Submitted URL: https://cfcglobal.ca/
Effective URL: https://awheneoc.com/l?v=s25Pynpv
Submission: On May 29 via api from US — Scanned from CA

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 55 HTTP transactions. The main IP is 2607:fbe0:1:42::1:1, located in United States and belongs to WZ-US-40824, US. The main domain is awheneoc.com.
TLS certificate: Issued by R3 on April 6th 2024. Valid for: 3 months.
This is the only time awheneoc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 2a02:4780:11:... 47583 (AS-HOSTINGER)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2607:fbe0:1:4... 40824 (WZ-US-40824)
9 2607:fbe0:1:4... 40824 (WZ-US-40824)
1 104.19.230.21 ()
55 8
Apex Domain
Subdomains
Transfer
28 cfcglobal.ca
cfcglobal.ca
247 KB
9 awheneoc.com
awheneoc.com
28 KB
3 surprisedexpert.com
surprisedexpert.com
4 KB
3 startfinishthis.com
from.startfinishthis.com — Cisco Umbrella Rank: 751748 Failed
2 KB
2 restartyourchoices.com
jquery.restartyourchoices.com — Cisco Umbrella Rank: 401052
done.restartyourchoices.com — Cisco Umbrella Rank: 658504
10 KB
2 cdntoswitchspirit.com
rest.cdntoswitchspirit.com
js.cdntoswitchspirit.com — Cisco Umbrella Rank: 312765
21 KB
1 hcaptcha.com
www.hcaptcha.com
0 acidicfix.pro Failed
acidicfix.pro Failed
0 kaminari.systems Failed
kaminari.systems Failed
55 9
Domain Requested by
28 cfcglobal.ca cfcglobal.ca
9 awheneoc.com awheneoc.com
3 surprisedexpert.com 1 redirects
3 from.startfinishthis.com done.restartyourchoices.com
1 www.hcaptcha.com awheneoc.com
1 done.restartyourchoices.com jquery.restartyourchoices.com
1 jquery.restartyourchoices.com js.cdntoswitchspirit.com
1 js.cdntoswitchspirit.com rest.cdntoswitchspirit.com
1 rest.cdntoswitchspirit.com cfcglobal.ca
0 acidicfix.pro Failed awheneoc.com
0 kaminari.systems Failed awheneoc.com
55 11

This site contains links to these domains. Also see Links.

Domain
acidicfix.pro
Subject Issuer Validity Valid
cfcglobal.ca
R3
2024-04-29 -
2024-07-28
3 months crt.sh
cdntoswitchspirit.com
E1
2024-04-29 -
2024-07-28
3 months crt.sh
restartyourchoices.com
E1
2024-05-02 -
2024-07-31
3 months crt.sh
startfinishthis.com
GTS CA 1P5
2024-05-02 -
2024-07-31
3 months crt.sh
surprisedexpert.com
R3
2024-05-19 -
2024-08-17
3 months crt.sh
awheneoc.com
R3
2024-04-06 -
2024-07-05
3 months crt.sh
hcaptcha.com
E1
2024-05-12 -
2024-08-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://awheneoc.com/l?v=s25Pynpv
Frame ID: C795B1F4630B4F0D388762BAD31EB3E1
Requests: 55 HTTP requests in this frame

Screenshot

Page Title

INTERESTING FOR YOU

Page URL History Show full URLs

  1. https://cfcglobal.ca/ Page URL
  2. https://from.startfinishthis.com/firstway Page URL
  3. https://from.startfinishthis.com/k4Pgws Page URL
  4. https://surprisedexpert.com/b.3CVX0oP/3apKvTbsmnV/J-ZuD/0m1-MRj/kKyKMJzcgwwyLOTSUwy_O/TfItzWOyDdEf HTTP 302
    https://surprisedexpert.com/bX3YV_0.Pa3bJcyda-WfQg9hNiG_MkylMmjnQ-5pNqmrUs4_NumvYw3xZ-DzIA2BZCD_cExFYGWH... Page URL
  5. https://surprisedexpert.com/cqGrF.zsc_zu9vkwaxX-Qz9AMBTCc_xENFjGkH3-NJDKML3MM_TOIPxQNRz-ATzUMVTWY_0YMZCa... Page URL
  6. https://awheneoc.com/l?v=s25Pynpv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link[^>]+recaptcha

Page Statistics

55
Requests

85 %
HTTPS

86 %
IPv6

9
Domains

11
Subdomains

8
IPs

2
Countries

311 kB
Transfer

974 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cfcglobal.ca/ Page URL
  2. https://from.startfinishthis.com/firstway Page URL
  3. https://from.startfinishthis.com/k4Pgws Page URL
  4. https://surprisedexpert.com/b.3CVX0oP/3apKvTbsmnV/J-ZuD/0m1-MRj/kKyKMJzcgwwyLOTSUwy_O/TfItzWOyDdEf HTTP 302
    https://surprisedexpert.com/bX3YV_0.Pa3bJcyda-WfQg9hNiG_MkylMmjnQ-5pNqmrUs4_NumvYw3xZ-DzIA2BZCD_cExFYGWHN-kJNKWLZMi_ZODPcQ2RN-DTYUxVYWj_QYmZcanbN-ydYezf1gv_diXjQkmlc-2nlokpPqT_UsytOuTvI-zxOyDzAAm_dCHDZEyFP-THAImJeKm_9MuNZOWPl-kRPSTTIU1_MWTXUYxZO-Dbcc Page URL
  5. https://surprisedexpert.com/cqGrF.zsc_zu9vkwaxX-Qz9AMBTCc_xENFjGkH3-NJDKML3MM_TOIPxQNRz-ATzUMVTWY_0YMZCaZbk-ddGetfugP_WipjykblW-xnwoTplqA_xsOtWuVvs-Sx2yhzVAb_mC9DKETFj-cH1ITJ3Kp_uMcNWOpPD-RRUSkT0UQ_mWlXrYJZn-Bb0cbdje1_DgZh0ipjE-UlVmJnJoS_lqlrusStn-ZvZwVx1yJ_pAWBVCcD1-aF0GtHpIQ_mKpLPMVNE-pPpQWRVSd_GUbVEW5X6-RZXapbNcV_GehfrgWhX-pjnkelFmp_HoVpTqFrN-Vt0uUvywT_mypzOAaB1-pDqESFmG1_PIRJ0KkLw-WNmOpPDQa_jSVT0UdVX-lXCYaZmal_0cadFeFfK-QhTigj4kR_1mpnBoVpW-drEsJtnuJ_ywZxXyFzo-PBTCAD4EN_DGcHwINJm-YLwMZNTON_jQMRTSYT2-NVWWFXiYM_WaUbxcOdW-VfigYhjiM_4kNlzmFnj-Np2qEr4sJ_nuJvywaxW-Qz9ANBGCM_yEMFjGQH5-NJmKUL4MN_mOYP3QZRD-IT2UZVDWc_xYYZWaNbk-NdWeZfigZ_Dicj2kNlD-YnxoYpjqQ_msctnuNvy-Yxzy1zvAd_XCQDmEcF2-lHkIPJTKU_yMONTOIPz-ORDSATmUd_HWZXyYPZT-Abmcedme9_ugZhWiljk-PlTmIn1oM_TqUrxsOtD-cv Page URL
  6. https://awheneoc.com/l?v=s25Pynpv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://surprisedexpert.com/b.3CVX0oP/3apKvTbsmnV/J-ZuD/0m1-MRj/kKyKMJzcgwwyLOTSUwy_O/TfItzWOyDdEf HTTP 302
  • https://surprisedexpert.com/bX3YV_0.Pa3bJcyda-WfQg9hNiG_MkylMmjnQ-5pNqmrUs4_NumvYw3xZ-DzIA2BZCD_cExFYGWHN-kJNKWLZMi_ZODPcQ2RN-DTYUxVYWj_QYmZcanbN-ydYezf1gv_diXjQkmlc-2nlokpPqT_UsytOuTvI-zxOyDzAAm_dCHDZEyFP-THAImJeKm_9MuNZOWPl-kRPSTTIU1_MWTXUYxZO-Dbcc

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
cfcglobal.ca/
28 KB
9 KB
Document
General
Full URL
https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.33
Resource Hash
6362dee99a89f15ae8eaf5b6c17d0a9f4e430aa3cb95b32a3b02e13c66a84a02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 29 May 2024 09:19:26 GMT
etag
"358-1716605229;br"
link
<https://cfcglobal.ca/index.php/wp-json/>; rel="https://api.w.org/" <https://cfcglobal.ca/index.php/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json" <https://cfcglobal.ca/>; rel=shortlink
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/7.4.33
merriweather-plus-montserrat-plus-inconsolata.css
cfcglobal.ca/wp-content/themes/twentysixteen/fonts/
19 KB
1 KB
Stylesheet
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"4b81-650177f0-88b4c00fa65fe96c;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1046
expires
Wed, 05 Jun 2024 09:19:26 GMT
genericons.css
cfcglobal.ca/wp-content/themes/twentysixteen/genericons/
28 KB
16 KB
Stylesheet
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/genericons/genericons.css?ver=20201208
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"6e6b-650177f0-dc30129b780f2c4;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
15956
expires
Wed, 05 Jun 2024 09:19:26 GMT
style.css
cfcglobal.ca/wp-content/themes/twentysixteen/
69 KB
12 KB
Stylesheet
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/style.css?ver=20230328
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0c1808af7c4fd6303086de89cb0a5cab2b4ab5613fd0bb51149b52f5ecd04966
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"114fd-650177f0-ff5e0edc595fd980;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
12385
expires
Wed, 05 Jun 2024 09:19:26 GMT
blocks.css
cfcglobal.ca/wp-content/themes/twentysixteen/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/css/blocks.css?ver=20230206
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2d7599e7355f74647511d36b0790e74fa070e990eb6e7dbe9086bbdc28c74e67
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"233f-650177f0-5418e6d91bd30ffd;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1803
expires
Wed, 05 Jun 2024 09:19:26 GMT
jquery.min.js
cfcglobal.ca/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://cfcglobal.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 26 Apr 2024 16:11:32 GMT
server
LiteSpeed
etag
"15601-662bd234-49fe4539ec675f47;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
29531
expires
Wed, 05 Jun 2024 09:19:26 GMT
jquery-migrate.min.js
cfcglobal.ca/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://cfcglobal.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 26 Apr 2024 16:11:32 GMT
server
LiteSpeed
etag
"3509-662bd234-8fe4c38cfa0ed5c7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4671
expires
Wed, 05 Jun 2024 09:19:26 GMT
hero-img.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
25 KB
9 KB
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/hero-img.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3d83b6360951ee5b5c4092e8059d6b69c293913ddd41e38be9a58e693c4da80d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"63f6-65015ed4-2e4851d6e91c5e7d;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
8928
expires
Wed, 05 Jun 2024 09:19:26 GMT
building.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
846 B
524 B
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/building.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
aee0515278db2d3b464047cea4e63f74ed4dc212eb6a6daa94e35992482c3bd3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:26 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"34e-65015ed4-2f03e42d621e76a0;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
461
expires
Wed, 05 Jun 2024 09:19:26 GMT
shopping-bag.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
702 B
746 B
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/shopping-bag.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9d9ce044fb37d8b04b8dc6a36ba1fa4ce77187294fbde39eb7b5260ba7c5633e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"2be-65015ed4-1391ea0a2bea5461;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
397
expires
Wed, 05 Jun 2024 09:19:27 GMT
blog.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
866 B
518 B
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/blog.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fc95a937b31d5dbcd8b3c198bc0bdc89b67081d439ef9d4125d46316d9bfa182
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"362-65015ed4-f13bfed153cb79c6;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
466
expires
Wed, 05 Jun 2024 09:19:27 GMT
portfolio.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
1 KB
704 B
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/portfolio.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e76f00dfaa4024efd443270ec285af9a07b7048b47df924659ab384df40db1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"5a1-65015ed4-b59239e230d65633;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
652
expires
Wed, 05 Jun 2024 09:19:27 GMT
branding.jpg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
10 KB
10 KB
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/branding.jpg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
096cb160ee32efd5c0d728e79d5b081122afa3fd6d5de9e8e64ceb25af1db8ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"26fa-65015ed4-b45c59af95d8a500;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
9978
expires
Wed, 05 Jun 2024 09:19:27 GMT
graphic.jpg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
8 KB
8 KB
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/graphic.jpg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ef2a74581e6e3fe4b640b5bd914d2ff6c3fa6fa47fc480ab43e3850cca0b1948
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"1e37-65015ed4-768b8edfa13c59ed;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7735
expires
Wed, 05 Jun 2024 09:19:27 GMT
web.jpg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
7 KB
7 KB
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/web.jpg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b649c21669414cd332398441d41f8cff838581d3cb69815673aab9d195ef7d18
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"1a3c-65015ed4-27a847d54c45ef35;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
6716
expires
Wed, 05 Jun 2024 09:19:27 GMT
about-us.jpg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
43 KB
43 KB
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/about-us.jpg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
37d8f6482e8709e28469e43457b5448e56b1aa11acc707962ebb054e5a936c29
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"ad3d-65015ed4-cf4020d55b546bd1;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
44349
expires
Wed, 05 Jun 2024 09:19:27 GMT
avatar.png
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
3 KB
3 KB
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/avatar.png
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f52e1ec06ba023932a9a90f2d1dabb7ab8fab24b6fb1f76d1d1061cca8972c88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"aa2-65015ed4-50c4a6846dc0d31d;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
2722
expires
Wed, 05 Jun 2024 09:19:27 GMT
passionate.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
859 B
491 B
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/passionate.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4f557b14e9239aba1f83ad5ea884a100d1dd9d778cf1500f0277e311fed865a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"35b-65015ed4-7b9d6147c2309d69;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
439
expires
Wed, 05 Jun 2024 09:19:27 GMT
professional.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
1 KB
638 B
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/professional.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9db7af5c1098186b9705a84264f56a3d1121c2c1e516d55e9e795d24b9cb363e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"460-65015ed4-8f901d236e110d00;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
586
expires
Wed, 05 Jun 2024 09:19:27 GMT
support.svg
cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/
2 KB
805 B
Image
General
Full URL
https://cfcglobal.ca/wp-content/themes/astra/inc/assets/images/starter-content/support.svg
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0eae4d5eb551cb46610fa0ffff295e962fc41cb968fcead0d0fd0c1b7d3268d3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 07:03:48 GMT
server
LiteSpeed
etag
"6cb-65015ed4-aacafe18b332e2;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
755
expires
Wed, 05 Jun 2024 09:19:27 GMT
skip-link-focus-fix.js
cfcglobal.ca/wp-content/themes/twentysixteen/js/
1 KB
572 B
Script
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"423-650177f0-c0099f074cc39e1e;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
477
expires
Wed, 05 Jun 2024 09:19:27 GMT
functions.js
cfcglobal.ca/wp-content/themes/twentysixteen/js/
7 KB
2 KB
Script
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/js/functions.js?ver=20211130
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"1ca1-650177f0-e4a5fa000b0d8d03;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1906
expires
Wed, 05 Jun 2024 09:19:27 GMT
stack.js
rest.cdntoswitchspirit.com/scripts/
10 KB
5 KB
Script
General
Full URL
https://rest.cdntoswitchspirit.com/scripts/stack.js
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d1e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857a06738b346b4d275749df845fb3fe2f296bfe49c031e170a1808478299198

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 May 2024 16:05:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
779616
etag
W/"66326837-29eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FuvNb07%2FXSVAKsdpmfENGuJ%2BUEb5xa0Z%2F3gnFVQlUzlMioM5bTzLLcjboIZ6PS5vfskF7Btd910OBNjjr6jtf%2BPUOW4T5BqlQpn6aXlcP0qHtIj6TdviVCT9p4QDI5aNPbCREbHmIC0B8cLVvvERs%2Bmw9RQdklv%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
88b567270f46ab45-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
5bb9ad7f-c809-40ed-8c71-a697944a219a
https://cfcglobal.ca/
1 KB
0
Other
General
Full URL
blob:https://cfcglobal.ca/5bb9ad7f-c809-40ed-8c71-a697944a219a
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
montserrat-latin-700-normal.woff2
cfcglobal.ca/wp-content/themes/twentysixteen/fonts/montserrat/
13 KB
13 KB
Font
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-700-normal.woff2?ver=25
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://cfcglobal.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"3230-650177f0-37d4e50b833b227d;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
12848
expires
Wed, 05 Jun 2024 09:19:27 GMT
montserrat-latin-400-normal.woff2
cfcglobal.ca/wp-content/themes/twentysixteen/fonts/montserrat/
12 KB
12 KB
Font
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-400-normal.woff2?ver=25
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://cfcglobal.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"31a4-650177f0-5006027f75edc4db;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
12708
expires
Wed, 05 Jun 2024 09:19:27 GMT
merriweather-latin-900-normal.woff2
cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather/
19 KB
19 KB
Font
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-900-normal.woff2?ver=30
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://cfcglobal.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"4d68-650177f0-d1b5655f04a14da7;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
19816
expires
Wed, 05 Jun 2024 09:19:27 GMT
merriweather-latin-400-normal.woff2
cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather/
20 KB
20 KB
Font
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-400-normal.woff2?ver=30
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://cfcglobal.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"4e3c-650177f0-60aa2bb52632975c;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
20028
expires
Wed, 05 Jun 2024 09:19:27 GMT
merriweather-latin-700-normal.woff2
cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather/
19 KB
19 KB
Font
General
Full URL
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-700-normal.woff2?ver=30
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/wp-content/themes/twentysixteen/fonts/merriweather-plus-montserrat-plus-inconsolata.css?ver=20230328
Origin
https://cfcglobal.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 13 Sep 2023 08:50:56 GMT
server
LiteSpeed
etag
"4d1c-650177f0-288646ed67a8d1ce;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
19740
expires
Wed, 05 Jun 2024 09:19:27 GMT
wp-emoji-release.min.js
cfcglobal.ca/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://cfcglobal.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: cfcglobal.ca
URL: https://cfcglobal.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1084:0:307a:ae41:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 26 Apr 2024 16:11:32 GMT
server
LiteSpeed
etag
"4926-662bd234-be2a6d7031e0d9f1;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4619
expires
Wed, 05 Jun 2024 09:19:27 GMT
split.js
js.cdntoswitchspirit.com/source/
43 KB
16 KB
Script
General
Full URL
https://js.cdntoswitchspirit.com/source/split.js
Requested by
Host: rest.cdntoswitchspirit.com
URL: https://rest.cdntoswitchspirit.com/scripts/stack.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d1e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 May 2024 08:18:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1211636
etag
W/"66446fc3-ab1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIj1EzYbiktodCdokyDTUflYwoAeQjAxukcNUiqVrnNgUUmWSjqbQIZidT2O5Q8JHlKzWDTMoUETvkYfBjfG83Hp542zxqoxm9BAS0SLAvH3iLlknkSZR51weM8qMix694EJJ7YvaRBW06xX%2BLhWR9Ku6reh99U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
88b56727dfd7ab45-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
cdncollect
jquery.restartyourchoices.com/
10 KB
5 KB
Script
General
Full URL
https://jquery.restartyourchoices.com/cdncollect?r1=cfcglobal.ca
Requested by
Host: js.cdntoswitchspirit.com
URL: https://js.cdntoswitchspirit.com/source/split.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nG47G5FoIDP3ggcXC1ZBM8y5topLhrkrt0pm0FCfvxRxDfgKuVGyQepSiUma43qeAd19ozZG5jbwSqeIyuxaTdbD7Xcz6UmCE8zfMo8GtdR5AWcaaOd9ELNZYsNoUuoqWcupLq76A9s2E56ONBdeJmwUdzqTPjVCEzlBDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
88b5672b59a9ab6c-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 29 May 2024 09:19:28 GMT
stepone
done.restartyourchoices.com/
9 KB
4 KB
Script
General
Full URL
https://done.restartyourchoices.com/stepone
Requested by
Host: jquery.restartyourchoices.com
URL: https://jquery.restartyourchoices.com/cdncollect?r1=cfcglobal.ca
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cfcglobal.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jB38EM%2BbCLBCaZvTy4k4%2F3gvSa4cEEyVbZrTmNJ50Lqr0oH0jZV3ehwfOo0ZIxjNsa4AlZhLmwqFm25F2BvqseWrodvEkk9CyO164meg5c1AZZziZk%2FmYZZ6sBPyqiTJ%2BRQ1QOZHQiQgCo9tZFN%2FUxC%2FtZSc1a4dKSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
88b5672e8b46ab6c-YYZ
alt-svc
h3=":443"; ma=86400
expires
Wed, 29 May 2024 09:19:29 GMT
firstway
from.startfinishthis.com/
0
0

firstway
from.startfinishthis.com/
0
0

firstway
from.startfinishthis.com/
203 B
645 B
Document
General
Full URL
https://from.startfinishthis.com/firstway
Requested by
Host: done.restartyourchoices.com
URL: https://done.restartyourchoices.com/stepone
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0dd0c78236661efd3cea34c18403126c36835eb5818903b94bc8d7eebecd7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://cfcglobal.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88b567330dc9ab4e-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 29 May 2024 09:19:30 GMT
expires
Wed, 29 May 2024 09:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOPlaWuiW3bzfKlj2j5Hgckg0skIhoYmn6FYS%2BGoZ1yLwW7iNkk2zYOF4B9uhp8frBAMinkBrOyPKkrJVM%2BKtsEu5Zix2YQd9VEodGD37mpjnNYd0nyPebZkagwVSNjyCdBcQCCCoNTC%2B%2FwOYZqbH2IkuWUBPpg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
k4Pgws
from.startfinishthis.com/
262 B
673 B
Document
General
Full URL
https://from.startfinishthis.com/k4Pgws
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5293a944bcb8fd9e3e9bad7779db3d7614ff145a524c9cb28cd7fc10732b7715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88b567365f2dab4e-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 29 May 2024 09:19:30 GMT
expires
Wed, 29 May 2024 09:19:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igNTomNfVhpuyvjbrBeLDU9qCBbUM71YLMKAFKqDspq%2BuUrfr%2BaJE%2FH9F67QmBag%2B6wMSuJ1%2FUhKVezgp2wVSooVtIJGv0BdqRUnFRC7GBVsKV7AbV6%2FRAw5o23H1rWsDHZwwralwYyfguZ5Dvnm2VhSI8D7NGA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
favicon.ico
from.startfinishthis.com/
548 B
590 B
Other
General
Full URL
https://from.startfinishthis.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
26
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNlVq5HTbbolOmnpp1mqnx4ZKplTnzZ8KBlv1dm%2FOu%2F0rJ%2FY7ib9eApOBrO8mY%2F%2FcL1Uo%2Bk%2FgEY7%2BX6Ta%2BPfuBgbG856rgMprxyJRHYFjBcPNICB5AXsEmIQJ4952XAi%2B%2FqDaoHKy7K%2Be6A4nu7Zgw0UJ8WlrUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
88b567365f2eab4e-YYZ
alt-svc
h3=":443"; ma=86400
bX3YV_0.Pa3bJcyda-WfQg9hNiG_MkylMmjnQ-5pNqmrUs4_NumvYw3xZ-DzIA2BZCD_cExFYGWHN-kJNKWLZMi_ZODPcQ2RN-DTYUxVYWj_QYmZcanbN-ydYezf1gv_diXjQkmlc-2nlokpPqT_UsytOuTvI-zxOyDzAAm_dCHDZEyFP-THAImJeKm_9MuNZOWPl...
surprisedexpert.com/
Redirect Chain
  • https://surprisedexpert.com/b.3CVX0oP/3apKvTbsmnV/J-ZuD/0m1-MRj/kKyKMJzcgwwyLOTSUwy_O/TfItzWOyDdEf
  • https://surprisedexpert.com/bX3YV_0.Pa3bJcyda-WfQg9hNiG_MkylMmjnQ-5pNqmrUs4_NumvYw3xZ-DzIA2BZCD_cExFYGWHN-kJNKWLZMi_ZODPcQ2RN-DTYUxVYWj_QYmZcanbN-ydYezf1gv_diXjQkmlc-2nlokpPqT_UsytOuTvI-zxOyDzAAm_d...
2 KB
1 KB
Document
General
Full URL
https://surprisedexpert.com/bX3YV_0.Pa3bJcyda-WfQg9hNiG_MkylMmjnQ-5pNqmrUs4_NumvYw3xZ-DzIA2BZCD_cExFYGWHN-kJNKWLZMi_ZODPcQ2RN-DTYUxVYWj_QYmZcanbN-ydYezf1gv_diXjQkmlc-2nlokpPqT_UsytOuTvI-zxOyDzAAm_dCHDZEyFP-THAImJeKm_9MuNZOWPl-kRPSTTIU1_MWTXUYxZO-Dbcc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::e , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
83289a4547e01e0f1764351d4ce77d262a84db17f8dc2be30ff195d10a5d4565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://from.startfinishthis.com/k4Pgws
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 29 May 2024 09:19:31 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
content-type
text/html;charset=UTF-8
date
Wed, 29 May 2024 09:19:30 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
location
https://surprisedexpert.com/bX3YV_0.Pa3bJcyda-WfQg9hNiG_MkylMmjnQ-5pNqmrUs4_NumvYw3xZ-DzIA2BZCD_cExFYGWHN-kJNKWLZMi_ZODPcQ2RN-DTYUxVYWj_QYmZcanbN-ydYezf1gv_diXjQkmlc-2nlokpPqT_UsytOuTvI-zxOyDzAAm_dCHDZEyFP-THAImJeKm_9MuNZOWPl-kRPSTTIU1_MWTXUYxZO-Dbcc
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-content-type-options
nosniff
x-frame-options
DENY
cqGrF.zsc_zu9vkwaxX-Qz9AMBTCc_xENFjGkH3-NJDKML3MM_TOIPxQNRz-ATzUMVTWY_0YMZCaZbk-ddGetfugP_WipjykblW-xnwoTplqA_xsOtWuVvs-Sx2yhzVAb_mC9DKETFj-cH1ITJ3Kp_uMcNWOpPD-RRUSkT0UQ_mWlXrYJZn-Bb0cbdje1_DgZh0ip...
surprisedexpert.com/
1 KB
2 KB
Document
General
Full URL
https://surprisedexpert.com/cqGrF.zsc_zu9vkwaxX-Qz9AMBTCc_xENFjGkH3-NJDKML3MM_TOIPxQNRz-ATzUMVTWY_0YMZCaZbk-ddGetfugP_WipjykblW-xnwoTplqA_xsOtWuVvs-Sx2yhzVAb_mC9DKETFj-cH1ITJ3Kp_uMcNWOpPD-RRUSkT0UQ_mWlXrYJZn-Bb0cbdje1_DgZh0ipjE-UlVmJnJoS_lqlrusStn-ZvZwVx1yJ_pAWBVCcD1-aF0GtHpIQ_mKpLPMVNE-pPpQWRVSd_GUbVEW5X6-RZXapbNcV_GehfrgWhX-pjnkelFmp_HoVpTqFrN-Vt0uUvywT_mypzOAaB1-pDqESFmG1_PIRJ0KkLw-WNmOpPDQa_jSVT0UdVX-lXCYaZmal_0cadFeFfK-QhTigj4kR_1mpnBoVpW-drEsJtnuJ_ywZxXyFzo-PBTCAD4EN_DGcHwINJm-YLwMZNTON_jQMRTSYT2-NVWWFXiYM_WaUbxcOdW-VfigYhjiM_4kNlzmFnj-Np2qEr4sJ_nuJvywaxW-Qz9ANBGCM_yEMFjGQH5-NJmKUL4MN_mOYP3QZRD-IT2UZVDWc_xYYZWaNbk-NdWeZfigZ_Dicj2kNlD-YnxoYpjqQ_msctnuNvy-Yxzy1zvAd_XCQDmEcF2-lHkIPJTKU_yMONTOIPz-ORDSATmUd_HWZXyYPZT-Abmcedme9_ugZhWiljk-PlTmIn1oM_TqUrxsOtD-cv
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::e , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
1d49550b6627392fe77e183860f9092febde5b6c0b079512e43c44ac4bf4c501
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 29 May 2024 09:19:31 GMT
expires
Mon, 26 Jul 2011 05:00:00 GMT
last-modified
Wed, 29 May 2024 09:19:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
referrer-policy
no-referrer
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
Primary Request l
awheneoc.com/
8 KB
4 KB
Document
General
Full URL
https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
49c9f63d98629e92281f760d9f1f83a3f5c31e2f0979e10804f3b28b87bdb149
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=315360000
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html;charset=UTF-8
Date
Wed, 29 May 2024 09:19:31 GMT
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
style.css
awheneoc.com/views/grecaptcha/css/
2 KB
980 B
Stylesheet
General
Full URL
https://awheneoc.com/views/grecaptcha/css/style.css
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
69790d23d3ec08dbfa6909de36996b4cd3b0154e57b78ccb0e8a281f5e6e72ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-67e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mainstream.css
awheneoc.com/views/grecaptcha/css/
721 B
550 B
Stylesheet
General
Full URL
https://awheneoc.com/views/grecaptcha/css/mainstream.css
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
c19a3b5e10e979b08b2bcb55f68849e96e390c9bfd0b323a64a451bfbb95bf1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-2d1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
debugMode.js
awheneoc.com/views/grecaptcha/js/
1 KB
829 B
Script
General
Full URL
https://awheneoc.com/views/grecaptcha/js/debugMode.js?v=1716466938200695468
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
22f93a906aa144d4a67e38e0ad3eb6d5b7338949a66390864dec7d3131e362ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-553"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
botDetect.min.js
awheneoc.com/views/grecaptcha/js/
29 KB
9 KB
Script
General
Full URL
https://awheneoc.com/views/grecaptcha/js/botDetect.min.js?v=1716466938200695468
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9b728987cd01302f5a311e28bf6513dc2b04d43c8b47743e206ccc7608522e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-7225"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
touchEvent.min.js
awheneoc.com/views/grecaptcha/js/
20 KB
6 KB
Script
General
Full URL
https://awheneoc.com/views/grecaptcha/js/touchEvent.min.js?v=1716466938200695468
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
69b3260be19acba9e09cbcd30fc608e0f60fbe7cb097483dc906827e8429e3a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-4f92"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hanalytics.min.js
awheneoc.com/views/grecaptcha/js/
8 KB
3 KB
Script
General
Full URL
https://awheneoc.com/views/grecaptcha/js/hanalytics.min.js?v=1716466938200695468
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
f70d91cf7c7080ac7863b956f3caaf55546f1b1021b70ea3ae9d1627e2f46788
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-1fa8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
events.min.js
awheneoc.com/views/grecaptcha/js/
7 KB
3 KB
Script
General
Full URL
https://awheneoc.com/views/grecaptcha/js/events.min.js?v=1716466938200695468
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
f42f15cde666dc72f10ae3fe5528e23094b62a9ae1a5cc20172e63cd8a622a92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-1b68"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
recaptcha.min.js
awheneoc.com/views/grecaptcha/js/
1 KB
941 B
Script
General
Full URL
https://awheneoc.com/views/grecaptcha/js/recaptcha.min.js?v=1716466938200695468
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2607:fbe0:1:42::1:1 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/l?v=s25Pynpv
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 09:19:32 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 May 2024 08:28:45 GMT
Server
nginx
ETag
W/"664c5b3d-4f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
extFpHash.js
awheneoc.com/views/grecaptcha/js/
0
0

cacheIcon.min.js
awheneoc.com/views/grecaptcha/js/
0
0

checkLogin.min.js
awheneoc.com/views/grecaptcha/js/
0
0

api.js
www.hcaptcha.com/1/
358 KB
0
Script
General
Full URL
https://www.hcaptcha.com/1/api.js?v=1716466938200695468
Requested by
Host: awheneoc.com
URL: https://awheneoc.com/l?v=s25Pynpv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://awheneoc.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 09:19:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"9527449f04670b12c4fad09e69bc84d5"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
88b567435ec7ab04-YYZ
expires
Wed, 12 Jun 2024 03:15:21 GMT
script.js
kaminari.systems/v1/
0
0

Ke.mL9Mu_ZOUPlQkRP-TTIU1VMWT_UYxZOaDbc-mdYeWfRgJ_ZiDj0kzlN-DnYozpMqj_csmtcu0vl-kxPyTzUAy_OCTDIEzFO-DHAImJcK0_lMkNMOjP0-mRcS0TlUk_MWzX0YmZc-nbJcpdZeD_0g0hYizjI-ylNmDnko2_ZqTrgs2tZ-jvdwkxMyj_ZAkBNCzD...
acidicfix.pro/aHG-EJ/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
from.startfinishthis.com
URL
https://from.startfinishthis.com/firstway
Domain
from.startfinishthis.com
URL
https://from.startfinishthis.com/firstway
Domain
awheneoc.com
URL
https://awheneoc.com/views/grecaptcha/js/extFpHash.js?v=1716466938200695468
Domain
awheneoc.com
URL
https://awheneoc.com/views/grecaptcha/js/cacheIcon.min.js?v=1716466938200695468
Domain
awheneoc.com
URL
https://awheneoc.com/views/grecaptcha/js/checkLogin.min.js?v=1716466938200695468
Domain
kaminari.systems
URL
https://kaminari.systems/v1/script.js?kmnrKey=560063934
Domain
acidicfix.pro
URL
https://acidicfix.pro/aHG-EJ/Ke.mL9Mu_ZOUPlQkRP-TTIU1VMWT_UYxZOaDbc-mdYeWfRgJ_ZiDj0kzlN-DnYozpMqj_csmtcu0vl-kxPyTzUAy_OCTDIEzFO-DHAImJcK0_lMkNMOjP0-mRcS0TlUk_MWzX0YmZc-nbJcpdZeD_0g0hYizjI-ylNmDnko2_ZqTrgs2tZ-jvdwkxMyj_ZAkBNCzDF-hFYG2HQI1_ZKmLJMkNN-zPYQ0RNSj_FUiVNWCXZ-1Zbamblcx_QenflgUhe-XjBkllPmT_AompdqWr5-ptcuUvJw5_Wymz9AuBZ-TD0EwFJGn_VIuJaKXLF-CNeOUPZQl_ZSWTQU9VM-CXZY1Zbam_lcxdQenfl-Ghbi3jJkt_YmXnQo9pM-CrZswtduD_0wwxJynzJ-2BPCTDAEm_aGHHMI9Jc-WLEMmNbOH_BQpRPSTTM-yVNWTXIYm_aaGblc0dS-WfQg9hNi2_Ek4lZmmnR-mpOqGrMs2_YujvdwkxY-TzkAwBOCW_YE2FZGTHI-yJNK2LNMi_NOGPMQ0RZ-jThUlVZWm_MYmZcambV-mdReGf9gt_YiWjlkulP-Qn

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
surprisedexpert.com/ Name: uniqCookie
Value: 1525ed7736e19e873f1151e2932f095e
surprisedexpert.com/ Name: kadACap
Value: 346327:1:1716974371
surprisedexpert.com/ Name: kadASCap
Value: 346327:1:1716974371
surprisedexpert.com/ Name: kadRPixJ
Value: bnVsbA==
surprisedexpert.com/ Name: kadUnP3
Value: CAEQo+bbsgYaDQjzwZkBEAEYo+bbsgYiCggDEAEYo+bbsgYqDAiMvRIQARij5tuyBg==

1 Console Messages

Source Level URL
Text
network error URL: https://from.startfinishthis.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acidicfix.pro
awheneoc.com
cfcglobal.ca
done.restartyourchoices.com
from.startfinishthis.com
jquery.restartyourchoices.com
js.cdntoswitchspirit.com
kaminari.systems
rest.cdntoswitchspirit.com
surprisedexpert.com
www.hcaptcha.com
acidicfix.pro
awheneoc.com
from.startfinishthis.com
kaminari.systems
104.19.230.21
2606:4700:3031::ac43:98c2
2606:4700:3033::ac43:b935
2606:4700:3033::ac43:d1e3
2607:fbe0:1:42::1:1
2607:fbe0:1:42::e
2a02:4780:11:1084:0:307a:ae41:7
096cb160ee32efd5c0d728e79d5b081122afa3fd6d5de9e8e64ceb25af1db8ee
0c1808af7c4fd6303086de89cb0a5cab2b4ab5613fd0bb51149b52f5ecd04966
0d023c6770c50a23f28adac7508c5b86f9b06774933a8d82e5d9d557610a430c
0eae4d5eb551cb46610fa0ffff295e962fc41cb968fcead0d0fd0c1b7d3268d3
1d49550b6627392fe77e183860f9092febde5b6c0b079512e43c44ac4bf4c501
22f93a906aa144d4a67e38e0ad3eb6d5b7338949a66390864dec7d3131e362ff
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2d7599e7355f74647511d36b0790e74fa070e990eb6e7dbe9086bbdc28c74e67
37d8f6482e8709e28469e43457b5448e56b1aa11acc707962ebb054e5a936c29
3d83b6360951ee5b5c4092e8059d6b69c293913ddd41e38be9a58e693c4da80d
49c9f63d98629e92281f760d9f1f83a3f5c31e2f0979e10804f3b28b87bdb149
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f557b14e9239aba1f83ad5ea884a100d1dd9d778cf1500f0277e311fed865a2
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5293a944bcb8fd9e3e9bad7779db3d7614ff145a524c9cb28cd7fc10732b7715
5b0dd0c78236661efd3cea34c18403126c36835eb5818903b94bc8d7eebecd7e
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6362dee99a89f15ae8eaf5b6c17d0a9f4e430aa3cb95b32a3b02e13c66a84a02
69790d23d3ec08dbfa6909de36996b4cd3b0154e57b78ccb0e8a281f5e6e72ce
69b3260be19acba9e09cbcd30fc608e0f60fbe7cb097483dc906827e8429e3a0
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
71adc15350145604f7a2794da7be297e14345f3fb31c4ea37c8a97e5e0b2ccd0
83289a4547e01e0f1764351d4ce77d262a84db17f8dc2be30ff195d10a5d4565
857a06738b346b4d275749df845fb3fe2f296bfe49c031e170a1808478299198
9d9ce044fb37d8b04b8dc6a36ba1fa4ce77187294fbde39eb7b5260ba7c5633e
9db7af5c1098186b9705a84264f56a3d1121c2c1e516d55e9e795d24b9cb363e
a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0
aee0515278db2d3b464047cea4e63f74ed4dc212eb6a6daa94e35992482c3bd3
b649c21669414cd332398441d41f8cff838581d3cb69815673aab9d195ef7d18
ba9b728987cd01302f5a311e28bf6513dc2b04d43c8b47743e206ccc7608522e
c19a3b5e10e979b08b2bcb55f68849e96e390c9bfd0b323a64a451bfbb95bf1c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e76f00dfaa4024efd443270ec285af9a07b7048b47df924659ab384df40db1b8
ef2a74581e6e3fe4b640b5bd914d2ff6c3fa6fa47fc480ab43e3850cca0b1948
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f42f15cde666dc72f10ae3fe5528e23094b62a9ae1a5cc20172e63cd8a622a92
f52e1ec06ba023932a9a90f2d1dabb7ab8fab24b6fb1f76d1d1061cca8972c88
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f70d91cf7c7080ac7863b956f3caaf55546f1b1021b70ea3ae9d1627e2f46788
fc95a937b31d5dbcd8b3c198bc0bdc89b67081d439ef9d4125d46316d9bfa182
fe4725d967cdafe16e972f934768dd5794a931d2e16f10a19a3e681f4afad7eb