orleansrxbooking.ca Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orleansrxbooking.ca/
Effective URL:
https://orleansrxbooking.ca/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 19 via api (October 19th 2024, 11:12:29 pm UTC) from IT — Scanned from CA

Summary HTTP 64 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 64 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is orleansrxbooking.ca.
TLS certificate: Issued by WR3 on October 19th 2024. Valid for: 3 months.

This is the only time orleansrxbooking.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
5	142.251.40.202 142.251.40.202	15169 (GOOGLE) (GOOGLE)
1	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.146.107 172.64.146.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	172.217.165.3 172.217.165.3	15169 (GOOGLE) (GOOGLE)
36	142.251.41.42 142.251.41.42	15169 (GOOGLE) (GOOGLE)
2	172.217.1.10 172.217.1.10	15169 (GOOGLE) (GOOGLE)
1	54.230.240.81 54.230.240.81	16509 (AMAZON-02) (AMAZON-02)
64	11

11 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

orleansrxbooking.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.202 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.146.107 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

secure.helcim.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.165.3 (United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.251.41.42 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s08-in-f10.1e100.net

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.1.10 (United States)

ASN15169 (GOOGLE, US)
PTR: iad23s25-in-f10.1e100.net

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.240.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-240-81.ewr53.r.cloudfront.net

live.staticflickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 firestore.googleapis.com — Cisco Umbrella Rank: 1524 firebasestorage.googleapis.com — Cisco Umbrella Rank: 7245	299 KB
11	orleansrxbooking.ca orleansrxbooking.ca	2 MB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1955 ka-f.fontawesome.com — Cisco Umbrella Rank: 5838	25 KB
3	gstatic.com fonts.gstatic.com	67 KB
1	staticflickr.com live.staticflickr.com — Cisco Umbrella Rank: 20005	217 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 43274	290 B
1	helcim.app secure.helcim.app	2 KB
64	7

	Domain	Requested by
36	firestore.googleapis.com	orleansrxbooking.ca
11	orleansrxbooking.ca	orleansrxbooking.ca
5	fonts.googleapis.com	orleansrxbooking.ca
3	fonts.gstatic.com	fonts.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	firebasestorage.googleapis.com
1	live.staticflickr.com
1	geolocation-db.com	orleansrxbooking.ca
1	secure.helcim.app	orleansrxbooking.ca
1	kit.fontawesome.com	orleansrxbooking.ca
64	10

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
aspenpharmacy.ca WR3	`2024-10-19` - `2025-01-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
helcim.app Cloudflare Inc ECC CA-3	`2023-12-27` - `2024-12-26`	a year	crt.sh
ka-f.fontawesome.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
geolocation-db.com R11	`2024-09-07` - `2024-12-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
edgecert.googleapis.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
static.flickr.com Amazon RSA 2048 M02	`2024-10-12` - `2025-11-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://orleansrxbooking.ca/
Frame ID: F284B47970BA50FAE0CA58BD3344D1F3
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orleans Community Pharmacy

Page URL History Show full URLs

http://orleansrxbooking.ca/ HTTP 307
https://orleansrxbooking.ca/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

64
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

11
IPs

2
Countries

2164 kB
Transfer

8522 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/search/?api=1&query=100-2746%20St%20Joseph%20Blvd%2C%20Orleans%2C%20ON%20K1C%201G5
Title: 100-2746 St Joseph Blvd, Orleans, ON K1C 1G5

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Orleans+Compounding+Community+Pharmacy/@45.4724417,-75.5238817,17z/data=!3m1!4b1!4m6!3m5!1s0x4cce11f24d76b81b:0x8106d4f1fb913d68!8m2!3d45.4724417!4d-75.521693!16s%2Fg%2F11syq_2_dw?hl=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orleansrxbooking.ca/ HTTP 307
https://orleansrxbooking.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
orleansrxbooking.ca/
Redirect Chain

http://orleansrxbooking.ca/
https://orleansrxbooking.ca/

911 B
696 B

137ms
84ms

Document
text/html

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://orleansrxbooking.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f8b52d2a312dc2237c95e4b664326b6735301325543e81e2b776362a06f67e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 351
content-type: text/html; charset=utf-8
date: Sat, 19 Oct 2024 23:12:19 GMT
etag: "b88a9d33b06bc8d6fae9fc38c4228c323fd903cb58a735bb7ee0fa9677e9146f-br"
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-yyz4543-YYZ
x-timer: S1729379540.724512,VS0,VE2

Redirect headers

Location: https://orleansrxbooking.ca/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 138ms
59ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

925352670807b63128f00ca857d582fe549ac2cbe5370c5cb9d9e10c9524e01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 23:12:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:19 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 21:59:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 2c4ef76a61.js Show response
kit.fontawesome.com/ 13 KB
5 KB 179ms
119ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/2c4ef76a61.js
Requested by: Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da8acd77f89b991defe63bad417fe9be45fd1090971d38edf59cd2d5e81daa53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://orleansrxbooking.ca
Referer: https://orleansrxbooking.ca/

Response headers

access-control-max-age: 3000
x-request-id: F_9IHYPUgT9Yt6ucldOi
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: REVALIDATED
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d5473cc2f61aa9b-YYZ
access-control-allow-origin: *
date: Sat, 19 Oct 2024 23:12:19 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 start.js Show response
secure.helcim.app/helcim-pay/services/ 2 KB
2 KB 1411ms
48ms Script
application/javascript 172.64.146.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.helcim.app/helcim-pay/services/start.js

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cda813764d760766c649e2e08fd7b7395b91f0aaa818f52891c71ea3e428254e

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval' 'unsafe-inline' 'self' https://.fontawesome.com https://resources.myhelcim.com https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/releases/ https://pay.google.com/ https://apis.google.com/ https://accounts.google.com/gsi/intermediate https://.helcim.app/helcim-pay/services/start.js https://signal.helcim.com https://accounts.google.com/gsi/client;connect-src 'self' https://.fontawesome.com https://.helcim.app https://secure.myhelcim.com https://api.myhelcim.com https://signal.helcim.com https://apm-proxy-bs4jc5xgra-uc.a.run.app/apm/v2/in https://apm-proxy.helcim.com/apm/in https://.googleapis.com .google.com https://.gstatic.com https://google.com/pay ;img-src 'self' https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com https://favicons/ https://images.myhelcim.com https://cloud-files.helcim.com data: blob: ;form-action 'self';frame-ancestors 'self' https://.helcim.app https://.myhelcim.com;frame-src https://secure.helcim.app/ .google.com;worker-src blob: ;child-src https://www.google.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

access-control-expose-headers: Origin, Content-Type, X-Auth-Token, jwt, redirect-url
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"744-192a13faad9"
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
date: Sat, 19 Oct 2024 23:12:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 20:09:17 GMT
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, jwt, preserveKeys, private-token, checkout-token, X-Datadog-Origin, X-Datadog-Parent-Id, X-Datadog-Sampling-Priority, X-Datadog-Trace-Id, Traceparent
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'unsafe-eval' 'unsafe-inline' 'self' https://*.fontawesome.com https://resources.myhelcim.com https://maps.googleapis.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/releases/ https://pay.google.com/ https://apis.google.com/ https://accounts.google.com/gsi/intermediate https://*.helcim.app/helcim-pay/services/start.js https://signal.helcim.com https://accounts.google.com/gsi/client;connect-src 'self' https://*.fontawesome.com https://*.helcim.app https://secure.myhelcim.com https://api.myhelcim.com https://signal.helcim.com https://apm-proxy-bs4jc5xgra-uc.a.run.app/apm/v2/in https://apm-proxy.helcim.com/apm/in https://*.googleapis.com *.google.com https://*.gstatic.com https://google.com/pay ;img-src 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com https://favicons/ https://images.myhelcim.com https://cloud-files.helcim.com data: blob: ;form-action 'self';frame-ancestors 'self' https://*.helcim.app https://*.myhelcim.com;frame-src https://secure.helcim.app/ *.google.com;worker-src blob: ;child-src https://www.google.com/;
cache-control: public, max-age=0
cf-ray: 8d5473d40cf8abfa-YYZ
accept-ranges: bytes
access-control-allow-origin: https://secure.helcim.app https://secure.myhelcim.com https://api.helcim.app https://subscriptions.helcim.com https://www.google.com/
x-powered-by: Express
server: cloudflare

GET
H2 200 main.cb3f2f5e.js Show response
orleansrxbooking.ca/static/js/ 7 MB
1 MB 245ms
244ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a8b3730767a4714967fc726015a77a8f1ddd091bd1e70c42e4ccc6b9cd97d5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "78d2c24f29390d5d144affe9af238ad8ea4376f426bca2fcdf41e8a1275ae0bd-br"
x-timer: S1729379540.171225,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 1431996
date: Sat, 19 Oct 2024 23:12:20 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4543-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 main.661b6112.css
orleansrxbooking.ca/static/css/ 391 KB
43 KB 23ms
21ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://orleansrxbooking.ca/static/css/main.661b6112.css

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e44aa594698ba91283401b7f6316a2ef1a6558d49f194f764c8dc33bc1163555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "2d7e369e46936f01476edc2326ffc3adf5f73afc5dba3bf19dd3e37702cc4864-br"
x-timer: S1729379540.768279,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 44307
date: Sat, 19 Oct 2024 23:12:19 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4543-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 71ms
33ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=2c4ef76a61
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/2c4ef76a61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
age: 9163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B18bDloFh%2BDNEwbl4rAcdMvYuJnqHLksy2il54HlzF%2BftjJdqeat7x62GoCE0uTXYZ%2FrIslxIIWtEx7AkAhxr7QuD5QqEFeHb%2F02pCwkbTvvhQQX7%2FUPfbhY9T8yn9dUN4BVsJFK7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 7GW4GWtmqE9sjcxcjt67xS64RDOJPz2UjlQ99FxKzoidaukAIvlcjQ==
date: Sat, 19 Oct 2024 23:12:20 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=19763&sent=13&recv=9&lost=0&retrans=0&sent_bytes=5976&recv_bytes=5022&delivery_rate=159755&cwnd=12000&unsent_bytes=0&cid=3290d4c11737558d&ts=37&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 0588a12f9163167120c7c5e825e9110a.cloudfront.net (CloudFront)
cf-ray: 8d5473ccfb833739-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YUL62-C2
server: cloudflare

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 90ms
52ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=2c4ef76a61
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/2c4ef76a61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
age: 9164
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvDmB7Go3YCwaZlX9LLQF%2BNSo0QJZu7EFzidaEflUf5%2F9aB68YPNVBMdvPvx828WjLrHTdU9aM%2FeFIQpjh26bfphEBuKB%2FjPjsLL%2By76kJQqlw9HGtFTKldn%2BkT4WAndHg89jzuY1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9r6Xb6qtynHDi3EjHMHgOzG-YIsAyiJbUnB8yyh-GxHRJ8Gr0pbeXg==
date: Sat, 19 Oct 2024 23:12:20 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=19763&sent=22&recv=9&lost=0&retrans=0&sent_bytes=15622&recv_bytes=5022&delivery_rate=159755&cwnd=12000&unsent_bytes=0&cid=3290d4c11737558d&ts=39&x=1", cfExtPri, cfHdrFlush;dur=18
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront)
cf-ray: 8d5473ccfb823739-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YUL62-C2
server: cloudflare

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 71ms
33ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=2c4ef76a61
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/2c4ef76a61.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
age: 9163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NPv8vJZ%2Bbv%2Be0Qm0Kx8%2BD8QHK%2BJdMJw%2BkoSCzPR7hJ%2BbHdbTWvz4%2BoZtdh0B63%2FSce3Oeu5DX0wYESOrwvKRQL3%2Bph0s3B5j0zGs%2BvOBZOjSGJT2nEEzS5a4fxqNnl0n%2BlMOEty2kw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NtNsMYUTHSlLASVmFcgURj8kkezX824jUthD3XjglOLR7Gt2WHEohw==
date: Sat, 19 Oct 2024 23:12:20 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=QUIC&rtt=19763&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4204&recv_bytes=5022&delivery_rate=159755&cwnd=12000&unsent_bytes=0&cid=3290d4c11737558d&ts=37&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 8422f3871db2552d4ad0cc9f31e22c2e.cloudfront.net (CloudFront)
cf-ray: 8d5473ccfb843739-YYZ
access-control-allow-origin: *
x-amz-cf-pop: YUL62-C2
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
844 B 56ms
54ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;700;800&display=swap

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/css/main.661b6112.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

ceb9e3e7e93fbe307881e45fd957e0c341a9028dd98e380f831703399932ba8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 23:12:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 23:05:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 59ms
57ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/css/main.661b6112.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

647ac88900fd61815aa9f3466f36f7b1f972164b08fa0af72d39f63644bbb188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 23:12:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 23:12:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
879 B 62ms
61ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:opsz,wght@9..40,400;9..40,500;9..40,600;9..40,700&family=Nunito+Sans:wght@400;500;600;700&display=swap

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/css/main.661b6112.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

a72ebc315ee51f4c505978ddc83d46def080836cad6f3140fe0e84a894c05a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 23:12:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 23:12:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 2 KB
654 B 64ms
63ms Stylesheet
text/css 142.251.40.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/css/main.661b6112.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.202 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f10.1e100.net

Software

ESF /

Resource Hash

76a88e0b6b9d544046ae997f238dc3d75abae4ea62d257aa5d0dd9769fdf5155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 23:12:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 23:07:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 / Show response
geolocation-db.com/json/ 192 B
290 B 509ms
266ms XHR
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 36c13a46fc26d80f188d06936367ea31c70487ab98eb2fd04079753adc5a92b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://orleansrxbooking.ca/

Response headers

access-control-allow-origin: *
content-encoding: gzip
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)

GET
H3 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
30 KB 70ms
22ms Font
font/woff2 172.217.165.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s06-in-f3.1e100.net

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://orleansrxbooking.ca
Referer: https://fonts.googleapis.com/

Response headers

age: 80773
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:46:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 00:46:11 GMT
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31052
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
orleansrxbooking.ca/ 15 KB
4 KB 22ms
22ms Other
image/x-icon 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://orleansrxbooking.ca/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

10e3f6639fa3843fee02b25efd726b0b46914ecc790618eeff24061640027d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "973ef211e9608230253dca1b58bd49b01eecab7ee124e039a9ac78b50e38ea70-br"
x-timer: S1729379544.072881,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 3382
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: image/x-icon
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
455 B 107ms
31ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fmedessist-ver2%2Fdatabases%2F(default)&RID=51265&CVER=22&X-HTTP-Session-Id=gsessionid&zx=icnhg3u1rssx&t=1

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

ad3d3d95237bde711fc00b0abeea3063aaefcd1fb0a36c5b790a818e99227098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

access-control-expose-headers: x-client-wire-protocol,x-http-session-id
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: text/plain; charset=utf-8
vary: origin
x-http-session-id: 836z4sudr2DxFsM33XQRvE9R_wCIhPnv8zUibZ3Nw2I
x-frame-options: SAMEORIGIN
cache-control: private
access-control-allow-credentials: true
x-client-wire-protocol: h2
access-control-allow-origin: https://orleansrxbooking.ca
content-length: 71
x-xss-protection: 0
server: ESF

GET
H3 200 faviconCircular.502ea07f366be17c6d430ee1a03bac72.svg
orleansrxbooking.ca/static/media/ 6 KB
2 KB 22ms
21ms Other
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://orleansrxbooking.ca/static/media/faviconCircular.502ea07f366be17c6d430ee1a03bac72.svg

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

65dbc0d77c308fd2343e84dc967431b8a49112dbf65b9a89f3e6bdc1fbd71588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "e2455de3461a6c0318157d55850ee39691a80b715d0dd082c6dd3d3d0ab1ed2a-br"
x-timer: S1729379544.078712,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 1434
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 334 KB
0 33ms
32ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=836z4sudr2DxFsM33XQRvE9R_wCIhPnv8zUibZ3Nw2I&VER=8&database=projects%2Fmedessist-ver2%2Fdatabases%2F(default)&RID=rpc&SID=wB_5BB5cK8zvwyblukcO6g&AID=0&CI=0&TYPE=xmlhttp&zx=zejqqabptx4h&t=1

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

x-debug-tracking-id: 5355966962703803146;o=0
cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: Referer, origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
50 B 30ms
30ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fmedessist-ver2%2Fdatabases%2F(default)&gsessionid=836z4sudr2DxFsM33XQRvE9R_wCIhPnv8zUibZ3Nw2I&SID=wB_5BB5cK8zvwyblukcO6g&RID=51266&AID=4&zx=pohyy23mi0j6&t=1

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
50 B 31ms
30ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

59e985a6b4503260116c50d3342d7b5bd34879a05f2a77521710b9caffd1f23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 10 B
50 B 35ms
35ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

d193dd94a1c678376f651a77e9d3ca402629a484b644d92d8f065de22d9e4688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 undefined
orleansrxbooking.ca/ 911 B
653 B 22ms
22ms Other
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://orleansrxbooking.ca/undefined

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f8b52d2a312dc2237c95e4b664326b6735301325543e81e2b776362a06f67e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "b88a9d33b06bc8d6fae9fc38c4228c323fd903cb58a735bb7ee0fa9677e9146f-br"
x-timer: S1729379544.260360,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 351
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 31ms
30ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

bcdb0fc758098893f263149feccdc76d0240f3513123618533e5261c96ca3e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 33ms
31ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

fefb0c46e16fb3a0f5e092563b3def8c7a1692bda27510d55ac6d84da87f0f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 32ms
31ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

a70711302ed257286b7fd899b150adb7a02f71a173d67e10dfa70ea38bcf5b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 32ms
31ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

482cdcd6c7d48407c0f18a3465fe46e0569e0569a028713c49962003c6606ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 57ms
55ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

a65d69006f2135d9bebb12ed4e8d4044867f9368b2bdbe935591e0f9740863b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 34ms
32ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

a65d69006f2135d9bebb12ed4e8d4044867f9368b2bdbe935591e0f9740863b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 33ms
30ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

d7c19a9a9309e4190637e7209a871c83f8bb3b5f023c36f42e3b8c13df67bdf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 30ms
28ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

accdfef4711ca25a0a2c896be374c298a4aa7004dfdb4998fa2c8f2784b2b53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 33ms
32ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

beb59e5bdc498ebe89fcdc1a357b3c5b66a87bf6ac3c094eb8922904ac084463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 34ms
33ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

528dd45b64f5bf90f9792b8668da7c6d14e63ad6f7499dacfd7423fe80dddd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 undefined
orleansrxbooking.ca/ 911 B
0 0ms
0ms Other
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://orleansrxbooking.ca/undefined
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1f8b52d2a312dc2237c95e4b664326b6735301325543e81e2b776362a06f67e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/6138243111

Response headers

cache-control: max-age=3600
content-encoding: br
etag: "b88a9d33b06bc8d6fae9fc38c4228c323fd903cb58a735bb7ee0fa9677e9146f-br"
x-timer: S1729379544.260360,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 351
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 30ms
28ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

6773aa75b789ef4a7500714b81d57e397c5dae1a7aebe97dc7c337eddb071a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 31ms
29ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

de9ff2499e188b0ac1240b223f8fd7619e6d4ae96d0fd04056f3186602967c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 31ms
29ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

de9ff2499e188b0ac1240b223f8fd7619e6d4ae96d0fd04056f3186602967c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 29ms
28ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

51b9bb3c7759edfa0f2727ada5d32c45d79ba4dc1c53e0ad53bca283ea9206d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 54 B
95 B 31ms
29ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fmedessist-ver2%2Fdatabases%2F(default)&RID=96370&CVER=22&X-HTTP-Session-Id=gsessionid&zx=nfvt3avav4x&t=1

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

88056d697139aaa50f70233f62d5169a10000a88055840956a0816b91b015995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

access-control-expose-headers: x-client-wire-protocol,x-http-session-id
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: text/plain; charset=utf-8
vary: origin
x-http-session-id: OVKPZscCvlmf54LDbxPupME8rCC0MkSdHqP7OuAxnwg
x-frame-options: SAMEORIGIN
cache-control: private
access-control-allow-credentials: true
x-client-wire-protocol: h3
access-control-allow-origin: https://orleansrxbooking.ca
content-length: 71
x-xss-protection: 0
server: ESF

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 0
0 35ms
34ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=OVKPZscCvlmf54LDbxPupME8rCC0MkSdHqP7OuAxnwg&VER=8&database=projects%2Fmedessist-ver2%2Fdatabases%2F(default)&RID=rpc&SID=yiM6GJ3dwwXGCEv-QMpT7A&AID=0&CI=0&TYPE=xmlhttp&zx=gvxzlus9prsi&t=1

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

x-debug-tracking-id: 4440362732297607741;o=0
cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: Referer, origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 31ms
30ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

aed4d810713ce54631b519f0aa66bc415c678b8ee51af26f478865f60cab082d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 56ms
55ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

62cff565f9b90f7331f788b041e7a50fef1bb3df03909bb1dbfeb52125ac3c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 PharmacyUploadedPublicFiles%2FVWf9PF5pAsasEEMLm4Ajg4NShHv2%2FScreen%20Shot%202023-05-05%20at%206.14.19%20PM.png
firebasestorage.googleapis.com/v0/b/medessist-ver2.appspot.com/o/ 210 KB
211 KB 268ms
191ms Image
image/png 172.217.1.10
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/medessist-ver2.appspot.com/o/PharmacyUploadedPublicFiles%2FVWf9PF5pAsasEEMLm4Ajg4NShHv2%2FScreen%20Shot%202023-05-05%20at%206.14.19%20PM.png?alt=media&token=cf59fea3-13d7-4410-8f64-471b4c91c3de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.1.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: iad23s25-in-f10.1e100.net
Software: UploadServer /
Resource Hash: 427b5e11b50af46f9b58917d1acbb6774a199b54539e3230a57041c043ef411a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=khb8rQ==, md5=t6aOGv3itoG9j1FG7wX7dg==
etag: "b7a68e1afde2b681bd8f5146ef05fb76"
x-goog-stored-content-encoding: identity
expires: Sat, 19 Oct 2024 23:12:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 215151
date: Sat, 19 Oct 2024 23:12:24 GMT
last-modified: Fri, 05 May 2023 22:14:33 GMT
content-type: image/png
x-goog-meta-pharmacyid: VWf9PF5pAsasEEMLm4Ajg4NShHv2
content-disposition: inline; filename*=utf-8''Screen%20Shot%202023-05-05%20at%206.14.19%20PM.png
x-guploader-uploadid: AHmUCY0VWbX9EO45pYySWzSa9BIQD9aoMMwfTv9sdmL3prT7VXVin5Ezh-pplKU6Enn3B7DTRa3bnRqhF54ue7Y
cache-control: private, max-age=0
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: cf59fea3-13d7-4410-8f64-471b4c91c3de
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1683324873210722
content-length: 215151
server: UploadServer

GET
H3 200 gg_114_rgb.334b8b3a1d3837cf1f40.png
orleansrxbooking.ca/static/media/ 11 KB
10 KB 23ms
22ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orleansrxbooking.ca/static/media/gg_114_rgb.334b8b3a1d3837cf1f40.png

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

02116adcce3c18d5fe9cf5f6b532af2c88631060d0a5fc0a5375c31e8b9585b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/6138243111

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "9d1c0b4abb76937a3c348cd39e844142463b7afc43204e46a1a6aea88b1fbaef-br"
x-timer: S1729379545.657114,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 10214
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H2 200 PharmacyUploadedPublicFiles%2FVWf9PF5pAsasEEMLm4Ajg4NShHv2%2FScreen%20Shot%202023-05-05%20at%206.11.26%20PM.png
firebasestorage.googleapis.com/v0/b/medessist-ver2.appspot.com/o/ 81 KB
81 KB 429ms
356ms Image
image/png 172.217.1.10
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/medessist-ver2.appspot.com/o/PharmacyUploadedPublicFiles%2FVWf9PF5pAsasEEMLm4Ajg4NShHv2%2FScreen%20Shot%202023-05-05%20at%206.11.26%20PM.png?alt=media&token=8e917c20-830c-4a6d-88be-d5280180699e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.1.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: iad23s25-in-f10.1e100.net
Software: UploadServer /
Resource Hash: 5f450bff7febfa3217aa45517b2e611e27f1c9fe6983ad5acd3e39b31a0ab149

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=+yXajQ==, md5=OsTrmjRsjSeNofGv2oWT1A==
etag: "3ac4eb9a346c8d278da1f1afda8593d4"
x-goog-stored-content-encoding: identity
expires: Sat, 19 Oct 2024 23:12:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 82719
date: Sat, 19 Oct 2024 23:12:25 GMT
last-modified: Fri, 05 May 2023 22:11:38 GMT
content-type: image/png
x-goog-meta-pharmacyid: VWf9PF5pAsasEEMLm4Ajg4NShHv2
content-disposition: inline; filename*=utf-8''Screen%20Shot%202023-05-05%20at%206.11.26%20PM.png
x-guploader-uploadid: AHmUCY2_ad3nHlsRpaLUb9MjcRy-Ln5WIzOof_sJkrDRMJhpuW0swSdIi9j2IouHonoaul0NGtsCDHM
cache-control: private, max-age=0
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: 8e917c20-830c-4a6d-88be-d5280180699e
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1683324698688867
content-length: 82719
server: UploadServer

GET
H3 200 medessist_aug2024_lightbg.c4b253717c1a68be8185.png
orleansrxbooking.ca/static/media/ 43 KB
41 KB 23ms
21ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orleansrxbooking.ca/static/media/medessist_aug2024_lightbg.c4b253717c1a68be8185.png

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3ec7fe19c68c1cac56887c3170cbb8d10581e9826865cef72f6440713b7b3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/6138243111

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: gzip
etag: "0db4a2dd8cbb0fd3df86c25406357e280624b9f7f4a9b933a958d6fd685bb7e5"
x-timer: S1729379545.661201,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 41251
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
H3 200 Google_Cloud_logo.8c65830a0f52807dc738.png
orleansrxbooking.ca/static/media/ 27 KB
27 KB 39ms
37ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orleansrxbooking.ca/static/media/Google_Cloud_logo.8c65830a0f52807dc738.png

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1c272766691deafd728a3ce279fd6632d55b39d40de94e0f286d65f12fc037ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/6138243111

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "b62eb012f2979ee216b04b8b70b738951ccb908a76fb4cfb3a172b80a3250596-br"
x-timer: S1729379545.661582,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 27359
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10aed6630d892fe4668d4686a2fb1930184432e267949ecfdd3bbe8c50aed2f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 vantalogo.36b71e642fbb57e474ff.png
orleansrxbooking.ca/static/media/ 26 KB
26 KB 39ms
38ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orleansrxbooking.ca/static/media/vantalogo.36b71e642fbb57e474ff.png

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e5671a75c7a8c1d876084a242e988a5beb72431569b2864793f9d68200a193e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/6138243111

Response headers

strict-transport-security: max-age=31556926
cache-control: max-age=3600
content-encoding: br
etag: "61a105a5c00513b3549a861423dc99a4fef9e7a982f3cf8ac66ce15b589fd8ce-br"
x-timer: S1729379545.661556,VS0,VE1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
content-length: 26368
date: Sat, 19 Oct 2024 23:12:24 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 20:38:31 GMT
x-served-by: cache-yyz4520-YYZ
x-cache-hits: 0
vary: x-fh-requested-host, accept-encoding

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 34ms
31ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

65768d033309c892a76265779af321354ed46cfec3b09821fd57c135e712f26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 24ms
23ms Font
font/woff2 172.217.165.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s06-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://orleansrxbooking.ca
Referer: https://fonts.googleapis.com/

Response headers

age: 238308
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:00:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 05:00:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 26ms
25ms Font
font/woff2 172.217.165.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s06-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://orleansrxbooking.ca
Referer: https://fonts.googleapis.com/

Response headers

age: 62068
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 05:57:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 05:57:56 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 79 B
117 B 33ms
32ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

f8f1143c5892a562d850a4ac1b17c33257f7f5da43f16ba66aeebea376142376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 53513425645_10da79711a_o.png
live.staticflickr.com/65535/ 216 KB
217 KB 192ms
70ms Image
image/png 54.230.240.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.staticflickr.com/65535/53513425645_10da79711a_o.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.240.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-240-81.ewr53.r.cloudfront.net

Software

Jubilee /

Resource Hash

370517ec50bc4ab32eebb1ad0a14712d476d1a07fbc8be62455321cbd9fa1188

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

surrogate-control: public, max-age=31536000
content-md5: gvZcfETDMeFh7DbdbCXqpA==
x-request-id: fdafa980
etag: "82f65c7c44c331e161ec36dd6c25eaa4"
age: 85432
x-cache: Hit from cloudfront
x-ttdb-l: 221062
x-amz-cf-id: 9fpzMmwvrOpoNiAvzWE6ZxpUeTz-LD59D1IuwN_v80QtSlhmDIsQQA==
content-type: image/png
last-modified: Tue, 13 Feb 2024 20:28:59 GMT
mib: 2
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
cache-control: public, max-age=31536000
ourvalues: Grow Together (#1 of 5)
content-length: 221062
server: Jubilee
x-ttfb: 0.1424
streaming: false
powered-by: Mutation/1.0
access-control-allow-methods: GET, OPTIONS
x-env: a=live, b=jubilee, c=4cf206a9, e=3e587ab35d248f973a529f63b94ec339285ef886
expires: Sat, 18 Oct 2025 23:28:32 GMT
imagewidth: 1028
p3p: CP="This is not a P3P policy. We respect your privacy."
date: Fri, 18 Oct 2024 23:28:32 GMT
edge-control: public, max-age=31536000
x-frame-options: DENY
origintype: S
via: 1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
imageheight: 300
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
x-amz-cf-pop: EWR53-P1

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 11 B
51 B 62ms
61ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

ff33c2fd62cbcdad5ef2f15e0d378a19e417d19f9fceb65f5d978607965f7ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 10 B
50 B 32ms
31ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fmedessist-ver2%2Fdatabases%2F(default)&gsessionid=OVKPZscCvlmf54LDbxPupME8rCC0MkSdHqP7OuAxnwg&SID=yiM6GJ3dwwXGCEv-QMpT7A&RID=96371&AID=2&zx=rhin88oc8z1i&t=1

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

af99f1eb4753a5af2ca76ec10624055514fc0dd9662f5a2b057ace7a97edf280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 293 B
246 B 35ms
34ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

8ba39defdfa22df0388a0c77f238d5a2e99f1b38a8484d428504db0c65a5db39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 333 B
232 B 31ms
31ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

b7b22233fb5ea4afea8a4556f3e3a007bd66444f34e26be1be3e1274b6ccd202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 10 B
50 B 56ms
55ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

55d70f8ae93d7fce86697dcb3a57592de4d972a50df34f34ef5f12bdc1c61b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 350 B
258 B 30ms
30ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

96a350381b416b6a5dd615963b2fc301fe470120df066f9321b8d53560246aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 293 B
246 B 33ms
32ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

6a0a157c97ecfbc87747630292bbbf7ea8ca3af89c296aacc410f2a73ecb4e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

POST
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 10 B
50 B 31ms
30ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

661e9d9f0c2b982ea09eba3ec11799ab7b6580c19b8234a89fa200cccd5aa374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 18 B
0 30ms
29ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:24 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 18 B
0 33ms
33ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:28 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 18 B
0 91ms
91ms Fetch
text/plain 142.251.41.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: orleansrxbooking.ca
URL: https://orleansrxbooking.ca/static/js/main.cb3f2f5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.42 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yyz12s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://orleansrxbooking.ca/

Response headers

cache-control: private, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://orleansrxbooking.ca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 23:12:28 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
vary: origin
server: ESF
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.helcim.app/	1970-01-21 00:23:01	Name: __cf_bm Value: ijsAWv9gyT.e_4daNoa3o2vHkI95XNMOwcLWQh7rZL0-1729379541-1.0.1.1-9Bq1hUc6kPSPqrX4JDr6pxkRNEoAG4N4mJ7e6sC6K4v61IPFtU2a2p5iFm8wayYQVJBm2Bb8e6.zwihLUq1aOA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firebasestorage.googleapis.com
firestore.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
geolocation-db.com
ka-f.fontawesome.com
kit.fontawesome.com
live.staticflickr.com
orleansrxbooking.ca
secure.helcim.app
142.251.40.202
142.251.41.42
159.89.102.253
172.217.1.10
172.217.165.3
172.64.146.107
172.64.147.188
172.67.139.119
199.36.158.100
54.230.240.81
02116adcce3c18d5fe9cf5f6b532af2c88631060d0a5fc0a5375c31e8b9585b4
06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82
10aed6630d892fe4668d4686a2fb1930184432e267949ecfdd3bbe8c50aed2f1
10e3f6639fa3843fee02b25efd726b0b46914ecc790618eeff24061640027d76
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1c272766691deafd728a3ce279fd6632d55b39d40de94e0f286d65f12fc037ab
1f8b52d2a312dc2237c95e4b664326b6735301325543e81e2b776362a06f67e3
36c13a46fc26d80f188d06936367ea31c70487ab98eb2fd04079753adc5a92b4
370517ec50bc4ab32eebb1ad0a14712d476d1a07fbc8be62455321cbd9fa1188
427b5e11b50af46f9b58917d1acbb6774a199b54539e3230a57041c043ef411a
482cdcd6c7d48407c0f18a3465fe46e0569e0569a028713c49962003c6606ff2
51b9bb3c7759edfa0f2727ada5d32c45d79ba4dc1c53e0ad53bca283ea9206d0
528dd45b64f5bf90f9792b8668da7c6d14e63ad6f7499dacfd7423fe80dddd7f
55d70f8ae93d7fce86697dcb3a57592de4d972a50df34f34ef5f12bdc1c61b9d
59e985a6b4503260116c50d3342d7b5bd34879a05f2a77521710b9caffd1f23d
5f450bff7febfa3217aa45517b2e611e27f1c9fe6983ad5acd3e39b31a0ab149
62cff565f9b90f7331f788b041e7a50fef1bb3df03909bb1dbfeb52125ac3c6f
647ac88900fd61815aa9f3466f36f7b1f972164b08fa0af72d39f63644bbb188
65768d033309c892a76265779af321354ed46cfec3b09821fd57c135e712f26d
65dbc0d77c308fd2343e84dc967431b8a49112dbf65b9a89f3e6bdc1fbd71588
661e9d9f0c2b982ea09eba3ec11799ab7b6580c19b8234a89fa200cccd5aa374
6773aa75b789ef4a7500714b81d57e397c5dae1a7aebe97dc7c337eddb071a4b
6a0a157c97ecfbc87747630292bbbf7ea8ca3af89c296aacc410f2a73ecb4e66
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
76a88e0b6b9d544046ae997f238dc3d75abae4ea62d257aa5d0dd9769fdf5155
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
88056d697139aaa50f70233f62d5169a10000a88055840956a0816b91b015995
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8ba39defdfa22df0388a0c77f238d5a2e99f1b38a8484d428504db0c65a5db39
925352670807b63128f00ca857d582fe549ac2cbe5370c5cb9d9e10c9524e01f
96a350381b416b6a5dd615963b2fc301fe470120df066f9321b8d53560246aa9
a65d69006f2135d9bebb12ed4e8d4044867f9368b2bdbe935591e0f9740863b5
a70711302ed257286b7fd899b150adb7a02f71a173d67e10dfa70ea38bcf5b90
a72ebc315ee51f4c505978ddc83d46def080836cad6f3140fe0e84a894c05a61
a8b3730767a4714967fc726015a77a8f1ddd091bd1e70c42e4ccc6b9cd97d5b0
accdfef4711ca25a0a2c896be374c298a4aa7004dfdb4998fa2c8f2784b2b53d
ad3d3d95237bde711fc00b0abeea3063aaefcd1fb0a36c5b790a818e99227098
aed4d810713ce54631b519f0aa66bc415c678b8ee51af26f478865f60cab082d
af99f1eb4753a5af2ca76ec10624055514fc0dd9662f5a2b057ace7a97edf280
b3ec7fe19c68c1cac56887c3170cbb8d10581e9826865cef72f6440713b7b3ad
b7b22233fb5ea4afea8a4556f3e3a007bd66444f34e26be1be3e1274b6ccd202
bcdb0fc758098893f263149feccdc76d0240f3513123618533e5261c96ca3e0e
beb59e5bdc498ebe89fcdc1a357b3c5b66a87bf6ac3c094eb8922904ac084463
cda813764d760766c649e2e08fd7b7395b91f0aaa818f52891c71ea3e428254e
ceb9e3e7e93fbe307881e45fd957e0c341a9028dd98e380f831703399932ba8e
d193dd94a1c678376f651a77e9d3ca402629a484b644d92d8f065de22d9e4688
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
d7c19a9a9309e4190637e7209a871c83f8bb3b5f023c36f42e3b8c13df67bdf2
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da8acd77f89b991defe63bad417fe9be45fd1090971d38edf59cd2d5e81daa53
de9ff2499e188b0ac1240b223f8fd7619e6d4ae96d0fd04056f3186602967c5e
e44aa594698ba91283401b7f6316a2ef1a6558d49f194f764c8dc33bc1163555
e5671a75c7a8c1d876084a242e988a5beb72431569b2864793f9d68200a193e1
f8f1143c5892a562d850a4ac1b17c33257f7f5da43f16ba66aeebea376142376
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd
fefb0c46e16fb3a0f5e092563b3def8c7a1692bda27510d55ac6d84da87f0f50
ff33c2fd62cbcdad5ef2f15e0d378a19e417d19f9fceb65f5d978607965f7ca9

orleansrxbooking.ca Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

11 IPs

2 Countries

2164 kBTransfer

8522 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

orleansrxbooking.ca Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

11
IPs

2
Countries

2164 kB
Transfer

8522 kB
Size

1
Cookies

64 HTTP transactions
3 data transactions