urlscan.io logo urlscan.io
SecurityTrails logo

consulfor.ca Open in urlscan Pro
208.109.21.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://consulfor.ca/
Submission: On March 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 28 HTTP transactions. The main IP is 208.109.21.16, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is consulfor.ca.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.
This is the only time consulfor.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 208.109.21.16 398101 (GO-DADDY-...)
1 2 23.48.203.11 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1408:540... 20940 (AKAMAI-ASN1)
4 2600:1408:ec0... 20940 (AKAMAI-ASN1)
28 5
19    208.109.21.16 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 16.21.109.208.host.secureserver.net
consulfor.ca
2    23.48.203.11 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-203-11.deploy.static.akamaitechnologies.com
img1.wsimg.com
2    2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2600:1408:5400:18::170c:9349 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
4    2600:1408:ec00:28a::228b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
csp.secureserver.net
Apex Domain
Subdomains		 Transfer
19 consulfor.ca
consulfor.ca
417 KB
6 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 20521
csp.secureserver.net — Cisco Umbrella Rank: 20592
558 B
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 724
17 KB
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 15341
21 KB
28 4
Domain Requested by
19 consulfor.ca consulfor.ca
4 csp.secureserver.net img1.wsimg.com
2 events.api.secureserver.net img1.wsimg.com
2 ssl.google-analytics.com consulfor.ca
2 img1.wsimg.com 1 redirects consulfor.ca
28 5

This site contains no links.

Subject Issuer Validity Valid
mail.consulfor.ca
R3		 2024-03-18 -
2024-06-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-07-10 -
2024-08-10		 a year crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-10-10 -
2024-11-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://consulfor.ca/
Frame ID: CF97EE2A1AF915252D6528FCCDDD9770
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CONSULFOR inc.

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

28
Requests

96 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

455 kB
Transfer

637 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
consulfor.ca/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
48775b59191623884ee8a9a21e421ff5deffc48fcca28fd65a460fd9adc5878d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
br
content-length
2386
content-type
text/html
date
Mon, 25 Mar 2024 16:28:42 GMT
etag
"8d08d-1b94-5e5ce99f6ddd8-br"
last-modified
Tue, 09 Aug 2022 13:06:32 GMT
server
Apache
vary
Accept-Encoding
style_20140429.css
consulfor.ca/css/ 		3 KB
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consulfor.ca/css/style_20140429.css
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
b1400a4d24127949d48408a0af88e96d1ecc2d5109ff895027f86d7ffc635f6f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:06:23 GMT
server
Apache
etag
"8d069-bbd-5e5ce996a025b-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
742
menu.js
consulfor.ca/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consulfor.ca/menu.js
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
149ac0810e8c9dce610e0c6ed283aff60bde1af6c9701c38b97c5d0e1a8eaf36

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:06:32 GMT
server
Apache
etag
"8d08e-e5d-5e5ce99f80e8a-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1304
trait_menu.png
consulfor.ca/images/ 		344 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/trait_menu.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
163667c865468ca2361d38e82a31c010cb61e97132621b1d72d584e9613a1601

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:32 GMT
server
Apache
accept-ranges
bytes
etag
"8d08c-158-5e5ce99f3a59b"
content-length
344
content-type
image/png
trait_gris.png
consulfor.ca/images/ 		961 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/trait_gris.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
202983e541bd9bb551e1cabc3758dfbf7a2d432e948fa5ce00702b89118e9e75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:32 GMT
server
Apache
accept-ranges
bytes
etag
"8d08b-3c1-5e5ce99edaa51"
content-length
961
content-type
image/png
index_bois.png
consulfor.ca/images/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/index_bois.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
38dc8aaa3884d2b09388b37c75f3778c09138f2cc1102e6e394a9a70529b2a53

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:27 GMT
server
Apache
accept-ranges
bytes
etag
"8d077-e9a5-5e5ce99a2e14f"
content-length
59813
content-type
image/png
petrole_index.png
consulfor.ca/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/petrole_index.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
8257611af089599dc93fbe285dec2035e86c16aca8f4d2d8c829e7f54f0cf1ed

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:30 GMT
server
Apache
accept-ranges
bytes
etag
"8d083-6f2a-5e5ce99d2c755"
content-length
28458
content-type
image/png
granule_index.png
consulfor.ca/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/granule_index.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
fdfaabf2b866e9cfb817ae4024a3d39f4d2677c14aca40b2db49c5437d51d3a1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:26 GMT
server
Apache
accept-ranges
bytes
etag
"8d075-aad7-5e5ce999aa3e2"
content-length
43735
content-type
image/png
mine_index.png
consulfor.ca/images/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/mine_index.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
71ed00a292a8846ab8ed84fc3714a10e06eb0d9cb5917019385eb5febe0b84af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:29 GMT
server
Apache
accept-ranges
bytes
etag
"8d081-b321-5e5ce99c8e405"
content-length
45857
content-type
image/png
papier_index.png
consulfor.ca/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/papier_index.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
bc82e69c909f330af2ed5de9384b95ff6dca9d3fc90ff4b1f87b8794d46d6889

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:30 GMT
server
Apache
accept-ranges
bytes
etag
"8d082-8aae-5e5ce99cefaa7"
content-length
35502
content-type
image/png
index_parlement.png
consulfor.ca/images/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/index_parlement.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
5da5ac67d6dcd6c36857431538d2c189de0c6791f305a4dedbbde73ab794a75c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:28 GMT
server
Apache
accept-ranges
bytes
etag
"8d07b-26c21-5e5ce99b6a408"
content-length
158753
content-type
image/png
trait_gris_petit.png
consulfor.ca/images/ 		959 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/trait_gris_petit.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
bdd51d3456edf1d27f7401c94ce3c04dc4bf68104c7ce201900fef896c06de6f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:32 GMT
server
Apache
accept-ranges
bytes
etag
"8d08a-3bf-5e5ce99eedb03"
content-length
959
content-type
image/png
logo.jpg
consulfor.ca/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/logo.jpg
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
201199c96cd33e7c10920c24215becc57f4c82607fc126db0f70a242e489e768

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:28 GMT
server
Apache
accept-ranges
bytes
etag
"8d07e-1699-5e5ce99bc4961"
content-length
5785
content-type
image/jpeg
silouhettes_index.png
consulfor.ca/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/images/silouhettes_index.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
dfe7a5b5560535798ceed19b97fe5333145dd9e35e3c4ab2e80fdf73ae2d610c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
last-modified
Tue, 09 Aug 2022 13:06:31 GMT
server
Apache
accept-ranges
bytes
etag
"8d089-39fd-5e5ce99e45b72"
content-length
14845
content-type
image/png
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
103 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Server
23.48.203.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-203-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664

Request headers

accept-language
en-US,en;q=0.9
Referer
https://consulfor.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

x-amz-version-id
NUbpk_ypfZoRQFFJE7rB4qpj7fMsB7r1
content-encoding
gzip
date
Mon, 25 Mar 2024 16:28:43 GMT
x-amz-request-id
E8NTZK26ENSFK3V8
x-amz-server-side-encryption
AES256
x-amz-meta-version
0.2.5
content-length
20488
x-amz-id-2
bhT+1IWLNNwBxt3ZnqCxwi3E/nJJWf2wyIcDklKhjVm3QwygNcA8Qnm1XqP+K9tWL+wQFD3xQ1/R3/kjsK5fnA==
last-modified
Fri, 22 Mar 2024 13:06:20 GMT
etag
"fdf3f3c180ae2aa6864f9c46a83a37a9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Mar 2024 16:58:43 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin
*
date
Mon, 25 Mar 2024 16:28:42 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Tue, 25 Mar 2025 16:28:42 GMT
layout.css
consulfor.ca/styles/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consulfor.ca/styles/layout.css
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/css/style_20140429.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/css/style_20140429.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Mar 2024 16:03:56 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1486
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 25 Mar 2024 18:03:56 GMT
awmlib2.js
consulfor.ca/awmdata/ 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consulfor.ca/awmdata/awmlib2.js
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/menu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
89387ac2af4209cfaca5d2c161dc0208120c1a8eaeb4c531ff28e1fa46bf96a2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:42 GMT
content-encoding
br
last-modified
Tue, 09 Aug 2022 13:06:18 GMT
server
Apache
etag
"8d053-15f63-5e5ce99262ea5-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
25268
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1017499748&utmhn=consulfor.ca&utmcs=UTF-8&utmsr=800x600&utmvp=1600x1113&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CONSULFOR%20inc.&utmhid=1221389896&utmr=-&utmp=%2F&utmht=1711384123062&utmac=UA-48006428-1&utmcc=__utma%3D88883209.575650137.1711384123.1711384123.1711384123.1%3B%2B__utmz%3D88883209.1711384123.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1175129931&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 16:28:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cross.png
consulfor.ca/awmdata/menu/ 		383 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/awmdata/menu/cross.png
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
9415bf82216d5928c8124b81464d33dd7a4073278dd152db55939a02e325d8e5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:43 GMT
last-modified
Tue, 09 Aug 2022 13:06:20 GMT
server
Apache
accept-ranges
bytes
etag
"8d05b-17f-5e5ce993c9911"
content-length
383
content-type
image/png
dot.gif
consulfor.ca/awmdata/ 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consulfor.ca/awmdata/dot.gif
Requested by
Host: consulfor.ca
URL: https://consulfor.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:43 GMT
last-modified
Tue, 09 Aug 2022 13:06:17 GMT
server
Apache
accept-ranges
bytes
etag
"8d04d-2b-5e5ce991496a0"
content-length
43
content-type
image/gif
event
events.api.secureserver.net/t/1/tl/ 		43 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=consulfor.ca&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=65f5eb1f-44c6-4ed0-bc5b-925686ab3759&vtg=65f5eb1f-44c6-4ed0-bc5b-925686ab3759&dp=%2F&trace_id=9dfd84d1c0e04e95bb532a759837bbcd&cts=2024-03-25T16%3A28%3A43.184Z&hit_id=7e79d38b-a078-4159-bc7e-4f21e3cabb1c&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl452763%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%228881970%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&ap=cpsh-oh&vci=1005289858&z=1003799672
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1408:5400:18::170c:9349 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Mon, 25 Mar 2024 16:28:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://consulfor.ca
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=consulfor.ca&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=65f5eb1f-44c6-4ed0-bc5b-925686ab3759&vtg=65f5eb1f-44c6-4ed0-bc5b-925686ab3759&dp=%2F&trace_id=9dfd84d1c0e04e95bb532a759837bbcd&cts=2024-03-25T16%3A28%3A43.307Z&hit_id=88039987-e548-4883-8fdb-0df0f05c2082&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl452763%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%228881970%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%226%22%7D&ap=cpsh-oh&vci=1005289858&z=235909660&tce=1711384122237&tcs=1711384122039&tdc=1711384123298&tdclee=1711384123237&tdcles=1711384123235&tdi=1711384123235&tdl=1711384122359&tdle=1711384122039&tdls=1711384122039&tfs=1711384122019&tns=1711384122018&trqs=1711384122237&tre=1711384122335&trps=1711384122334&tles=1711384123298&tlee=0&nt=navigate&LCP=1157&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1408:5400:18::170c:9349 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Mon, 25 Mar 2024 16:28:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://consulfor.ca
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
favicon.ico
consulfor.ca/ 		315 B
343 B 		Other
General
Check archive.org
Download Go to
Full URL
https://consulfor.ca/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.109.21.16 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
16.21.109.208.host.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://consulfor.ca/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 16:28:43 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://consulfor.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Mon, 25 Mar 2024 16:28:43 GMT
Expires
Mon, 25 Mar 2024 16:28:43 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
VMbpaGvjoAMEuNA=
x-amzn-requestid
012f85d8-4d4f-4745-a043-5664900049bc
x-amzn-trace-id
Root=1-6601a63b-657d34606dcd6c683877b25d
x-envoy-upstream-service-time
6
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
Authorization
api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://consulfor.ca/
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 25 Mar 2024 16:28:44 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-6601a63b-04c48f5d2bdda0343458398f
x-amzn-requestid
23a6ec15-5a4d-43e5-a250-ad7317f066e9
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
96
Connection
keep-alive
x-amz-apigw-id
VMbpaEUYoAMEeHg=
Content-Length
0
Expires
Mon, 25 Mar 2024 16:28:44 GMT
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
Authorization
api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://consulfor.ca/
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 25 Mar 2024 16:28:43 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-6601a63b-1c6963ef0abe4c372ff4e449
x-amzn-requestid
9b7cb874-9ad8-4a74-a550-9110725ca2d1
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
103
Connection
keep-alive
x-amz-apigw-id
VMbpZErZoAMEjmg=
Content-Length
0
Expires
Mon, 25 Mar 2024 16:28:43 GMT
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1408:ec00:28a::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://consulfor.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Mon, 25 Mar 2024 16:28:43 GMT
Expires
Mon, 25 Mar 2024 16:28:43 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
VMbpYGu3IAMEuNA=
x-amzn-requestid
94899b14-f24e-429f-ae75-4f483762f2b0
x-amzn-trace-id
Root=1-6601a63b-283006f337cd1fd1643679e9
x-envoy-upstream-service-time
5

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| _gaq string| MenuLinkedBy string| awmMenuName string| awmBN number| awmLibraryBuild string| awmLibraryPath string| awmImagesPath number| awmSupported string| nua number| scriptNo string| mpi string| xt string| mpa string| mpin object| e string| awmMenuPath object| n string| awmImageName string| awmPosID string| awmPosClass string| awmSubmenusFrame undefined| awmSubmenusFrameOffset number| awmOptimize string| awmHash number| awmNoMenuPrint number| awmUseTrs object| awmSepr object| awmMarg function| awmBuildMenu number| awmRelativeCorner number| awmzindex object| _gat object| gaGlobal object| n$ function| xxxx string| $un object| $Dd object| dBd object| dEl number| awmhd number| aSD object| aFC string| awmdst undefined| awmcrm number| awmcre number| awmmo number| awmso object| awmctm number| awmdid string| awmsht number| awmsoo number| awmChromeOffsetX number| awmChromeOffsetY number| awmNS6OffsetX number| awmNS6OffsetY number| awmKonOffsetX number| awmKonOffsetY number| awmSafOffsetX number| awmSafOffsetY number| awmRTLSupport number| awmRightToLeftFrame number| awmlsx number| awmlsy object| awmalt object| awmplt object| awmvlt object| awmctlt object| dH string| dI object| dJ object| dK number| mNoI string| dA string| dB string| dC object| SI object| aL boolean| isOp boolean| iG1 number| aCI number| vl number| vt number| vr number| vb boolean| isKonq number| isSaf boolean| isChr boolean| isNaVA number| isNavV number| isGk35 number| isGk4 number| isGk13 number| isIE11 object| fMn number| wbKt number| wbKt534 number| chrV object| isiPh object| isBB object| isAn object| isAn2 number| scW object| awmsc number| awmLH number| awmLSH number| awmlssx number| awmlssy undefined| awmSelectedItem undefined| awmHideID undefined| awmCollID object| aUF string| aIP undefined| aDGP object| aRsF number| aRsF1 function| gScW function| vSE function| hSE function| awmpopup function| awmhidediv function| awmshowdiv function| aue function| aLf function| aLg function| dg function| kP function| aLh2 function| awmiht function| awmatai function| awmCF function| awmCreateCSS function| aGrAd function| aGbS function| awmCreateMenu function| fRe2 function| f$1$ function| aMN function| aMP function| aMR function| aMN2 function| aMP2 function| gTnIn function| mkFI function| mkFS function| awmas function| clT function| stT function| awmai function| urClc function| asP function| awmaiwi function| awmmght function| awmcgit function| awmcgtt function| awmcght function| awmIG function| awm_refresh_custom_variables function| aMrHTML function| aCrHTML function| aIrHTML function| awmItArTeAnIm function| awmight function| aMWC function| awmmwhttd function| awmcfe function| aiND function| aarrSL function| awmca function| aCHSO function| aCNSE function| asLDe function| awmcss function| awmcs function| amCMO function| awmchdt function| arSL function| crsI function| awmmcm function| awmodmd function| awmocmo function| awmocmot function| awmissf function| awmiss function| awmoimo function| mOA function| awmoimot function| awmoimd function| awmoimu function| awmoimm function| awmohmm function| RepSli function| awmEval function| awmEvalT function| aChDp function| awmCIMb function| awmpc function| awmu function| awmcu function| awmwr function| awmwu function| awmd function| aCo function| clrMSG function| getEBCN function| gTE function| awmOS2 function| awmOS1 function| awmdb function| awmbmm function| cGHF function| gMFC function| cMI function| _as function| cMG function| BMn function| awmHideMenu function| aTrm function| aMv function| oL function| oT function| oW function| oH function| Mr function| Mm function| getBGClrCSS function| gLT function| gX function| awmShowMenu function| awmHideGroup function| awmShowGroup function| awmNewMenu function| Tr function| awmSelectMenu function| awmTaB function| awmEv1 object| s2 string| s1 number| viewHeight object| awmImagesColl number| bWb number| bWr number| bWt number| pAb number| pAt number| pAr string| rAbl string| rAbr string| rAtr string| rAtl object| awmm number| awmDotGif object| cnt object| it object| aIC object| aFC$ object| aMC boolean| cCc number| thl1 number| thl2 number| thl object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 undefined| y number| hH number| hW number| rR number| rC number| mL number| o2$ number| x13 object| z object| cItm object| _trfq

8 Cookies

Domain/Path Name / Value
.consulfor.ca/ Name: __utma
Value: 88883209.575650137.1711384123.1711384123.1711384123.1
.consulfor.ca/ Name: __utmc
Value: 88883209
.consulfor.ca/ Name: __utmz
Value: 88883209.1711384123.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.consulfor.ca/ Name: __utmt
Value: 1
.consulfor.ca/ Name: __utmb
Value: 88883209.1.10.1711384123
.consulfor.ca/ Name: _tccl_visitor
Value: 65f5eb1f-44c6-4ed0-bc5b-925686ab3759
.consulfor.ca/ Name: _tccl_visit
Value: 65f5eb1f-44c6-4ed0-bc5b-925686ab3759
.consulfor.ca/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-03-25T16:28:43.183Z

2 Console Messages

Source Level URL
Text
network error URL: https://consulfor.ca/styles/layout.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://consulfor.ca/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consulfor.ca
csp.secureserver.net
events.api.secureserver.net
img1.wsimg.com
ssl.google-analytics.com
208.109.21.16
23.48.203.11
2600:1408:5400:18::170c:9349
2600:1408:ec00:28a::228b
2607:f8b0:4004:c1d::61
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
149ac0810e8c9dce610e0c6ed283aff60bde1af6c9701c38b97c5d0e1a8eaf36
163667c865468ca2361d38e82a31c010cb61e97132621b1d72d584e9613a1601
201199c96cd33e7c10920c24215becc57f4c82607fc126db0f70a242e489e768
202983e541bd9bb551e1cabc3758dfbf7a2d432e948fa5ce00702b89118e9e75
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
38dc8aaa3884d2b09388b37c75f3778c09138f2cc1102e6e394a9a70529b2a53
48775b59191623884ee8a9a21e421ff5deffc48fcca28fd65a460fd9adc5878d
5da5ac67d6dcd6c36857431538d2c189de0c6791f305a4dedbbde73ab794a75c
71ed00a292a8846ab8ed84fc3714a10e06eb0d9cb5917019385eb5febe0b84af
8257611af089599dc93fbe285dec2035e86c16aca8f4d2d8c829e7f54f0cf1ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89387ac2af4209cfaca5d2c161dc0208120c1a8eaeb4c531ff28e1fa46bf96a2
9415bf82216d5928c8124b81464d33dd7a4073278dd152db55939a02e325d8e5
b1400a4d24127949d48408a0af88e96d1ecc2d5109ff895027f86d7ffc635f6f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc82e69c909f330af2ed5de9384b95ff6dca9d3fc90ff4b1f87b8794d46d6889
bdd51d3456edf1d27f7401c94ce3c04dc4bf68104c7ce201900fef896c06de6f
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dfe7a5b5560535798ceed19b97fe5333145dd9e35e3c4ab2e80fdf73ae2d610c
e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664
fdfaabf2b866e9cfb817ae4024a3d39f4d2677c14aca40b2db49c5437d51d3a1