Submitted URL: http://orea.com/
Effective URL: https://www.orea.com/
Submission: On December 08 via api from US — Scanned from CA

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 106 HTTP transactions. The main IP is 162.247.246.170, located in Brampton, Canada and belongs to LVSCU, US. The main domain is www.orea.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 23rd 2023. Valid for: a year.
This is the only time www.orea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40 162.247.246.170 55117 (LVSCU)
2 172.253.122.97 15169 (GOOGLE)
1 172.253.62.95 15169 (GOOGLE)
7 172.253.122.105 15169 (GOOGLE)
25 207.112.15.50 6407 (PRIMUS-AS...)
2 142.250.31.138 15169 (GOOGLE)
2 172.253.62.154 15169 (GOOGLE)
1 172.253.122.94 15169 (GOOGLE)
1 2 142.251.16.97 15169 (GOOGLE)
2 104.19.147.8 13335 (CLOUDFLAR...)
12 172.253.62.94 15169 (GOOGLE)
1 104.22.0.204 13335 (CLOUDFLAR...)
2 13.107.246.40 8075 (MICROSOFT...)
2 151.101.193.229 54113 (FASTLY)
2 151.101.66.137 54113 (FASTLY)
1 172.67.11.155 13335 (CLOUDFLAR...)
3 20.114.189.70 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 13.107.21.200 8068 (MICROSOFT...)
106 19
Apex Domain
Subdomains
Transfer
40 orea.com
orea.com
www.orea.com
3 MB
25 korahlimited.com
green.korahlimited.com
186 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
748 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 152
57 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
t.clarity.ms — Cisco Umbrella Rank: 7201
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
92 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
47 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 3785
cdn.acsbapp.com — Cisco Umbrella Rank: 3966
90 KB
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199
3 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 587
17 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
435 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
158 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
763 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9252
408 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
106 15
Domain Requested by
39 www.orea.com www.orea.com
25 green.korahlimited.com www.orea.com
green.korahlimited.com
code.jquery.com
8 www.gstatic.com www.google.com
www.gstatic.com
7 www.google.com www.orea.com
www.gstatic.com
www.google.com
4 fonts.gstatic.com fonts.googleapis.com
www.orea.com
3 t.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 code.jquery.com green.korahlimited.com
2 cdn.jsdelivr.net green.korahlimited.com
2 www.clarity.ms www.orea.com
www.clarity.ms
2 script.crazyegg.com www.orea.com
script.crazyegg.com
2 ssl.google-analytics.com 1 redirects www.orea.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.orea.com
2 analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com www.orea.com
1 c.bing.com 1 redirects
1 cdn.acsbapp.com acsbapp.com
1 acsbapp.com www.orea.com
1 www.google.ca www.orea.com
1 fonts.googleapis.com www.orea.com
1 orea.com 1 redirects
106 21

This site contains links to these domains. Also see Links.

Domain
accessibe.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
Subject Issuer Validity Valid
*.orea.com
Go Daddy Secure Certificate Authority - G2
2023-03-23 -
2024-04-23
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
green.korahlimited.com
R3
2023-10-07 -
2024-01-05
3 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google.ca
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-09 -
2024-03-08
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
acsbapp.com
GTS CA 1P5
2023-10-28 -
2024-01-26
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-08-29 -
2024-08-29
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.orea.com/
Frame ID: 6B35CB280FEE608613AAF1EA113CE6D9
Requests: 69 HTTP requests in this frame

Frame: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Frame ID: DF33A6209D05AF475EE2F819C504DFC6
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl&co=aHR0cHM6Ly93d3cub3JlYS5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c5x30ax0npop
Frame ID: 1F5AEBB7221E7B5EE5512045C91611EE
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl
Frame ID: 5AA06F831FC35B5BF4FB5E7D2C09CEE0
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

OREA - Ontario Real Estate AssociationOpen SearchClose SearchCloseFacebookTwitterLinkedInYouTubeInstagram

Page URL History Show full URLs

  1. http://orea.com/ HTTP 301
    https://www.orea.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

106
Requests

98 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

4508 kB
Transfer

11924 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://orea.com/ HTTP 301
    https://www.orea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1862563175&utmhn=www.orea.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OREA%20-%20Ontario%20Real%20Estate%20Association&utmhid=70752704&utmr=-&utmp=%2F&utmht=1702055817375&utmac=UA-1889498-1&utmcc=__utma%3D242065756.2025646262.1702055813.1702055817.1702055817.1%3B%2B__utmz%3D242065756.1702055817.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1596437747&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1889498-1&cid=2025646262.1702055813&jid=1596437747&_v=5.7.2&z=1862563175
Request Chain 98
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DCDC538A706B4E3A9B2EA077EE2D3931&RedC=c.clarity.ms&MXFR=02F42F64D2BB6A1903E63C85D6BB64AB HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DCDC538A706B4E3A9B2EA077EE2D3931&MUID=250C677B779F6B3B084B749A76106AF3

106 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.orea.com/
Redirect Chain
  • http://orea.com/
  • https://www.orea.com/
144 KB
145 KB
Document
General
Full URL
https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
b460eb81ace635085cad1d7b5e1a12da4fd279309e2cf4d0d91d0aca35cff843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
147630
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 17:16:48 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN sameorigin

Redirect headers

Content-Length
144
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 17:16:48 GMT
Location
https://www.orea.com/
Strict-Transport-Security
max-age=31536000
X-Frame-Options
sameorigin
js
www.googletagmanager.com/gtag/
259 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-40B67EJ6QG
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2749419148a6488326f526f1a82b48ca1ad44ca7f06204e9f7f84814e57f3cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89484
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 17:16:53 GMT
css2
fonts.googleapis.com/
32 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f95.1e100.net
Software
ESF /
Resource Hash
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 15:26:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Dec 2023 17:16:57 GMT
head
www.orea.com/bundles/css/
401 KB
401 KB
Stylesheet
General
Full URL
https://www.orea.com/bundles/css/head?v=0drt21NZkIubXwIkcd8rnjX8I65J-jRXEDRb_OqMs-01
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
ea1cf11ab245c6a91f53e774fc180821031daea37b49ad509b4002f9178b4846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:49 GMT
last-modified
Fri, 08 Dec 2023 17:16:49 GMT
vary
User-Agent
x-frame-options
sameorigin
content-type
text/css; charset=utf-8
cache-control
public
content-length
410454
expires
Sat, 07 Dec 2024 17:16:49 GMT
head
www.orea.com/bundles/js/
239 KB
240 KB
Script
General
Full URL
https://www.orea.com/bundles/js/head?v=j5TUIeERvLrWUpef-dpNXL-y3y-iwPf_DNOBS6mq3bg1
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
d9dbd2767dc03d11a1e24535c378922a34ba47a817f2ea1473bbd42c75013081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Fri, 08 Dec 2023 17:16:53 GMT
vary
User-Agent
x-frame-options
sameorigin
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
245017
expires
Sat, 07 Dec 2024 17:16:53 GMT
header
www.orea.com/bundles/js/
482 KB
483 KB
Script
General
Full URL
https://www.orea.com/bundles/js/header?v=UiWIF2Oycrs8r58Lp3NRIjplF0BCTimiVF74uZBEKaA1
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
f7672ee9399dcc548a3a2d8363f5f7cc9ddc853d1099b3217b14296da1ca16cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:49 GMT
last-modified
Fri, 08 Dec 2023 17:16:49 GMT
vary
User-Agent
x-frame-options
sameorigin
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
494063
expires
Sat, 07 Dec 2024 17:16:49 GMT
orea-logo.svg
www.orea.com/Contents/Images/
685 B
803 B
Image
General
Full URL
https://www.orea.com/Contents/Images/orea-logo.svg
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
0d1ebd86458385f5b04a2597b58e248deb68465be80ac41edc6d5c4924e58b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:49 GMT
last-modified
Wed, 25 Oct 2023 16:19:38 GMT
etag
"38db56d5f7da1:0"
x-frame-options
sameorigin
content-type
image/svg+xml
accept-ranges
bytes
content-length
685
gtm.js
www.googletagmanager.com/
214 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T89KTXK
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
62d148c449c2f104d4c25bbbac93d918fd5cc887a07d81b8a2462a07a09a2f99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71817
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Dec 2023 17:16:53 GMT
orea2022-m.min.css
www.orea.com/Styles/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.orea.com/Styles/orea2022-m.min.css
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
e5cd55c6b483199ad9941a682cf90127066042a7cad0592232a4d54c4323875b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 25 Oct 2023 16:19:56 GMT
etag
"70febd175f7da1:0"
x-frame-options
sameorigin
content-type
text/css
accept-ranges
bytes
content-length
2242
orea2022-t.min.css
www.orea.com/Styles/
171 B
225 B
Stylesheet
General
Full URL
https://www.orea.com/Styles/orea2022-t.min.css
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
996bf43673e5e8db5b2d5f55bc3910f389c5438b3aefa33f5460566bd91e321f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 25 Oct 2023 16:19:56 GMT
etag
"7d60c0175f7da1:0"
x-frame-options
sameorigin
content-type
text/css
accept-ranges
bytes
content-length
171
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
GSE /
Resource Hash
b311ac29f8d7837679d637891db9bbcc84ab0fa8652196d3605de190dc6a6857
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 08 Dec 2023 17:16:53 GMT
eye-hide.svg
www.orea.com/Contents/Images/
1 KB
1 KB
Image
General
Full URL
https://www.orea.com/Contents/Images/eye-hide.svg
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
cb7983c6c923ecb4c7e4d4c4b5391fb5b1f2250374310147574319a8ed675acb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:49 GMT
last-modified
Wed, 25 Oct 2023 16:19:38 GMT
etag
"a233fd5f7da1:0"
x-frame-options
sameorigin
content-type
image/svg+xml
accept-ranges
bytes
content-length
1426
eye-show.svg
www.orea.com/Contents/Images/
764 B
819 B
Image
General
Full URL
https://www.orea.com/Contents/Images/eye-show.svg
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
45309388a75157419e7f672b3d4b61172f29ed1df1e9422ba4b357fb27f6d5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:49 GMT
last-modified
Wed, 25 Oct 2023 16:19:38 GMT
etag
"216641d5f7da1:0"
x-frame-options
sameorigin
content-type
image/svg+xml
accept-ranges
bytes
content-length
764
Parliament-Hill.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
50 KB
50 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/Parliament-Hill.jpg?rev=c081e114ec1d4fbcaf28520950551bff&hash=99F70ADD12800D5E5E95B442FA63FD53
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
8c73c72d362442329c5a04dff27333e7d4e9563bf7e15eb0213f2b1dc20a4944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:49 GMT
last-modified
Wed, 22 Nov 2023 00:48:53 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Parliament-Hill.jpg"
accept-ranges
bytes
content-length
50736
Power%20House%20410.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
62 KB
62 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/Power%20House%20410.jpg?rev=e814b462b96c46269ead131a0a6d535f&hash=DA7CD5480C32C7A489B402F4EFA9E25C
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
8f92dc1fdf97ce0b7d44886a9fb08514bfda09428b451bcf49e9228352e9e957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:49 GMT
last-modified
Fri, 17 Nov 2023 18:25:28 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Power House 410.jpg"
accept-ranges
bytes
content-length
63543
queens-park-arial-sm.jpg
www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/MediaRoom/
55 KB
55 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/MediaRoom/queens-park-arial-sm.jpg?rev=1e4930e186ba495a8af647d5a9dcbc17&hash=62A564948F5D77329952F4C544AF7919
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
d5c6b5f8dc69f0781b681c21c883587292234f4f84e1eb2a6b3b0e9dd199c98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Tue, 07 Nov 2023 14:23:42 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="queens-park-arial-sm.jpg"
accept-ranges
bytes
content-length
55825
Advocacy-carousel-Immigration-Report.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
57 KB
57 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/Advocacy-carousel-Immigration-Report.jpg?rev=5d1eba8fe8964b559d290e511db4c2ac&hash=484F38F43D1BFD210DE7B2E1C588820F
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
008df1b5a232cbe02970511325cab9db11e775d838a3d35acc836034ac77f28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Wed, 18 Oct 2023 21:27:47 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="Advocacy-carousel-Immigration-Report.jpg"
accept-ranges
bytes
content-length
58316
hp-press-sept-20-2023.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
25 KB
26 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/hp-press-sept-20-2023.jpg?rev=781a032d20f4434298831f3c7959b432&hash=82DFDFBF3A302AA3A13A33EDF0DAAC3D
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
dc4f047225bf02d81a884e4e3635343c3e3734384c5960ad66cfe2e4f621b0f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Wed, 20 Sep 2023 11:31:48 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="hp-press-sept-20-2023.jpg"
accept-ranges
bytes
content-length
26054
hp-press-release-September-15.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
91 KB
92 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/hp-press-release-September-15.jpg?rev=1470461e5b40432d8d64287457bd14f1&hash=DB7C7832C243FE86017868CDEB998E2C
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
5ef8275760c28a1b6ee51ed0510630e41b138da90f175ce1b28311db67e06352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Fri, 15 Sep 2023 17:29:49 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="hp-press-release-September-15.jpg"
accept-ranges
bytes
content-length
93676
hp-press-release-September-14.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
69 KB
69 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/hp-press-release-September-14.jpg?rev=07357f6b80644884ac839a6545732f47&hash=87537BF245226EB3B201CBA8F67D46FB
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
ecf5895690b4ec8d0b4e35995024fc84c93d36272f927a0f870c60889b07e29a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Thu, 14 Sep 2023 19:35:13 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="hp-press-release-September-14.jpg"
accept-ranges
bytes
content-length
70790
hp-media-july-2023.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
51 KB
51 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/hp-media-july-2023.jpg?rev=7c4718f0a61c42f08379de0dd33f8f16&hash=199AB45DF591BD147325F5D875C03F5E
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
b99f93fdcabba5eb9e0bb3eb38468433a266fe00d9fc749c40ee7dbf8402690b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Mon, 31 Jul 2023 18:51:48 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="hp-media-july-2023.jpg"
accept-ranges
bytes
content-length
52097
ORWP-press-release-hp.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
35 KB
35 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/ORWP-press-release-hp.jpg?rev=6d830d4dbbbd4d0d9307a8ecab8095b0&hash=C676471BB898F5227C475F58E1FE519A
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
b0b567557ee74f6a07f590e6e9272415eafbbe0fc95b199561a31a1318eb42ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Wed, 21 Jun 2023 13:34:26 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="ORWP-press-release-hp.jpg"
accept-ranges
bytes
content-length
35829
5-June-2023.webp
www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/
51 KB
51 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/5-June-2023.webp?rev=843cfde74af14c28808fb546c103d4d6&hash=438B8BECBB76123C41CE65DE4CDD49EA
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
f9fcd676320a25ab0d00cbb5f29a5e08a238fa2d1129873c8dc336df94f75d94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Mon, 12 Jun 2023 18:55:37 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="5-June-2023.webp"
accept-ranges
bytes
content-length
52312
24-May-2023-PR.webp
www.orea.com/~/media/Sites/OREA/Images/Callouts/
38 KB
38 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/24-May-2023-PR.webp?rev=a0c51f6ec32d4ff4b20f77b0ddfac0b1&hash=C2781FB6D55E0881966C20EEC91E4B0B
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
1fd962141e7234c3282cfcf5da05a35b10be891f566d30e755fa595c77590335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Mon, 12 Jun 2023 19:00:04 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="24-May-2023-PR.webp"
accept-ranges
bytes
content-length
39192
HP-Apr6-2023.webp
www.orea.com/~/media/Images/Press-releases/2023/
29 KB
29 KB
Image
General
Full URL
https://www.orea.com/~/media/Images/Press-releases/2023/HP-Apr6-2023.webp?rev=d2945a671fee40a3bd68990b45fd9086&hash=666DB418030F926FCA9D8C3BC60824A3
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
7331eac33b254505f116209612693ff07aa7982e88c20556cbef851365946554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Wed, 24 May 2023 19:51:09 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="HP-Apr6-2023.webp"
accept-ranges
bytes
content-length
29916
5-April-2023.webp
www.orea.com/~/media/Images/Press-releases/2023/
43 KB
43 KB
Image
General
Full URL
https://www.orea.com/~/media/Images/Press-releases/2023/5-April-2023.webp?rev=c76f80666e7f4fb38ab96f6398a26ca1&hash=282595C9B37E771900A1655A4F8E901F
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
dc65f841a9fd45edd0ccaa967a6f8ff86e4384786fd48d19276d960d472b8714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:52 GMT
last-modified
Mon, 12 Jun 2023 19:02:27 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="5-April-2023.webp"
accept-ranges
bytes
content-length
44346
March-31-2023-HP.webp
www.orea.com/~/media/Images/Press-releases/2023/
39 KB
39 KB
Image
General
Full URL
https://www.orea.com/~/media/Images/Press-releases/2023/March-31-2023-HP.webp?rev=462e410f192745a0a129783da1b91f7b&hash=3869BE8B8B3F20619EB3DFEB2B40A6B4
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
fb90e1f3b2163b4843a43de60d35a0283fb73c1a5b8e18144f21a74a8f8b03ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Mon, 12 Jun 2023 19:05:15 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="March-31-2023-HP.webp"
accept-ranges
bytes
content-length
39624
March-29-2023-Sm.jpg
www.orea.com/~/media/Sites/OREA/Images/Callouts/
33 KB
33 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/March-29-2023-Sm.jpg?rev=ecff65128c9a4070b630df4a4454c10f&hash=BCAAD7E9FC3737B64EA4DA9F112DFA4E
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
8fc017bf1449c3c7e681feefbe24e3e06270b3009d5e6abd34294c5e1bd3a927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 29 Mar 2023 18:39:43 GMT
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
private, max-age=604800
content-disposition
inline; filename="March-29-2023-Sm.jpg"
accept-ranges
bytes
content-length
34083
QueensPark.webp
www.orea.com/~/media/Sites/OREA/Images/Callouts/
39 KB
39 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/QueensPark.webp?rev=e4ad11f12bb6451c92a1211f373213da&hash=A7CFB0214E43DDC7E1864009F1FFFF61
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
1cc32097a42f0d943861380c98fb7ae9c40846a6744ccc24a830a0cec1f0dd44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Thu, 25 May 2023 12:34:10 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="QueensPark.webp"
accept-ranges
bytes
content-length
40222
Queens-Park-Spring.webp
www.orea.com/~/media/Sites/OREA/Images/Callouts/
28 KB
28 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/Queens-Park-Spring.webp?rev=5de035237f074995908fa5da6c729af3&hash=CF81F48B4E4F069BAB090B0D58656DAE
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
e52a92362a615da56e6174777ae5454e29bd201b7d033cd69d895bb7ac74e5a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Thu, 25 May 2023 12:35:24 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="Queens-Park-Spring.webp"
accept-ranges
bytes
content-length
28266
Meet-Your-New-President-2023-409x400.webp
www.orea.com/~/media/Sites/OREA/Images/Callouts/
29 KB
29 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/Meet-Your-New-President-2023-409x400.webp?rev=96cb3380e67d4424be1127dc4a7d1c9b&hash=58765408E3E78F15B04528ECC08F6FDA
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
d06b0dffad6004a4c9b4bbefb2211b6a7b072a39670ad4278583695891c9cfb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Mon, 12 Jun 2023 19:09:11 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="Meet-Your-New-President-2023-409x400.webp"
accept-ranges
bytes
content-length
29416
2023-Forms-Revisions.webp
www.orea.com/~/media/Sites/OREA/Images/Callouts/
27 KB
28 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/2023-Forms-Revisions.webp?rev=24be7a2f66384891926ec4261e6c3bb8&hash=1F2EFCE1AC8E262A056C4E39AD336B8A
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
93d649d8f1fffcce5d71c6ab99b0e8d8250db3b759fe3792c2734b8f3251785a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Mon, 12 Jun 2023 19:12:47 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="2023-Forms-Revisions.webp"
accept-ranges
bytes
content-length
28078
increase-housing-supply.webp
www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Advocacy/
28 KB
28 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Advocacy/increase-housing-supply.webp?rev=a4a38257ca7b48068850720cb1828c81&hash=C74FA5DB8E9EA7DAD4616D9499856443
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
d84b04c6beadaca343b9f6a33577c89aa9237a9b924a53261346a29f28b86fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 24 May 2023 19:52:09 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="increase-housing-supply.webp"
accept-ranges
bytes
content-length
28958
Saving-the-Dream.webp
www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/
27 KB
27 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/Saving-the-Dream.webp?rev=ab1d5aa4849e4bf4a47d35e7b4171f26&hash=6D1A59C9664E73D656160F79AA9DB9DE
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
79b46f9f045d2de0615cee334ed6649b232373aed303f193b15b1140680fc657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Thu, 25 May 2023 13:08:52 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="Saving-the-Dream.webp"
accept-ranges
bytes
content-length
27768
Open-Bidding-Small.webp
www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/
24 KB
24 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/Open-Bidding-Small.webp?rev=b4f6e3f38c524f8e9e6acdad5bd2c477&hash=F100D70B966D0D7144EB9A5AA1876BFF
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
850681de1abcbbd3ae4d7d3986bbadad841aa9f08c5efd0d1d7f4461509c8cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 24 May 2023 20:28:42 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="Open-Bidding-Small.webp"
accept-ranges
bytes
content-length
24806
Election-Spotlights-Affordability.webp
www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/
19 KB
20 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Carousel%20Images/Updates/Election-Spotlights-Affordability.webp?rev=d800448fc702452691c0aeee7d0f8016&hash=17F54EEF449C9E0939E921B160E1C24D
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
6a8151e89d7a9e03f0be44168f682ecab7081452d943b99d88de5fd3daea58f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 24 May 2023 19:26:03 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="Election-Spotlights-Affordability.webp"
accept-ranges
bytes
content-length
19882
Transparency-to-Real-Estate-Offer-Process.webp
www.orea.com/~/media/Images/Press-releases/2022/
15 KB
15 KB
Image
General
Full URL
https://www.orea.com/~/media/Images/Press-releases/2022/Transparency-to-Real-Estate-Offer-Process.webp?rev=e9b13676e5154ec1b24291676a346e25&hash=B0156D5CB3C01CA9E423A9B76773EAD0
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
e57fd0bfad644e69d1fc4f6bdbc4fe92efdb064ca7030957c250fd32a5bcb6f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Thu, 25 May 2023 13:31:22 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="Transparency-to-Real-Estate-Offer-Process.webp"
accept-ranges
bytes
content-length
14918
home-forms.webp
www.orea.com/~/media/Sites/OREA/Images/Standard-Forms/
37 KB
37 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Standard-Forms/home-forms.webp?rev=783de9db0fc34a4ab47216ba9c369e2c&hash=C5F7FD66E944D72B6AB6509AEB1B2D33
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
9af981bf0633e61ab2fcb927345ea7bfeee171fae61cd8fd880427c7d267c969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 24 May 2023 20:10:29 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="home-forms.webp"
accept-ranges
bytes
content-length
37968
Advocate-Queens-Park.webp
www.orea.com/~/media/Sites/OREA/Images/Callouts/
93 KB
94 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/Advocate-Queens-Park.webp?rev=c4c5a89d0ddb461591b2319f6630696f&hash=290F7B9C56B6C08E63CAC4AF574C6DC0
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
ffd2626cccde2494ac52d89e827ab49983413ba8386b4f4674d73bb5d1eb1622
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Tue, 06 Jun 2023 18:48:03 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="Advocate-Queens-Park.webp"
accept-ranges
bytes
content-length
95678
orea-icon-lockup.svg
www.orea.com/Contents/Images/
9 KB
4 KB
Image
General
Full URL
https://www.orea.com/Contents/Images/orea-icon-lockup.svg
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
f58bb14e41b51817ded8300b81571f1cdc2cdbedb7c2c5041e66404db9f5c1ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 08 Dec 2023 17:16:53 GMT
last-modified
Wed, 25 Oct 2023 16:19:38 GMT
etag
"0c9ddc5f7da1:0"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
image/svg+xml
accept-ranges
bytes
content-length
3597
ccRwidget.css
green.korahlimited.com/oprCns/ccr-btn-sdk/css/
616 B
722 B
Stylesheet
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/css/ccRwidget.css
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
57aec3e38f6deb9bba6daf0397ebf98a13e8a311995e39c192e27fb916e35e9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:49:34 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"268-6072177213bfc-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Access-Control-Allow-Headers
csrf-token
Content-Length
252
Service-Worker-Allowed
/
ccRwidget.js
green.korahlimited.com/oprCns/ccr-btn-sdk/js/
23 KB
6 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/js/ccRwidget.js
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
58d77354f4fe5abd6db54e48f41c21e00c2121413d0d89262024174d148b8a78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:50:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5b87-607217a506e24-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Access-Control-Allow-Headers
csrf-token
Content-Length
5637
Service-Worker-Allowed
/
collect
analytics.google.com/g/
0
243 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-40B67EJ6QG&gtm=45je3bt0v893868218&_p=1702055809843&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2025646262.1702055813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702055813&sct=1&seg=0&dl=https%3A%2F%2Fwww.orea.com%2F&dt=OREA%20-%20Ontario%20Real%20Estate%20Association&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4305
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-40B67EJ6QG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 17:16:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.orea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
243 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-40B67EJ6QG&cid=2025646262.1702055813&gtm=45je3bt0v893868218&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-40B67EJ6QG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 17:16:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.orea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
42 B
408 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-40B67EJ6QG&cid=2025646262.1702055813&gtm=45je3bt0v893868218&aip=1&dma=0&gcd=11l1l1l1l1&z=1377471690
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 17:16:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 17:06:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
602
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 08 Dec 2023 19:06:55 GMT
1036.js
script.crazyegg.com/pages/scripts/0012/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0012/1036.js?472793
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ccdf1498742f6c5618058241f5f708992b205af7676cf043e290559be93472

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
age
598695
cf-polished
origSize=5984
ce-version
11.5.153
cf-bgj
minify
last-modified
Fri, 01 Dec 2023 18:58:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8326a8b97e6a36d9-YYZ
recaptcha__en.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/
501 KB
201 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.orea.com/
Origin
https://www.orea.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204921
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:18:11 GMT
homepagevideo-webm
www.orea.com/
5 MB
0
Media
General
Full URL
https://www.orea.com/homepagevideo-webm
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://www.orea.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:56 GMT
last-modified
Fri, 09 Jun 2023 13:13:02 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
Content-Range
bytes 0-6798622/6798623
cache-control
private, max-age=604800
content-disposition
attachment; filename="HomepageBannerVideoWEBM.webm"
accept-ranges
bytes
Content-Length
6798623
app.js
acsbapp.com/apps/app/dist/js/
292 KB
89 KB
Script
General
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.0.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82adc81ec49abb103a2d123062623d6663f4132e9d4402ba868b1a53c64a74c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPqTs1oQLbMbBWp6dLDbHifH0MjRds7hSChKumk7a68-tA3qMWARGkimhMjL1B1LuRF-rKCqMoO_iITccoFaooPv0Emp0T9F
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 06 Dec 2023 16:40:02 GMT
server
cloudflare
etag
W/"af6db79cc261f9ddde2ea78a3341d0c7"
vary
Accept-Encoding
x-goog-hash
crc32c=qmjZjA==, md5=r223nMJh+d3eLqeKM0HQxw==
x-goog-generation
1701880802637232
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
299041
cf-ray
8326a8bfbca539ed-YYZ
expires
Sat, 07 Dec 2024 17:16:58 GMT
truncated
/
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/jpg
home-header.jpg
www.orea.com/~/media/Sites/OREA/Images/Home/
637 KB
637 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Home/home-header.jpg
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
a3470f34c169d4ea19d1cc197c64023d275771b62a828c57ab3e13c5ddc36738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:56 GMT
last-modified
Thu, 12 Oct 2023 16:03:27 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="home-header.webp"
accept-ranges
bytes
content-length
652296
BottomBanner.webp
www.orea.com/~/media/Sites/OREA/Images/Callouts/
65 KB
66 KB
Image
General
Full URL
https://www.orea.com/~/media/Sites/OREA/Images/Callouts/BottomBanner.webp?rev=825e4113a98b4ef08464ea211e73d14c&hash=DB4BEE82B164A3F575AE00D82E036F61
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.246.170 Brampton, Canada, ASN55117 (LVSCU, US),
Reverse DNS
Software
/
Resource Hash
b849526e7c7766bec52abd0914e437d6df671c29227c317f6ff22e6b9e0d46eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 17:16:56 GMT
last-modified
Wed, 24 May 2023 20:10:31 GMT
x-frame-options
sameorigin
content-type
application/octet-stream
cache-control
private, max-age=604800
content-disposition
attachment; filename="BottomBanner.webp"
accept-ranges
bytes
content-length
67062
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orea.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:13:56 GMT
x-content-type-options
nosniff
age
201781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 09:13:56 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.orea.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:08:23 GMT
x-content-type-options
nosniff
age
202114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 09:08:23 GMT
getWidgetCfg.php
green.korahlimited.com/oprCns/
29 B
609 B
XHR
General
Full URL
https://green.korahlimited.com/oprCns/getWidgetCfg.php
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/js/ccRwidget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3d030bb851ff317d37adf3a77561e1933df730ff190a9373b72e9de0a09cf72f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.orea.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 17:16:58 GMT
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
X-Frame-Options
SAMEORIGIN
P3P
CP="Potato"
Access-Control-Allow-Origin
*
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
29
Service-Worker-Allowed
/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ccrBtnTemplate.html
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ Frame DF33
9 KB
3 KB
Document
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/js/ccRwidget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b922ca438c313b13d45081c380880441ac32dfc52b013c59ef67926ded02059b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.orea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
csrf-token
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2451
Content-Type
text/html
Date
Fri, 08 Dec 2023 17:16:57 GMT
ETag
"2216-6072176a6cbd6-gzip"
Keep-Alive
timeout=5, max=100
Last-Modified
Sat, 07 Oct 2023 14:49:26 GMT
Server
Apache/2.4.41 (Ubuntu)
Service-Worker-Allowed
/
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
jqg4lxhwvi
www.clarity.ms/tag/
668 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/jqg4lxhwvi?ref=gtm2
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3af2789418818a74382bb40a0146a42b1630e48f766cfb126fc7ed961ce02c2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
-1
date
Fri, 08 Dec 2023 17:16:58 GMT
x-azure-ref
20231208T171658Z-hagsp1w7s568tbmdpasyb66fnn0000000p9g00000000dsea
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
668
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1862563175&utmhn=www.orea.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=OREA%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1889498-1&cid=2025646262.1702055813&jid=1596437747&_v=5.7.2&z=1862563175
35 B
192 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1889498-1&cid=2025646262.1702055813&jid=1596437747&_v=5.7.2&z=1862563175
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 08 Dec 2023 17:16:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 17:16:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1889498-1&cid=2025646262.1702055813&jid=1596437747&_v=5.7.2&z=1862563175
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.orea.com.json
script.crazyegg.com/pages/data-scripts/0012/1036/site/
961 B
714 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0012/1036/site/www.orea.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/1036.js?472793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81f150055f5400a8199d2d6e77bda7499eb497f7ac22c4d4aa59befe821571ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:57 GMT
content-encoding
gzip
cf-cache-status
HIT
age
598709
ce-version
11.5.153
content-length
441
last-modified
Fri, 01 Dec 2023 18:58:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8326a8bc8a813a0b-YYZ
anchor
www.google.com/recaptcha/api2/ Frame 1F5A
42 KB
27 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl&co=aHR0cHM6Ly93d3cub3JlYS5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c5x30ax0npop
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
GSE /
Resource Hash
554de4a1f129cdcf0ffd109acdcf0c267138bc3f150515af1ed28e9f4a6686f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JodE9bVSpj8GMYaQ6p-3Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JodE9bVSpj8GMYaQ6p-3Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 17:16:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ Frame DF33
190 KB
30 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://green.korahlimited.com/
Origin
https://green.korahlimited.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 17:16:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
3807493
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30336
x-served-by
cache-fra-eddf8230122-FRA, cache-yyz4525-YYZ
x-jsd-version-type
version
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
ccrBtn.base.css
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ Frame DF33
6 KB
2 KB
Stylesheet
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ccrBtn.base.css
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
efa04d065a5b268eb50231fd9fbb05d66741171a3d03df65e68dc060a5c99865
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:47:19 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"194d-607216f15a340-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Access-Control-Allow-Headers
csrf-token
Content-Length
1685
Service-Worker-Allowed
/
lsAdapter.js
green.korahlimited.com/oprCns/ccrChat/js/ Frame DF33
4 KB
1 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/ccrChat/js/lsAdapter.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9585e51b8a26cfe6aaa8fa5e57e4944e813a08210c74e833fb203a91cf02beb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:45:26 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"eff-607216862d53e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1040
Service-Worker-Allowed
/
jquery-3.1.0.min.js
code.jquery.com/ Frame DF33
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.1.0.min.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7255217
x-cache
HIT, HIT
content-length
30019
x-served-by
cache-lga21948-LGA, cache-yyz4541-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702055819.044309,VS0,VE0
etag
W/"28feccc0-1514f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
38, 3745
jquery-ui.min.js
code.jquery.com/ui/1.11.3/ Frame DF33
234 KB
63 KB
Script
General
Full URL
https://code.jquery.com/ui/1.11.3/jquery-ui.min.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7253619
x-cache
HIT, HIT
content-length
64209
x-served-by
cache-lga13629-LGA, cache-yyz4541-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702055819.044285,VS0,VE0
etag
W/"28feccc0-3a99b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
7, 2232
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ Frame DF33
59 KB
17 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://green.korahlimited.com/
Origin
https://green.korahlimited.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 17:16:58 GMT
x-content-type-options
nosniff
content-encoding
br
age
13773631
x-jsd-version
5.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17319
x-served-by
cache-fra-eddf8230041-FRA, cache-yyz4525-YYZ
x-jsd-version-type
version
etag
W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
i18next-1.6.3.min.js
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/ Frame DF33
29 KB
9 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/i18next-1.6.3.min.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
97764699fdc1aee05243192c802552a69b73f79b69f5a9830e35a7b93dcaea74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:49:16 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"75cc-60721761028d8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Access-Control-Allow-Headers
csrf-token
Content-Length
9020
Service-Worker-Allowed
/
util.js
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/ Frame DF33
3 KB
2 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/util.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
837287f71fd853b20e04f50489cf67856850336d0dfe158e399b22c01e12cb0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:49:16 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d92-6072176111338-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Access-Control-Allow-Headers
csrf-token
Content-Length
1060
Service-Worker-Allowed
/
url.min.js
green.korahlimited.com/oprCns/js/pub/ Frame DF33
2 KB
1 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/js/pub/url.min.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
aa0fc9ae389409647a6928308bd74ba9accf9f8457d35605c91e4dea63de9564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:43:36 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"79f-6072161c9b96a-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
908
Service-Worker-Allowed
/
wsClient.js
green.korahlimited.com/oprCns/js/ Frame DF33
6 KB
2 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/js/wsClient.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a57d28390476eb88a96e6982674e161034ffdc5e9fda78b4369a9df9ce156dfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:43:33 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1607-6072161a6432c-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1869
Service-Worker-Allowed
/
push-client.js
green.korahlimited.com/oprCns/js/ Frame DF33
3 KB
1 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/js/push-client.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6918a6b55379f2dff2203aae19c8bd7efceb81f88123bee144683743e263b779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 Jul 2022 16:39:35 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"c15-5e339bb165fc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
768
Service-Worker-Allowed
/
ccrBtn.js
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/ Frame DF33
72 KB
14 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/ccrBtn.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2c3dcf1c4ba25c111b8539eb7034df11cca6997407ec6a898d601d16dde2ffdb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:49:16 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11e27-60721760e5416-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Access-Control-Allow-Headers
csrf-token
Content-Length
13961
Service-Worker-Allowed
/
ThirdPartyCookiePatch.js
green.korahlimited.com/oprCns/ccrChat/thirdPartyCookiePatch/ Frame DF33
2 KB
1 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/ccrChat/thirdPartyCookiePatch/ThirdPartyCookiePatch.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9333ebbaa78e517f68099325bc1659e05853717db5c82953eaa50ca03685b41a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:45:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"860-6072168714c6a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
814
Service-Worker-Allowed
/
logo.png
green.korahlimited.com/oprCns/ccr-btn-sdk/img/ Frame DF33
20 KB
20 KB
Image
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/img/logo.png
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7db72dc01550068012be75b67958bdb4b517915eb57e26c956f88bb619bdd9a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:49:44 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4f6c-6072177ba211b"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Access-Control-Allow-Headers
csrf-token
Content-Length
20332
Service-Worker-Allowed
/
logo.png
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/img/ Frame DF33
8 KB
8 KB
Image
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/img/logo.png
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
935b66835f9f1f3efb42754f1af698820113deda01588a2484d6a38a5f981e0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:47:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1f85-607216f212c6a"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Access-Control-Allow-Headers
csrf-token
Content-Length
8069
Service-Worker-Allowed
/
styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 1F5A
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl&co=aHR0cHM6Ly93d3cub3JlYS5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c5x30ax0npop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:16:17 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 1F5A
501 KB
200 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl&co=aHR0cHM6Ly93d3cub3JlYS5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c5x30ax0npop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204921
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:18:11 GMT
mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
www.google.com/js/bg/ Frame 1F5A
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
sffe /
Resource Hash
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl&co=aHR0cHM6Ly93d3cub3JlYS5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c5x30ax0npop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:22:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:22:10 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1F5A
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl&co=aHR0cHM6Ly93d3cub3JlYS5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c5x30ax0npop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
GSE /
Resource Hash
153667004611f8905f074b17b69c32f43b8038f0d95d1341d00a88e48f990a6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl&co=aHR0cHM6Ly93d3cub3JlYS5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=c5x30ax0npop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 08 Dec 2023 17:16:58 GMT
config.json
cdn.acsbapp.com/config/orea.com/
162 B
715 B
Fetch
General
Full URL
https://cdn.acsbapp.com/config/orea.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.11.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef38ead324ba5b4778a3bff37c1c5d082ac2d655a5d92d084d0d58ad8ceaec6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:58 GMT
content-encoding
br
cf-cache-status
HIT
age
35
x-guploader-uploadid
ABPtcPqqgn2zl_dhfbNt-GoQWN0Dm8sJOukf5qAx9AEZe_6jtEd73ZMT0tLDwdyNCttyRI7t07OSNH_zKOgDkFbrCPIYFA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 01 Mar 2023 13:46:47 GMT
server
cloudflare
etag
W/"d4eb783539073dfc8e207a1fc98c2250"
vary
Accept-Encoding
x-goog-hash
crc32c=URltpQ==, md5=1Ot4NTkHPfyOIHofyYwiUA==
x-goog-generation
1677678407218996
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
162
cf-ray
8326a8c1aa95549d-YYZ
expires
Sat, 07 Dec 2024 17:16:23 GMT
html2canvas.min.js
green.korahlimited.com/oprCns/js/
161 KB
41 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/js/html2canvas.min.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/js/ccRwidget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
031d5aaadbf1581634c56343fad3d956f6bf550672f6dd427b5ed924ef8d4d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:43:32 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"28552-607216198d5a0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
41716
Service-Worker-Allowed
/
uiTracker.js
green.korahlimited.com/oprCns/js/
12 KB
3 KB
Script
General
Full URL
https://green.korahlimited.com/oprCns/js/uiTracker.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/js/ccRwidget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
03ec27acfde3b6a65e67d69383bbf5d1c3a41684be9ebaeb41e40539eb85e620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:43:33 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2e80-6072161a37469-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
3118
Service-Worker-Allowed
/
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-40B67EJ6QG&gtm=45je3bt0v893868218&_p=1702055809843&gcd=11l1l1l1l1&dma=0&cid=2025646262.1702055813&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702055813&sct=1&seg=0&dl=https%3A%2F%2Fwww.orea.com%2F&dt=OREA%20-%20Ontario%20Real%20Estate%20Association&en=scroll&epn.percent_scrolled=90&_et=13&tfd=9340
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-40B67EJ6QG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 17:16:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.orea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 5AA0
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
GSE /
Resource Hash
8f8d1c071d5e496ead914b0ee556ee9d4eb787121fe1bfbb86f9aa1328eecdee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LJOOIE90IXHBaVwfxictfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.orea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LJOOIE90IXHBaVwfxictfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 17:16:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jqg4lxhwvi?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 17:16:58 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 12:08:18 GMT
etag
W/"0x8DBF4C1B3818466"
vary
Accept-Encoding
x-azure-ref
20231208T171658Z-hagsp1w7s568tbmdpasyb66fnn0000000p9g00000000dsfa
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
adf779cd-301e-0010-5cf2-26ebb3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 5AA0
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:16:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:16:17 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 5AA0
501 KB
200 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204921
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:18:11 GMT
collect
t.clarity.ms/
0
292 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.orea.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.orea.com
Date
Fri, 08 Dec 2023 17:16:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
reload
www.google.com/recaptcha/api2/ Frame 5AA0
20 KB
15 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
GSE /
Resource Hash
dbbc50443ed42280f5a131069c0197e75a0c0c456689f67410d97b7255656f60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 08 Dec 2023 17:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 08 Dec 2023 17:16:58 GMT
collect
t.clarity.ms/
0
292 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.orea.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.orea.com
Date
Fri, 08 Dec 2023 17:16:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
www.google.com/js/bg/ Frame 5AA0
17 KB
7 KB
Script
General
Full URL
https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f105.1e100.net
Software
sffe /
Resource Hash
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LeX7BsUAAAAADelXNhomhrrN_TnbGZ1RV-W2CGl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:22:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 13:22:10 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5AA0
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 08:45:47 GMT
x-content-type-options
nosniff
age
203472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 13 Dec 2023 08:45:47 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5AA0
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:14:26 GMT
x-content-type-options
nosniff
age
201753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 13 Dec 2023 09:14:26 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5AA0
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:14:26 GMT
x-content-type-options
nosniff
age
201753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 13 Dec 2023 09:14:26 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5AA0
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:16:39 GMT
x-content-type-options
nosniff
age
201620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 09:16:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5AA0
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.orea.com
URL: https://www.orea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 08:58:11 GMT
x-content-type-options
nosniff
age
202728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 08:58:11 GMT
i18Locale.A3E922C3-EA4B-11EB-AEE2-0242AC110005.js
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/
3 KB
1 KB
XHR
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/i18Locale.A3E922C3-EA4B-11EB-AEE2-0242AC110005.js
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/js/ccRwidget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5f3d35ee42a1d2d95a011cfe1e7c29e4ab326e7578955f6ca82ca4ab61e4326c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 17:16:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
X-Frame-Options
SAMEORIGIN
P3P
CP="Potato"
Access-Control-Allow-Origin
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
861
Service-Worker-Allowed
/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ccrobot.png
green.korahlimited.com/oprCns/ccr-btn-sdk/img/ Frame DF33
6 KB
7 KB
Image
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/img/ccrobot.png
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ccrBtn.base.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b6e3413ecdbb29bfb743731808469f1506066fbeb09b5488490d5ebe7f4da033
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ccrBtn.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:59 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:49:44 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"19eb-6072177b648b8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Access-Control-Allow-Headers
csrf-token
Content-Length
6635
Service-Worker-Allowed
/
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DCDC538A706B4E3A9B2EA077EE2D3931&RedC=c.clarity.ms&MXFR=02F42F64D2BB6A1903E63C85D6BB64AB
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DCDC538A706B4E3A9B2EA077EE2D3931&MUID=250C677B779F6B3B084B749A76106AF3
42 B
443 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DCDC538A706B4E3A9B2EA077EE2D3931&MUID=250C677B779F6B3B084B749A76106AF3
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.orea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 17:16:58 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
server
Microsoft-IIS/10.0
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 17:16:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 66F7D4281ABA4B5F8DE09AF74857EE3D Ref B: NYCEDGE1414 Ref C: 2023-12-08T17:16:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DCDC538A706B4E3A9B2EA077EE2D3931&MUID=250C677B779F6B3B084B749A76106AF3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
i18Locale.A3E922C3-EA4B-11EB-AEE2-0242AC110005.js
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/ Frame DF33
3 KB
1 KB
XHR
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/js/i18Locale.A3E922C3-EA4B-11EB-AEE2-0242AC110005.js
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5f3d35ee42a1d2d95a011cfe1e7c29e4ab326e7578955f6ca82ca4ab61e4326c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 17:16:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
X-Frame-Options
SAMEORIGIN
P3P
CP="Potato"
Access-Control-Allow-Origin
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
861
Service-Worker-Allowed
/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ccrBtn.A3E922C3-EA4B-11EB-AEE2-0242AC110005.css
green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ Frame DF33
7 KB
2 KB
Stylesheet
General
Full URL
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ccrBtn.A3E922C3-EA4B-11EB-AEE2-0242AC110005.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
663237fd043eda2eaae94502a33c5e4d2720f405528063f3ec9c83366f08e2c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 17:16:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
X-Frame-Options
SAMEORIGIN
P3P
CP="Potato"
Access-Control-Allow-Origin
*
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=85
Content-Length
968
Service-Worker-Allowed
/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
getTstCookie.php
green.korahlimited.com/oprCns//ccrChat/thirdPartyCookiePatch/ Frame DF33
15 B
353 B
XHR
General
Full URL
https://green.korahlimited.com/oprCns//ccrChat/thirdPartyCookiePatch/getTstCookie.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 08 Dec 2023 17:16:59 GMT
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
Content-Type
application/json
Connection
Keep-Alive
Keep-Alive
timeout=5, max=84
Content-Length
15
Service-Worker-Allowed
/
saveUsrEngagement.php
green.korahlimited.com/oprCns/ Frame DF33
19 B
463 B
XHR
General
Full URL
https://green.korahlimited.com/oprCns/saveUsrEngagement.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
847cb718814aeca942779464c11ad29a4c628c022e2a78e4c9b413e802c5a6f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 17:16:59 GMT
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
X-Frame-Options
SAMEORIGIN
P3P
CP="Potato"
Access-Control-Allow-Origin
*
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
19
Service-Worker-Allowed
/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
KumbhSans-Regular.ttf
green.korahlimited.com/oprCns/ccrChat/fonts/ Frame DF33
55 KB
56 KB
Font
General
Full URL
https://green.korahlimited.com/oprCns/ccrChat/fonts/KumbhSans-Regular.ttf
Requested by
Host: green.korahlimited.com
URL: https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ccrBtn.base.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1a551ace345d579018da0f9906ebdd05b5038ac8b8aac89171aba971696eb620
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/css/ccrBtn.base.css
Origin
https://green.korahlimited.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 17:16:59 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 07 Oct 2023 14:45:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"ddcc-6072168422dc3"
Content-Type
font/ttf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
56780
Service-Worker-Allowed
/
insertUsrProfile.php
green.korahlimited.com/oprCns/ Frame DF33
190 B
603 B
XHR
General
Full URL
https://green.korahlimited.com/oprCns/insertUsrProfile.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.112.15.50 Pincourt, Canada, ASN6407 (PRIMUS-AS6407, CA),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c32f66b257004199e7971fcdde696b1e95144d4ec539416e57e94e7a96478c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://green.korahlimited.com/oprCns/ccr-btn-sdk/ccrBtn/ccrBtnTemplate.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 17:16:59 GMT
X-Content-Type-Options
nosniff
Server
Apache/2.4.41 (Ubuntu)
X-Frame-Options
SAMEORIGIN
P3P
CP="Potato"
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
190
Service-Worker-Allowed
/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
t.clarity.ms/
0
292 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.orea.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.orea.com
Date
Fri, 08 Dec 2023 17:17:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _gaq object| isMobile function| getParameterByName function| AlphabetDashPeriodKeyOnly function| AlphabetKeyOnly function| AlphabetKeyValidation function| NumberOnly function| validateformEmail function| formatPhone function| ExecuteActionViewAjax function| ExecuteActionModelAjax function| GeneralError function| AddToQueryString function| $ function| jQuery function| moment number| uidEvent object| bootstrap object| OREAJS function| mobilecheck function| OnCloseClick function| searchkeyword function| RemoveBad function| flashPassword function| removeFlashText function| setLoginasmemberUrl function| executeLogin function| OnSubmitLogin function| validateStudentLogin function| clearErrorMsg function| BackToBeforeLogin function| ShowMenuAgain function| ShowLoginMember function| ClearMobileModal function| LoadLogin function| LoadLoginSuccess function| LoadMobileLoginSuccess function| SaveFavorite function| OnSuccess function| customJsBeforeCcrBtnLoad function| getUrl function| getCurPageDir function| hasClass function| cobrowse function| LSListener function| docReady object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _defineProperties function| _createClass object| Alpine function| simpleParallax object| whatInput function| Splide object| FilePond object| __framePainter function| FilePondPluginImageExifOrientation function| FilePondPluginImagePreview object| AOS function| clarity object| _gat boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| closure_lm_969616 string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb object| _element function| html2canvas function| UiTracker object| uiTracker function| pure_addEventListener function| pure_removeEventListener

22 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOX_bvhlvymng0auFAt46c5eVzOR7bQGDFEId1xXZeY68Dbsct2dGgnTLna0IP4VNFYKRzxCe5hTGuqi6BZUa9c
www.orea.com/ Name: shell#lang
Value: en
www.orea.com/ Name: ASP.NET_SessionId
Value: ekree0odfzj2ocf1mb4xqwxj
www.orea.com/ Name: __RequestVerificationToken
Value: omRTeZ11Nn8NQ7aVZEM5tXmqzJ9FOuOjcRwr5JdSvllrI2LpGjU4db6RtZbNIXiXV4MImeLgcZaW9-t0uzUFpWN-4-wxnUljwvcUjN7JfMw1
.orea.com/ Name: _ga
Value: GA1.1.2025646262.1702055813
.orea.com/ Name: _ga_40B67EJ6QG
Value: GS1.1.1702055813.1.0.1702055813.60.0.0
.orea.com/ Name: __utma
Value: 242065756.2025646262.1702055813.1702055817.1702055817.1
.orea.com/ Name: __utmc
Value: 242065756
.orea.com/ Name: __utmz
Value: 242065756.1702055817.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.orea.com/ Name: __utmt
Value: 1
.orea.com/ Name: __utmb
Value: 242065756.1.10.1702055817
www.clarity.ms/ Name: CLID
Value: 1053161f873b4a7b9d1b963e5c2cb462.20231208.20241207
.orea.com/ Name: _clck
Value: maznwt%7C2%7Cfhd%7C0%7C1437
.orea.com/ Name: _clsk
Value: y3dbxi%7C1702055818918%7C1%7C1%7Ct.clarity.ms%2Fcollect
green.korahlimited.com/ Name: A3E922C3-EA4B-11EB-AEE2-0242AC110005_PHPSESSID
Value: hmn6u5if706rip01d6538cokcf
.bing.com/ Name: MUID
Value: 250C677B779F6B3B084B749A76106AF3
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 250C677B779F6B3B084B749A76106AF3
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 250C677B779F6B3B084B749A76106AF3
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://green.korahlimited.com/oprCns/js/wsClient.js(Line 101)
Message:
WebSocket connection to 'wss://green.korahlimited.com:38088/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
analytics.google.com
c.bing.com
c.clarity.ms
cdn.acsbapp.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
green.korahlimited.com
orea.com
script.crazyegg.com
ssl.google-analytics.com
stats.g.doubleclick.net
t.clarity.ms
www.clarity.ms
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.orea.com
104.19.147.8
104.22.0.204
13.107.21.200
13.107.246.40
142.250.31.138
142.251.16.97
151.101.193.229
151.101.66.137
162.247.246.170
172.253.122.105
172.253.122.94
172.253.122.97
172.253.62.154
172.253.62.94
172.253.62.95
172.67.11.155
20.110.205.119
20.114.189.70
207.112.15.50
008df1b5a232cbe02970511325cab9db11e775d838a3d35acc836034ac77f28e
00ccdf1498742f6c5618058241f5f708992b205af7676cf043e290559be93472
031d5aaadbf1581634c56343fad3d956f6bf550672f6dd427b5ed924ef8d4d17
03ec27acfde3b6a65e67d69383bbf5d1c3a41684be9ebaeb41e40539eb85e620
0d1ebd86458385f5b04a2597b58e248deb68465be80ac41edc6d5c4924e58b09
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
153667004611f8905f074b17b69c32f43b8038f0d95d1341d00a88e48f990a6d
1a551ace345d579018da0f9906ebdd05b5038ac8b8aac89171aba971696eb620
1cc32097a42f0d943861380c98fb7ae9c40846a6744ccc24a830a0cec1f0dd44
1fd962141e7234c3282cfcf5da05a35b10be891f566d30e755fa595c77590335
2749419148a6488326f526f1a82b48ca1ad44ca7f06204e9f7f84814e57f3cf2
2c3dcf1c4ba25c111b8539eb7034df11cca6997407ec6a898d601d16dde2ffdb
3af2789418818a74382bb40a0146a42b1630e48f766cfb126fc7ed961ce02c2b
3d030bb851ff317d37adf3a77561e1933df730ff190a9373b72e9de0a09cf72f
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45309388a75157419e7f672b3d4b61172f29ed1df1e9422ba4b357fb27f6d5d8
554de4a1f129cdcf0ffd109acdcf0c267138bc3f150515af1ed28e9f4a6686f1
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57aec3e38f6deb9bba6daf0397ebf98a13e8a311995e39c192e27fb916e35e9b
58d77354f4fe5abd6db54e48f41c21e00c2121413d0d89262024174d148b8a78
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ef8275760c28a1b6ee51ed0510630e41b138da90f175ce1b28311db67e06352
5f3d35ee42a1d2d95a011cfe1e7c29e4ab326e7578955f6ca82ca4ab61e4326c
62d148c449c2f104d4c25bbbac93d918fd5cc887a07d81b8a2462a07a09a2f99
663237fd043eda2eaae94502a33c5e4d2720f405528063f3ec9c83366f08e2c8
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
6918a6b55379f2dff2203aae19c8bd7efceb81f88123bee144683743e263b779
6a8151e89d7a9e03f0be44168f682ecab7081452d943b99d88de5fd3daea58f0
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7331eac33b254505f116209612693ff07aa7982e88c20556cbef851365946554
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79b46f9f045d2de0615cee334ed6649b232373aed303f193b15b1140680fc657
7db72dc01550068012be75b67958bdb4b517915eb57e26c956f88bb619bdd9a8
7ef38ead324ba5b4778a3bff37c1c5d082ac2d655a5d92d084d0d58ad8ceaec6
81f150055f5400a8199d2d6e77bda7499eb497f7ac22c4d4aa59befe821571ce
82adc81ec49abb103a2d123062623d6663f4132e9d4402ba868b1a53c64a74c4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837287f71fd853b20e04f50489cf67856850336d0dfe158e399b22c01e12cb0c
847cb718814aeca942779464c11ad29a4c628c022e2a78e4c9b413e802c5a6f3
850681de1abcbbd3ae4d7d3986bbadad841aa9f08c5efd0d1d7f4461509c8cf1
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c73c72d362442329c5a04dff27333e7d4e9563bf7e15eb0213f2b1dc20a4944
8f8d1c071d5e496ead914b0ee556ee9d4eb787121fe1bfbb86f9aa1328eecdee
8f92dc1fdf97ce0b7d44886a9fb08514bfda09428b451bcf49e9228352e9e957
8fc017bf1449c3c7e681feefbe24e3e06270b3009d5e6abd34294c5e1bd3a927
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9333ebbaa78e517f68099325bc1659e05853717db5c82953eaa50ca03685b41a
935b66835f9f1f3efb42754f1af698820113deda01588a2484d6a38a5f981e0f
93d649d8f1fffcce5d71c6ab99b0e8d8250db3b759fe3792c2734b8f3251785a
9585e51b8a26cfe6aaa8fa5e57e4944e813a08210c74e833fb203a91cf02beb4
97764699fdc1aee05243192c802552a69b73f79b69f5a9830e35a7b93dcaea74
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
996bf43673e5e8db5b2d5f55bc3910f389c5438b3aefa33f5460566bd91e321f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af981bf0633e61ab2fcb927345ea7bfeee171fae61cd8fd880427c7d267c969
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
a3470f34c169d4ea19d1cc197c64023d275771b62a828c57ab3e13c5ddc36738
a57d28390476eb88a96e6982674e161034ffdc5e9fda78b4369a9df9ce156dfa
aa0fc9ae389409647a6928308bd74ba9accf9f8457d35605c91e4dea63de9564
b0b567557ee74f6a07f590e6e9272415eafbbe0fc95b199561a31a1318eb42ac
b311ac29f8d7837679d637891db9bbcc84ab0fa8652196d3605de190dc6a6857
b460eb81ace635085cad1d7b5e1a12da4fd279309e2cf4d0d91d0aca35cff843
b6e3413ecdbb29bfb743731808469f1506066fbeb09b5488490d5ebe7f4da033
b849526e7c7766bec52abd0914e437d6df671c29227c317f6ff22e6b9e0d46eb
b922ca438c313b13d45081c380880441ac32dfc52b013c59ef67926ded02059b
b99f93fdcabba5eb9e0bb3eb38468433a266fe00d9fc749c40ee7dbf8402690b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c32f66b257004199e7971fcdde696b1e95144d4ec539416e57e94e7a96478c20
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
cb7983c6c923ecb4c7e4d4c4b5391fb5b1f2250374310147574319a8ed675acb
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d06b0dffad6004a4c9b4bbefb2211b6a7b072a39670ad4278583695891c9cfb6
d5c6b5f8dc69f0781b681c21c883587292234f4f84e1eb2a6b3b0e9dd199c98d
d84b04c6beadaca343b9f6a33577c89aa9237a9b924a53261346a29f28b86fd8
d9dbd2767dc03d11a1e24535c378922a34ba47a817f2ea1473bbd42c75013081
dbbc50443ed42280f5a131069c0197e75a0c0c456689f67410d97b7255656f60
dc4f047225bf02d81a884e4e3635343c3e3734384c5960ad66cfe2e4f621b0f7
dc65f841a9fd45edd0ccaa967a6f8ff86e4384786fd48d19276d960d472b8714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52a92362a615da56e6174777ae5454e29bd201b7d033cd69d895bb7ac74e5a2
e57fd0bfad644e69d1fc4f6bdbc4fe92efdb064ca7030957c250fd32a5bcb6f7
e5cd55c6b483199ad9941a682cf90127066042a7cad0592232a4d54c4323875b
ea1cf11ab245c6a91f53e774fc180821031daea37b49ad509b4002f9178b4846
ecf5895690b4ec8d0b4e35995024fc84c93d36272f927a0f870c60889b07e29a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa04d065a5b268eb50231fd9fbb05d66741171a3d03df65e68dc060a5c99865
f58bb14e41b51817ded8300b81571f1cdc2cdbedb7c2c5041e66404db9f5c1ab
f7672ee9399dcc548a3a2d8363f5f7cc9ddc853d1099b3217b14296da1ca16cb
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785
f9fcd676320a25ab0d00cbb5f29a5e08a238fa2d1129873c8dc336df94f75d94
fb90e1f3b2163b4843a43de60d35a0283fb73c1a5b8e18144f21a74a8f8b03ee
ff9a2be960794ffc4738368eeec7262cd5bf70316287f8d2f0c3790170cf1277
ffd2626cccde2494ac52d89e827ab49983413ba8386b4f4674d73bb5d1eb1622