjxbne1MYKrVf8GQs0ON7rAOFkrGO1A1Vi8ZZ%2Fdue%2BhUhWlnZ2MHcaPc4ifQnP6tt3qzqwjnXkAwabzj2i2SrELEWt0z4TU3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7baf9e0dedb859b6-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
junk.js
whomam.com/casimba/superspin/ca/direct/org/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/js/junk.js
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31eccddf6efcc19468004f79a51e98a95dc7cd7bb52eb125211d70e961eec15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:52:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2882
etag
W/"639ac414-20fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZkZyiLDpD3u73%2FyDHr5T5xloAiy8MIRJlWRLROajykkQk3XT9PUjHghVpE4NDoxiksr9dWiQN9dPTXSzbilLS38LGPUUom1hLcfODLYKGa2JjbPDzU273hdQDOb%2Bi%2BzUDZEzeio1sb4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7baf9e0dedb959b6-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		3 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;900&display=swap
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fdcb8b48c0ac54e517c54ab67e53dc867420e1d3708561267b52b0c8337b63dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 18:58:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Apr 2023 18:58:12 GMT
freestyler.css
whomam.com/casimba/superspin/ca/direct/org/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/css/freestyler.css
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b522e57d0f66baa4603cf2a35077a995f25277c7fdc52721285e80a5c02f4da3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:51:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2882
etag
W/"639ac40e-29ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fzbdos6ZG1YrszFRTYoQ6UbSdbdfUy4Z%2FxbY5pqueL3V%2Fp9T9weBvFE3vqEGh%2FnwNGnZ%2FoCMA14rst5TGYlElUW5IGa54FPZHM%2F8xOS21w9WExQuNB0bw1l6vx2hclVu8lHo5J0VYCkq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7baf9e0dedb459b6-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.png
whomam.com/casimba/superspin/ca/direct/org/superspin-assets/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/superspin-assets/logo.png
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e13a33ab425e23e74f4cce3a08e79890adf5d9060e718cfc9f211cd961c89c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:51:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2881
etag
"639ac401-18cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqvpIOteUUjPCG1qe8EvYhmty1yx%2FqlBM52B49EdEHGW5HJP55Vih8Cb1wUrIVHhkIzh7JbstS3E20jGYhyYnq7dVPOjrRfXQGIXVRqgB7pUtDV5p9pzWMMAOV0cXY985IOp9osS2SCN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7baf9e0e58105943-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6347
pin.png
whomam.com/casimba/superspin/ca/direct/org/superspin-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/superspin-assets/pin.png
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068be7732119137e4f31d2f19e059c795613f53ecbe2b6c80f7016cbb0404b93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:51:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2881
etag
"639ac3fd-783"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeUqlp4wQB2%2F9f064%2FhJLDA9%2BR%2FRvyAdZjlPLL4PHEGr7Gn6WhR6s3q2JwcwJ1khvx3JPrWG7FagYBQnCbOeODVGlEgPHtcs6zO%2F6GDtA6JZCHmbr4SkbDrTothO48%2B8%2FkIHwNXOkBvp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7baf9e0e681c5943-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1923
dot.png
whomam.com/casimba/superspin/ca/direct/org/superspin-assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/superspin-assets/dot.png
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9ab8492eaccbad220a7466d97a32f2388e98325021718d91c51159f74388ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:51:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2881
etag
"639ac400-5c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjBZPpDtrQR3NGkPyOJSmzWN91xWPZlb93lnMPQBtVn4FWA4AH1QILDzTSMG0VZWEpCbI7TLe03%2B6t8IF2twSGpslJVwLqudqkpCRD1%2FScxoFRXhE%2FDQ4JU8k5905%2Bor110g6Y6wLfFh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7baf9e0e681d5943-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1479
board.png
whomam.com/casimba/superspin/ca/direct/org/superspin-assets/ 		274 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/superspin-assets/board.png
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3634c290401ca794318ff1d660526ced0079a05255082ce4c769c54c12ffa738

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:51:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2881
etag
"639ac407-446ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87izC%2BX7WRYnyDVftwpxSs%2BlC%2FVePBxDESVPSCC07CNLkZLGSWq05YpY5Xf9VnM5xzGo0f5QKPtjQmySSt3TFXDD3zb%2F%2FCsU3ww0kBL9kploQrGeRbVHXkc4AQ2bZPM6QKSwhSTdRoBN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7baf9e0e681f5943-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
280250
embed.js
bonusshunter.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bonusshunter.com/embed.js
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:595 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6575b6aa7cd10f1ea8d43bc8577c45afd3964d1d423c79c7c77d0dbf4ad136d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Dec 2021 10:35:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6249
etag
W/"61ade779-58b1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk53NV9nqtyFqzoptmirgIkGNnZYjFo%2BVjKkDOSTtR1fI%2FocYGHND4zvEI3mpom3lpmnK9qpUXPJW9Jh7UYl3DMrXvcRFOCPY1x0KncjBYGSpYU6Z1ReeFCTkm60c7n2Xk9Ah6tMZ%2Fum8dtRrW1G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7baf9e0eee0859df-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.js
whomam.com/_events/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://whomam.com/_events/embed.js
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3493546815e50c765de6936edec8aaae196a78d83723a038ecc64d884e679780

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/index.html?session=d7364990f2a9d19f040ef8ea0c09256b&fluxf=1740827151497070133&fluxffn=1740832876427007592&ffdomain=campfireprocess.com&category=Test&firstname=Eleen&surname=Goyer&city=Richmond&phone=+16043039197&transaction_id=c9a80f20602f4d2a9c1449909e5d9d35&token=1858747340&affid=114-&link_id=4725&schedule_id=48445&message_id=107797
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Nov 2022 10:43:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6467
etag
W/"63639b50-9eda"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnNVL%2B8W%2BxtfsIdx7V5UQyP7FZGvwIkzWR5b%2Fazg96USLHNEhreHe7lpadfuqDuHGGf4Evw6sb8KDhQAGdd1pgGNgq9oyWa%2BD9tNhPaxGMavJGIM4AUGOdlmzRvZ6RensLwhkvjQm5lH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7baf9e0e68205943-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main_bg.jpg
whomam.com/casimba/superspin/ca/direct/org/superspin-assets/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/superspin-assets/main_bg.jpg
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/css/freestyler.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f51e1cab526205b9c974a56e3eaf08a381f8e65f281fd199abcb1cacb304d818

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/css/freestyler.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:51:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2881
etag
"639ac40b-113289"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R57xloRDbxJNjXifOlqp7ArqdGhhacBJTjvcEwzulJCoF7gBrnaa13b1aj7wEAVdLbHfCmHFZR7Q3%2F76xYGGnzB7aasRSghCBP1tZ83aJhJCC%2BpRsp0bIXNkI08qeUlgJVoCEEIhVObh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7baf9e0e68215943-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1127049
stars.svg
whomam.com/casimba/superspin/ca/direct/org/superspin-assets/ 		1010 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whomam.com/casimba/superspin/ca/direct/org/superspin-assets/stars.svg
Requested by
Host: whomam.com
URL: https://whomam.com/casimba/superspin/ca/direct/org/css/freestyler.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:e4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df82ade6a9e945f0a02c89f3b8569547d605dfca9ae448eff429d27829225da

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://whomam.com/casimba/superspin/ca/direct/org/css/freestyler.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 06:51:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2881
etag
W/"639ac401-3f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdAzAYKtO7bTrQGa3UsMZhe2EEjOCNJGRTJOcXeUFY%2FS8%2BQjph%2F9Kg3b4afY%2FxbeygLKlHxq5lXu%2B3PprgBqN11TiVT9hIR9ixwwKwFdJWsF3Ec1avMqmNaB0oy%2Fkx%2BGoumG61SCFoEk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7baf9e0e68225943-IAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://whomam.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options
nosniff
age
60800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 02:04:52 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery string| url_string object| url string| TXT_FIRSTNAME string| TXT_SURNAME string| TXT_CITY object| TXT_ZIPCODE object| TXT_ADDRESS string| TXT_PHONE object| TXT_MOBILE function| getURLParameter string| subid string| subid2 string| firstname string| surname string| city string| zipcode string| address string| phone string| mobile string| pid string| nrp string| ffdomain string| session string| fluxf string| fluxffn object| params string| paramString function| replaceText string| k function| ActionRedirect function| plushLoaded function| tapirLoaded function| Plush function| Tapir

4 Cookies

Domain/Path Name / Value
www.ker2clk.com/ Name: uniqueClick_GTLRJ2K
Value: 324c10a0-9aaa-48d1-87cd-3ad4f6c4022f:1682017091
www.ker2clk.com/ Name: transaction_id
Value: c9a80f20602f4d2a9c1449909e5d9d35
campfireprocess.com/ Name: PHPSESSID
Value: d7364990f2a9d19f040ef8ea0c09256b
campfireprocess.com/ Name: csid3
Value: d7364990f2a9d19f040ef8ea0c09256b