urlscan.io logo urlscan.io
SecurityTrails logo

www.theithelpguy.com Open in urlscan Pro
142.4.204.181  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.theithelpguy.com/
Submission: On January 25 via manual from IE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 51 HTTP transactions. The main IP is 142.4.204.181, located in Canada and belongs to OVH, FR. The main domain is www.theithelpguy.com.
This is the only time www.theithelpguy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.4.204.181 16276 (OVH)
2 22 142.4.205.1 16276 (OVH)
6 142.251.163.95 15169 (GOOGLE)
8 142.251.16.156 15169 (GOOGLE)
2 172.253.62.97 15169 (GOOGLE)
3 172.67.22.83 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 142.251.111.94 15169 (GOOGLE)
1 104.22.69.95 13335 (CLOUDFLAR...)
1 172.253.63.101 15169 (GOOGLE)
2 142.251.111.155 15169 (GOOGLE)
1 172.67.71.102 13335 (CLOUDFLAR...)
3 142.251.111.132 15169 (GOOGLE)
1 142.251.167.147 15169 (GOOGLE)
51 15
1    142.4.204.181 (Canada)

ASN16276 (OVH, FR)
PTR: mxgw.r4l.com
www.theithelpguy.com
22    142.4.205.1 (Canada)

ASN16276 (OVH, FR)
PTR: gw1.ahs4.r4l.com
witecon.com
6    142.251.163.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
fonts.googleapis.com
8    142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
pagead2.googlesyndication.com
2    172.253.62.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f97.1e100.net
www.googletagmanager.com
3    172.67.22.83 (United States)

ASN13335 (CLOUDFLARENET, US)
static.elfsight.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.251.111.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f94.1e100.net
fonts.gstatic.com
1    104.22.69.95 (None, )

ASN13335 (CLOUDFLARENET, US)
core.service.elfsight.com
1    172.253.63.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f101.1e100.net
www.google-analytics.com
2    142.251.111.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
googleads.g.doubleclick.net
1    172.67.71.102 (United States)

ASN13335 (CLOUDFLARENET, US)
files.elfsightcdn.com
3    142.251.111.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f132.1e100.net
tpc.googlesyndication.com
1    142.251.167.147 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f147.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
22 witecon.com
witecon.com
1 MB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
226 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
5 KB
4 elfsight.com
static.elfsight.com — Cisco Umbrella Rank: 14326
core.service.elfsight.com — Cisco Umbrella Rank: 16194
202 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
150 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 elfsightcdn.com
files.elfsightcdn.com — Cisco Umbrella Rank: 55665
12 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
9 KB
1 theithelpguy.com
www.theithelpguy.com
472 B
51 12
Domain Requested by
22 witecon.com 2 redirects www.theithelpguy.com
witecon.com
8 pagead2.googlesyndication.com witecon.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 fonts.googleapis.com witecon.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 static.elfsight.com witecon.com
static.elfsight.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com witecon.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 files.elfsightcdn.com witecon.com
1 www.google-analytics.com www.googletagmanager.com
1 core.service.elfsight.com static.elfsight.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com witecon.com
1 www.theithelpguy.com
51 14

This site contains no links.

Subject Issuer Validity Valid
witecon.com
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
static.elfsight.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
elfsight.com
Cloudflare Inc ECC CA-3		 2023-09-08 -
2024-09-07		 a year crt.sh
files.elfsightcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://www.theithelpguy.com/
Frame ID: 07AB206BFB1E61D07594EAF241C21364
Requests: 1 HTTP requests in this frame

Frame: https://witecon.com/theithelpguy/
Frame ID: FD5F67C3A8D396D23F68055BF2D7A028
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 6E21CDB114BC0EF43EDC3A9878785AAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9126477940872450&output=html&adk=1812271804&adf=3279755397&plat=1%3A16777728%2C2%3A16777728%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.theithelpguy.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1706195505423&bpp=3&bdt=839&idt=180&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&nras=1&correlator=8008285096764&frm=24&ife=1&pv=2&ga_vid=1290470978.1706195505&ga_sid=1706195506&ga_hid=137682974&ga_fc=1&nhd=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3908359387&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079265%2C95320377%2C95320892%2C95321627%2C95322166&oid=2&pvsid=2105440039278233&tmod=532839309&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rahneaigzogf&fsb=1&dtd=196
Frame ID: 1639BCBC92E406531EB442003373984A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 259586C7CD4B433B0E9AC3C13A719BA7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F90AF7AE6BB3EDAB1EAA390E1B30B17B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

theithelpguy.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

1717 kB
Transfer

3169 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://witecon.com/theithelpguy HTTP 301
  • https://witecon.com/theithelpguy HTTP 301
  • https://witecon.com/theithelpguy/

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.theithelpguy.com/ 		433 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.theithelpguy.com/
Protocol
HTTP/1.1
Server
142.4.204.181 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mxgw.r4l.com
Software
nginx/1.22.1 /
Resource Hash
da032ce9808c18cc2ff66b96200f56839cd092965041350e85226c5e87ac4af9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 25 Jan 2024 15:11:44 GMT
Server
nginx/1.22.1
Transfer-Encoding
chunked
/
witecon.com/theithelpguy/ Frame FD5F
Redirect Chain
  • http://witecon.com/theithelpguy
  • https://witecon.com/theithelpguy
  • https://witecon.com/theithelpguy/
21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/
Requested by
Host: www.theithelpguy.com
URL: http://www.theithelpguy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
455f69d48ef6432090038ff6ac9c523bf2d4a28465910b8f860a11cb786c855d

Request headers

Referer
http://www.theithelpguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Thu, 25 Jan 2024 15:11:44 GMT
etag
W/"6599958e-536e"
last-modified
Sat, 06 Jan 2024 18:01:50 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

content-length
303
content-type
text/html; charset=iso-8859-1
date
Thu, 25 Jan 2024 15:11:44 GMT
location
https://witecon.com/theithelpguy/
server
nginx
x-powered-by
PleskLin
bootstrap.min.css
witecon.com/theithelpguy/assets/bootstrap/css/ Frame FD5F 		190 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
4adae1a48ae50b78211ec8b0a924ad0f78b8de1d4a8045eb2ab98801246c62dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:05 GMT
server
nginx
etag
W/"6599071d-2f85e"
x-powered-by
PleskLin
content-type
text/css
css
fonts.googleapis.com/ Frame FD5F 		2 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 14:01:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 15:11:44 GMT
css
fonts.googleapis.com/ Frame FD5F 		3 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed&display=swap
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 14:34:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 15:11:44 GMT
css
fonts.googleapis.com/ Frame FD5F 		3 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Flex&display=swap
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
5c15bb0ca3c2eee539fd8a49b210b936063aa312972a6b483dc4fc416de4f8ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 15:11:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 15:11:44 GMT
css
fonts.googleapis.com/ Frame FD5F 		2 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono&display=swap
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
d99d2429e8e90014f3b5cb16a9bc0a773d0ddfb3d384c6e6b7f706236ae4848f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 14:52:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 15:11:44 GMT
css
fonts.googleapis.com/ Frame FD5F 		2 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Serif&display=swap
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
0f9281d4e6a085279b0c2aca8ac2c37dae8c53e1a52f997ea57e76b766d9b273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 15:11:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 15:11:44 GMT
css
fonts.googleapis.com/ Frame FD5F 		2 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab&display=swap
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
ESF /
Resource Hash
18efa46cb1fa2c6cf4461ffcf16cf38a2d57856947ce937320ab2e3aa8b5a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 13:59:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jan 2024 15:11:44 GMT
fontawesome-all.min.css
witecon.com/theithelpguy/assets/fonts/ Frame FD5F 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/fonts/fontawesome-all.min.css
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
19bc4712bca32db280000f294e2d0c1dc178063a9dd4278fc22d30a39c068846

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:30 GMT
server
nginx
etag
W/"65990736-df26"
x-powered-by
PleskLin
content-type
text/css
aos.min.css
witecon.com/theithelpguy/assets/css/ Frame FD5F 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/css/aos.min.css
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
br
server
nginx
content-type
text/html; charset=iso-8859-1
Hero-Carousel-images.css
witecon.com/theithelpguy/assets/css/ Frame FD5F 		37 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/css/Hero-Carousel-images.css
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
34428d3fc183d6418f770d773c3c85f3e1a5a46bf46db6519e3703dce73c8691

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:07 GMT
x-accel-version
0.01
server
nginx
etag
W/"25-60e4244edf6aa"
x-powered-by
PleskLin
content-type
text/css
styles.css
witecon.com/theithelpguy/assets/css/ Frame FD5F 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/css/styles.css
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
267886cf86c72b87418c63ab7b30ae97a691e65792c85f3e46e4fc4b8b0be551

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:07 GMT
server
nginx
etag
W/"6599071f-1129"
x-powered-by
PleskLin
content-type
text/css
TIHG---Free-Supp---Header.css
witecon.com/theithelpguy/assets/css/ Frame FD5F 		1 KB
428 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/css/TIHG---Free-Supp---Header.css
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
5cb154a1be2c59177b839eef19b7e7302fda2a9078038dbd64f5b238d3d2ec73

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:06 GMT
server
nginx
etag
W/"6599071e-408"
x-powered-by
PleskLin
content-type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FD5F 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
57f924dd3006152540bd7323a29fb2faaff2329acfbc019d26b102583c84db04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51021
x-xss-protection
0
server
cafe
etag
4308145709991159406
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 25 Jan 2024 15:11:45 GMT
js
www.googletagmanager.com/gtag/ Frame FD5F 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-235254706-1
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
33bbb93f9b4e214cbf267fc3acf043e29df9fe86fbe5526d91970f3e30a702e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69447
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jan 2024 15:11:45 GMT
platform.js
static.elfsight.com/platform/ Frame FD5F 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000003d43ac5e56c4f0f4-0065af9f8e-53a44446-sfo2a
age
505
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Nov 2023 12:13:36 GMT
server
cloudflare
etag
W/"2063d9765e1647d954e5344382c692a1"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
84b17352dd765401-YYZ
The%20IT%20Help%20Guy%20Logo%20-%20wo%20background%20-%20new%20website%202023-01.png
witecon.com/theithelpguy/assets/img/ Frame FD5F 		303 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://witecon.com/theithelpguy/assets/img/The%20IT%20Help%20Guy%20Logo%20-%20wo%20background%20-%20new%20website%202023-01.png
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
07c034cd8c348905055ef2ee10c2e91c938657b910b8994ded38e270552f04b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
last-modified
Sat, 06 Jan 2024 07:54:16 GMT
server
nginx
etag
"65990728-4bba0"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
310176
1-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-1.jpg
witecon.com/theithelpguy/assets/img/ Frame FD5F 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://witecon.com/theithelpguy/assets/img/1-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-1.jpg
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
07f9150e4da910e797a2742470aa3eb6033215e9524c3a0ea6d0e5a32f8281c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
last-modified
Sat, 06 Jan 2024 07:54:19 GMT
server
nginx
etag
"6599072b-18430"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
99376
2-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-2.jpg
witecon.com/theithelpguy/assets/img/ Frame FD5F 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://witecon.com/theithelpguy/assets/img/2-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-2.jpg
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
b890213a4b0f9d23f89f608d0923f06ba939bf109bdb75f73d26e1d771ef37cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
last-modified
Sat, 06 Jan 2024 07:54:27 GMT
server
nginx
etag
"65990733-24ee4"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
151268
3-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-3.jpg
witecon.com/theithelpguy/assets/img/ Frame FD5F 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://witecon.com/theithelpguy/assets/img/3-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-3.jpg
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
6a0500a007b6f4d444bce0b4600f846ac5cb7ff8fb8c1c43aac6a7172cdc1ae6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
last-modified
Sat, 06 Jan 2024 07:54:21 GMT
server
nginx
etag
"6599072d-1e813"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
124947
4-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-4.jpg
witecon.com/theithelpguy/assets/img/ Frame FD5F 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://witecon.com/theithelpguy/assets/img/4-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-4.jpg
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
4747013a0981cb2d5b2ebe7b0ff65cc6eb19560af58f2868b5aed1b1a569eebb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
last-modified
Sat, 06 Jan 2024 07:54:13 GMT
server
nginx
etag
"65990725-13c33"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
80947
5-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-5.jpg
witecon.com/theithelpguy/assets/img/ Frame FD5F 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://witecon.com/theithelpguy/assets/img/5-the-it-help-guy-data-recovery-services-website-portfolio-carousel-slide-5.jpg
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
77bc151356a56119d2032078ce4a8d77e5c3486fffb58712466ad9f6aacafd64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
last-modified
Sat, 06 Jan 2024 07:54:12 GMT
server
nginx
etag
"65990724-15f97"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
90007
bootstrap.min.js
witecon.com/theithelpguy/assets/bootstrap/js/ Frame FD5F 		78 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
a6f5751198a4f69f79734e6cb3acae54fbadfea910fe9acb0c61c4bb7495d066

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:06 GMT
server
nginx
etag
W/"6599071e-1377e"
x-powered-by
PleskLin
content-type
application/javascript
aos.min.js
witecon.com/theithelpguy/assets/js/ Frame FD5F 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/js/aos.min.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
server
nginx
content-type
text/html; charset=iso-8859-1
bs-init.js
witecon.com/theithelpguy/assets/js/ Frame FD5F 		343 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/js/bs-init.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
f25a60adcbcdcb0425c00da1d8e33edbdb6741e373402a6d22c3fb872de4a3b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
gzip
last-modified
Sat, 06 Jan 2024 07:54:07 GMT
server
nginx
x-accel-version
0.01
etag
"157-60e4244f2b96d-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
244
isotope.pkgd.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/ Frame FD5F 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/isotope.pkgd.min.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://witecon.com/
Origin
https://witecon.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4939117
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8847
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-8a75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5bbIbHV0fniSL1y%2BSnSCZkfIbAQZ68VDM0czSZG3UzBPQNE6gQ6TjsEWoJqt%2Fj5CGyYO6UhDkbM4hsNG3zg6T%2FWCVqIoRVDuoWRHug7Z9ES71b0MOTc4zLz1QjSrxB8h7l7glKH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84b1734ff8a5a21a-YYZ
expires
Tue, 14 Jan 2025 15:11:44 GMT
jquery.isotope.js
witecon.com/theithelpguy/assets/js/ Frame FD5F 		2 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/js/jquery.isotope.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
74b0768e85af431ba1560d931ceeb57b788ef8f987bc7f432a12abd4952f71eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:08 GMT
server
nginx
etag
W/"65990720-8a7"
x-powered-by
PleskLin
content-type
application/javascript
main.js
witecon.com/theithelpguy/assets/js/ Frame FD5F 		2 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/js/main.js
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
74b0768e85af431ba1560d931ceeb57b788ef8f987bc7f432a12abd4952f71eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
last-modified
Sat, 06 Jan 2024 07:54:07 GMT
server
nginx
etag
W/"6599071f-8a7"
x-powered-by
PleskLin
content-type
application/javascript
TheITHelpGuy-website-home-image-2023.jpg
witecon.com/theithelpguy/assets/img/ Frame FD5F 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://witecon.com/theithelpguy/assets/img/TheITHelpGuy-website-home-image-2023.jpg
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
c5401eafea21021cdc413901bda760acff76da58626d714049088edd1046bc9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/theithelpguy/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
last-modified
Sat, 06 Jan 2024 07:54:21 GMT
server
nginx
etag
"6599072d-16fdc"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
94172
truncated
/ Frame FD5F 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FD5F 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-solid-900.woff2
witecon.com/theithelpguy/assets/fonts/ Frame FD5F 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://witecon.com/theithelpguy/assets/fonts/fa-solid-900.woff2
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/assets/fonts/fontawesome-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.4.205.1 , Canada, ASN16276 (OVH, FR),
Reverse DNS
gw1.ahs4.r4l.com
Software
nginx / PleskLin
Resource Hash
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer
https://witecon.com/theithelpguy/assets/fonts/fontawesome-all.min.css
Origin
https://witecon.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
last-modified
Sat, 06 Jan 2024 07:54:41 GMT
server
nginx
etag
"65990741-12934"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
76084
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FD5F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://witecon.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 04:23:03 GMT
x-content-type-options
nosniff
age
38922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 04:23:03 GMT
/
core.service.elfsight.com/p/boot/ Frame FD5F 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fwitecon.com%2Ftheithelpguy%2F&w=962e0d75-2702-4463-b133-a46a33aea1ac
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9d0bb4ab7afc0e36c86f08c0217ae21d5be4a45f2dbd35a1d34b5ad1aca5cc
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=0
x-dns-prefetch-control
on
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
unsafe-none
etag
W/"1177-33WQhANBV8bn2IGMjneGMJC42IA"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://witecon.com
origin-agent-cluster
?1
access-control-allow-credentials
true
cf-apo-via
origin,host
cf-ray
84b17353cab0a228-YYZ
js
www.googletagmanager.com/gtag/ Frame FD5F 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3VC6B1G22M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-235254706-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1cce63e434da96e95430cc7f2d7ac82a649680b3337ae13225ab023a8f34779b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83922
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Jan 2024 15:11:45 GMT
analytics.js
www.google-analytics.com/ Frame FD5F 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-235254706-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 Jan 2024 13:27:19 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6266
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 25 Jan 2024 15:27:19 GMT
allInOneChat.js
static.elfsight.com/apps/all-in-one-chat/stable/2f89c22f6e7915d30d75462e906820287c2dbeec/app/ Frame FD5F 		560 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/apps/all-in-one-chat/stable/2f89c22f6e7915d30d75462e906820287c2dbeec/app/allInOneChat.js
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c62e91a8d66567509b9b7b48e20c88d6f95a787e243332f26029c1e8cb84f14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx00000a741434e3e51174b-0065af9f8f-53a44446-sfo2a
age
3574
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 29 Dec 2023 05:02:41 GMT
server
cloudflare
etag
W/"13a7b2308a27f91c5e069b6d91482753"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
84b17354a8ae5401-YYZ
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ Frame FD5F 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
94293d079db3d82441417ee4975b76899721ac8273b1d55cf15a6c8cd431e7c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139767
x-xss-protection
0
server
cafe
etag
15159355251769968044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 15:11:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 6E21 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://witecon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
41413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 03:41:32 GMT
etag
3890843268177463596
expires
Thu, 08 Feb 2024 03:41:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dialog.svg
static.elfsight.com/icons/ Frame FD5F 		815 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/icons/dialog.svg
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/apps/all-in-one-chat/stable/2f89c22f6e7915d30d75462e906820287c2dbeec/app/allInOneChat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5233b8f1ef597293da8e130eea402dce856da96f1d6034be4115ed19f509a296
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
tx000000accaee45ca9c847-0065b27a0a-53b212d9-sfo2a
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 23 Jan 2024 06:59:46 GMT
server
cloudflare
etag
W/"654cc03be770aa54a7a5f4bd9ec97777"
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-ray
84b17355e834a1e6-YYZ
Online-Chat-Help-Photo.jpg
files.elfsightcdn.com/eafe4a4d-3436-495d-b748-5bdce62d911d/a3137396-c869-4ff5-bed4-26fe935eb016/ Frame FD5F 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.elfsightcdn.com/eafe4a4d-3436-495d-b748-5bdce62d911d/a3137396-c869-4ff5-bed4-26fe935eb016/Online-Chat-Help-Photo.jpg
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9765c3b84be7da2cff18963a16a040c33b0186efe35f658fe6133663bcadd2f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx000000000000020f1d826-0065b27a0a-41db5baf-nyc3a
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
content-length
11301
cf-bgj
h2pri
last-modified
Thu, 14 Dec 2023 07:57:19 GMT
server
cloudflare
etag
"17fc6a47485c6aebc9faca4237bf0f66"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FBC3JN0wMF3rcbWeaKV3iHJv14BQlSWyVKmtKI7j%2BD%2B%2FNDtGqyjCFoe64AjRvXKT78W1vwXRtelI1bXvnctwxFzz%2BXlOK%2B%2FgJg1SyfMcNEp1Jndqz13kEMcSioflrwa0iLhUBgURw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-do-cdn-uuid
09fc71af-b58f-4172-b955-d9e3a4bdd076
cache-control
max-age=604800
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
84b173560a0636d7-YYZ
ads
googleads.g.doubleclick.net/pagead/ Frame 1639 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9126477940872450&output=html&adk=1812271804&adf=3279755397&plat=1%3A16777728%2C2%3A16777728%2C3%3A512%2C4%3A512%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1081856%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.theithelpguy.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&dt=1706195505423&bpp=3&bdt=839&idt=180&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&nras=1&correlator=8008285096764&frm=24&ife=1&pv=2&ga_vid=1290470978.1706195505&ga_sid=1706195506&ga_hid=137682974&ga_fc=1&nhd=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=3908359387&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079265%2C95320377%2C95320892%2C95321627%2C95322166&oid=2&pvsid=2105440039278233&tmod=532839309&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rahneaigzogf&fsb=1&dtd=196
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://witecon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 15:11:45 GMT
expires
Thu, 25 Jan 2024 15:11:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD5F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=FloatingButton__FloatingButtonContainer-sc-q5md4t-0%20lbvXTF&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 15:11:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD5F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-md%20fixed-top%20navbar-light&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: witecon.com
URL: https://witecon.com/theithelpguy/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Jan 2024 15:11:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD5F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
3fac4965654a740f6aff14d6d74e13770b1f6e34c23690b508c7b1bb912dcb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12279
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD5F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 15:11:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2595 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://witecon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
89123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jan 2024 14:26:23 GMT
expires
Thu, 23 Jan 2025 14:26:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F90A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f147.1e100.net
Software
GSE /
Resource Hash
61c3e2e6e6fff6279337d56177620ddd6c605c73c6004f2bcb50aedddf059ff9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KmRXd44Gfa-Bdyl83pYxYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://witecon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KmRXd44Gfa-Bdyl83pYxYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 15:11:46 GMT
expires
Thu, 25 Jan 2024 15:11:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2595 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 07:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
28808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jan 2025 07:11:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F90A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2105440039278233&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2595 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?icQ-_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 15:11:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FD5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2105440039278233&bg=!yMuly4TNAAa8BdJLnAU7ADQBe5WfOF7eUkCABvT1cCqaqGD16iK4MKTBFWQ-2Vn3H8567ODuJI4dxQkqRkf1IODj2n6QAgAAAFVSAAAAA2gBB5kC6ol9AretcOHB-t-O1G4RWlajOeXghvVx8im8SSz0W3v_v6gK6RCk4rc41QCyKTuDXv2KvnEjoOotqETryjUbpzPLZ0NWKD01uyY3GXgRNygFb4nQvGX8Z9yl2fWYoZXruzML_VUuAQig8ocglp84hNQzQ9MRBc86yolI-nF5HGhbTKWs53QQuSeY-qOm74U2Zd2eEw_aMx2IXsuCyMuAynr8rahb86v7U_575YPXW9uxt9Eom3PAl35ZTtTFzrQwR7LA_y4WJSVQ9PIGIyfo8RBXDiooPKpHHckh1QhfE5CKJL2ALd066QC6FExmTlgsWOcAGAx1y78JWzrTsvebDWmmGHx4Dc9LTD3IeEjy6FW-rCGukaaZg7sBPovsXKpa_JKutTRvWtLp2xsXuci79yqPrHMNoI7EFTa-5nIkkuPU5xquBUroyeRYtHCTZWXnmF_j_If-mrkG3GKSRgoZlgRRG8u_RyesvxEuKR1MrK8_DwwITMbkoPdrxe2NMhPoONG9Q_uTDZGwmipU094RTbISrFmi9zgrhBm7LZsRQS-gfTepaDLGeS-jotkwNM5k8KzgXtpJCM8CPAylj8jLC7kFgQFliqlf211-9B5z17zlpfaWm5_-6Mwhl_iOiENAKF5yAodYzAXcaWCvZBpEKDhRytYgtKkdr4qnsH_QjJo4WZ9ufAYaHY7W82e8pJ5vyJiYy9UNHuVmpouKuh6nRMqFcWORxRxgwVLSBmIJVkTjkfqeC3VZWrbM-qMEXTgmk2mRccp-BNwaNhc_SJ6V_SCSqD7k_7EEGVzp3Ilbt_Bx2ne0tdqQuhFy3Ky-r8TJHkX1rM8OGfPHnFHuDClfGRr-MA3g9HMRFNSy18mlHe80ZLcvbu69a08USLy71wAPyBZLoIEWrD5mshLIBrOKnwXkyWphfB_DiXo_H8kxAAapZmXzVuid5I8oIr4nGRLElslBOjMPiryebYC7qx-Ng3BzeqQYVcTsZ1AZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://witecon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
core.service.elfsight.com/ Name: elfsight_viewed_recently
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://witecon.com/theithelpguy/assets/css/aos.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://witecon.com/theithelpguy/assets/js/aos.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
core.service.elfsight.com
files.elfsightcdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.elfsight.com
tpc.googlesyndication.com
witecon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.theithelpguy.com
104.17.25.14
104.22.69.95
142.251.111.132
142.251.111.155
142.251.111.94
142.251.16.156
142.251.163.95
142.251.167.147
142.4.204.181
142.4.205.1
172.253.62.97
172.253.63.101
172.67.22.83
172.67.71.102
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07c034cd8c348905055ef2ee10c2e91c938657b910b8994ded38e270552f04b2
07f9150e4da910e797a2742470aa3eb6033215e9524c3a0ea6d0e5a32f8281c6
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0c62e91a8d66567509b9b7b48e20c88d6f95a787e243332f26029c1e8cb84f14
0f9281d4e6a085279b0c2aca8ac2c37dae8c53e1a52f997ea57e76b766d9b273
18efa46cb1fa2c6cf4461ffcf16cf38a2d57856947ce937320ab2e3aa8b5a20f
19bc4712bca32db280000f294e2d0c1dc178063a9dd4278fc22d30a39c068846
1cce63e434da96e95430cc7f2d7ac82a649680b3337ae13225ab023a8f34779b
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
267886cf86c72b87418c63ab7b30ae97a691e65792c85f3e46e4fc4b8b0be551
2b351fe1e6843dcb15b8895144bf1825a4695ff99128eb086b522ed959b0e01c
33bbb93f9b4e214cbf267fc3acf043e29df9fe86fbe5526d91970f3e30a702e1
34428d3fc183d6418f770d773c3c85f3e1a5a46bf46db6519e3703dce73c8691
3fac4965654a740f6aff14d6d74e13770b1f6e34c23690b508c7b1bb912dcb41
455f69d48ef6432090038ff6ac9c523bf2d4a28465910b8f860a11cb786c855d
4747013a0981cb2d5b2ebe7b0ff65cc6eb19560af58f2868b5aed1b1a569eebb
4adae1a48ae50b78211ec8b0a924ad0f78b8de1d4a8045eb2ab98801246c62dd
5233b8f1ef597293da8e130eea402dce856da96f1d6034be4115ed19f509a296
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f924dd3006152540bd7323a29fb2faaff2329acfbc019d26b102583c84db04
5c15bb0ca3c2eee539fd8a49b210b936063aa312972a6b483dc4fc416de4f8ae
5cb154a1be2c59177b839eef19b7e7302fda2a9078038dbd64f5b238d3d2ec73
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c3e2e6e6fff6279337d56177620ddd6c605c73c6004f2bcb50aedddf059ff9
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
6a0500a007b6f4d444bce0b4600f846ac5cb7ff8fb8c1c43aac6a7172cdc1ae6
74b0768e85af431ba1560d931ceeb57b788ef8f987bc7f432a12abd4952f71eb
77bc151356a56119d2032078ce4a8d77e5c3486fffb58712466ad9f6aacafd64
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
8e9d0bb4ab7afc0e36c86f08c0217ae21d5be4a45f2dbd35a1d34b5ad1aca5cc
94293d079db3d82441417ee4975b76899721ac8273b1d55cf15a6c8cd431e7c3
9765c3b84be7da2cff18963a16a040c33b0186efe35f658fe6133663bcadd2f6
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a6f5751198a4f69f79734e6cb3acae54fbadfea910fe9acb0c61c4bb7495d066
b890213a4b0f9d23f89f608d0923f06ba939bf109bdb75f73d26e1d771ef37cd
c5401eafea21021cdc413901bda760acff76da58626d714049088edd1046bc9d
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
d99d2429e8e90014f3b5cb16a9bc0a773d0ddfb3d384c6e6b7f706236ae4848f
da032ce9808c18cc2ff66b96200f56839cd092965041350e85226c5e87ac4af9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f25a60adcbcdcb0425c00da1d8e33edbdb6741e373402a6d22c3fb872de4a3b4
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd