www.firainhealth.com.dalebateman.ca Open in urlscan Pro
54.39.243.219  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.firainhealth.com.dalebateman.ca/	84 KB 84 KB	1672ms 368ms	Document text/html	54.39.243.219 OVH
General Check archive.org Show headers Download Go to Full URL https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.39.243.219 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS ssc010.abivia.net Software Apache / PHP/7.4.33 Resource Hash b965d48a24fb66ff1231fdcf8609859a0e582425795b745766312c1e703d93a5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control max-age=3, must-revalidate content-type text/html; charset=UTF-8 date Sun, 18 Feb 2024 20:51:59 GMT server Apache vary Accept-Encoding,Cookie x-abivia-timing D=154415 t=1708289519699847 x-powered-by PHP/7.4.33
GET H2	200	all.min.css static.leadpages.net/fonts/font-awesome/6.4.2/css/	100 KB 26 KB	247ms 76ms	Stylesheet text/css	34.107.203.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.203.107.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 05 Feb 2024 20:58:40 GMT content-encoding gzip via 1.1 google server Google Frontend age 1122800 etag "EqK-AA" vary Accept-Encoding content-type text/css access-control-allow-origin * x-cloud-trace-context d50a2112e0e53a9515021e34bf75b528 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26836 expires Tue, 04 Feb 2025 20:58:40 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	1292ms 156ms	Stylesheet text/css	142.250.176.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans+Narrow:300,400,500,700|PT+Sans:300,400,500,700|Poppins:300,400,500,700 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f10.1e100.net Software ESF / Resource Hash a875fa22291ed684a273fdb5a7590872a6f2e7ce1f4c70d7d78f829147496f92 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 18 Feb 2024 20:52:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 18 Feb 2024 20:52:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 18 Feb 2024 20:52:01 GMT
GET H2	200	YLWMu0YkcLVQpAalYTZREdpK1f8Z0aqiJrSDX5sGKRNfrMU87yEyBRCxm8T_XRX3tZXXM9Ygbyt8JhhtmQsfwpRy6YLBNOZA0fY=w16 lh3.googleusercontent.com/	355 B 476 B	1211ms 146ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/YLWMu0YkcLVQpAalYTZREdpK1f8Z0aqiJrSDX5sGKRNfrMU87yEyBRCxm8T_XRX3tZXXM9Ygbyt8JhhtmQsfwpRy6YLBNOZA0fY=w16 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash 2c101d0dbe70ff31c76de09589e13d68373a5171fb6ca63526f661883e1eb43f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:35 GMT x-content-type-options nosniff age 566 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 355 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:35 GMT
GET H2	200	_SyXhldnEDOgdYRRlft9X8G6Fe85shb2mXvxsKFLScNhUz7brNKdvL_zu1IHSJP6OdD4vTXwdnWvVmYpUAWM24n-0lO32-eVARQ=w16 lh3.googleusercontent.com/	908 B 971 B	1226ms 161ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/_SyXhldnEDOgdYRRlft9X8G6Fe85shb2mXvxsKFLScNhUz7brNKdvL_zu1IHSJP6OdD4vTXwdnWvVmYpUAWM24n-0lO32-eVARQ=w16 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash ea7486b2cd841b9f3d37365ee56873b486884152b409db4d65eab759c65faa54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:36 GMT x-content-type-options nosniff age 565 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 908 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:36 GMT
GET H2	200	1jK3uMlMCGlCPLB_rdKbJz0-lm70FAjhL-JsWHh8_oF1MmFXRTWR6SdpWxzPrHqm5GWt-yLfpALFz-Mxnfd7nf9DzLd17Fpd-A=w16 lh3.googleusercontent.com/	802 B 864 B	982ms 148ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/1jK3uMlMCGlCPLB_rdKbJz0-lm70FAjhL-JsWHh8_oF1MmFXRTWR6SdpWxzPrHqm5GWt-yLfpALFz-Mxnfd7nf9DzLd17Fpd-A=w16 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash ace02c2a838b1113016e7ad2f5450ae4bdd78b10204ee99f69a2dff2508a1c65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:36 GMT x-content-type-options nosniff age 565 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 802 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:36 GMT
GET H2	200	center.js Show response js.center.io/	12 KB 5 KB	911ms 78ms	Script application/javascript	216.239.38.21 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/center.js Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.21 , United States, ASN15169 (GOOGLE, US), Reverse DNS any-in-2615.1e100.net Software Google Frontend / Resource Hash cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:50:06 GMT content-encoding gzip server Google Frontend age 115 etag "OMWYXg" content-type application/javascript x-cloud-trace-context 5ee7ef5df9dedc88cb9786d6b3e67851 cache-control public, max-age=300 content-length 5417 expires Sun, 18 Feb 2024 20:55:06 GMT
GET H2	200	DjhBE0PsUxOj3NTX2lnqCb7Ebe1lQXNvixOWmlK1Y-_VHekE8LcGmXgBv2VNTw5jsbctO4_32pF_Tj7XzAl2=s16 lh3.googleusercontent.com/	555 B 650 B	974ms 147ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/DjhBE0PsUxOj3NTX2lnqCb7Ebe1lQXNvixOWmlK1Y-_VHekE8LcGmXgBv2VNTw5jsbctO4_32pF_Tj7XzAl2=s16 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash e1b140ddc82111f460550e591b0483af21d42b67f57dd40f503ff645fe71e529 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:35 GMT x-content-type-options nosniff age 566 cross-origin-resource-policy cross-origin content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 555 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:35 GMT
GET H2	200	HdhfgSAvlNaN4KatqjJBWliLCh4LwOu7YxQqtENJ4z47wTeyLFJSyLUWN7qFUW17DqZhogo-cPORHMVUW1WOuMbmTvz9Az8DRmk=w16 lh3.googleusercontent.com/	2 KB 2 KB	969ms 143ms	Image image/jpeg	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/HdhfgSAvlNaN4KatqjJBWliLCh4LwOu7YxQqtENJ4z47wTeyLFJSyLUWN7qFUW17DqZhogo-cPORHMVUW1WOuMbmTvz9Az8DRmk=w16 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash c1e21b859d89bba98d378d4193647dd43be4f266f9f643095af87bdc2dd44d09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:36 GMT x-content-type-options nosniff age 565 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1663 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:36 GMT
GET H2	200	DjhBE0PsUxOj3NTX2lnqCb7Ebe1lQXNvixOWmlK1Y-_VHekE8LcGmXgBv2VNTw5jsbctO4_32pF_Tj7XzAl2=w1600 lh3.googleusercontent.com/	1 MB 1 MB	976ms 163ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/DjhBE0PsUxOj3NTX2lnqCb7Ebe1lQXNvixOWmlK1Y-_VHekE8LcGmXgBv2VNTw5jsbctO4_32pF_Tj7XzAl2=w1600 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash e704d34d333879b8f7cb2171de591973803cf8e41e588937477c565f16fc7916 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:35 GMT x-content-type-options nosniff age 566 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1169916 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:35 GMT
GET H2	200	HdhfgSAvlNaN4KatqjJBWliLCh4LwOu7YxQqtENJ4z47wTeyLFJSyLUWN7qFUW17DqZhogo-cPORHMVUW1WOuMbmTvz9Az8DRmk=w1600 lh3.googleusercontent.com/	676 KB 676 KB	375ms 374ms	Image image/jpeg	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/HdhfgSAvlNaN4KatqjJBWliLCh4LwOu7YxQqtENJ4z47wTeyLFJSyLUWN7qFUW17DqZhogo-cPORHMVUW1WOuMbmTvz9Az8DRmk=w1600 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash 46a60ab87ee182e783d4e20f86486a9917bf94cc4641adeba7db2b5f8a45c27e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:36 GMT x-content-type-options nosniff age 565 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 692285 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:36 GMT
GET H2	200	identify.html Show response js.center.io/ Frame 86B3	4 KB 2 KB	81ms 79ms	Document text/html	216.239.38.21 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/identify.html Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.21 , United States, ASN15169 (GOOGLE, US), Reverse DNS any-in-2615.1e100.net Software Google Frontend / Resource Hash 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110 Request headers Referer https://www.firainhealth.com.dalebateman.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 201 cache-control public, max-age=300 content-encoding gzip content-length 2016 content-type text/html date Sun, 18 Feb 2024 20:48:40 GMT etag "OMWYXg" expires Sun, 18 Feb 2024 20:53:40 GMT server Google Frontend x-cloud-trace-context 778fd1eb92fe9568462f547b8e41dbef
GET H2	200	BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2 fonts.gstatic.com/s/ptsansnarrow/v18/	35 KB 36 KB	462ms 153ms	Font font/woff2	142.250.65.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:300,400,500,700|PT+Sans:300,400,500,700|Poppins:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f3.1e100.net Software sffe / Resource Hash 4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.firainhealth.com.dalebateman.ca accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 09:36:25 GMT x-content-type-options nosniff age 299736 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36344 x-xss-protection 0 last-modified Tue, 02 May 2023 15:05:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 14 Feb 2025 09:36:25 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	561ms 252ms	Font font/woff2	142.250.65.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:300,400,500,700|PT+Sans:300,400,500,700|Poppins:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f3.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.firainhealth.com.dalebateman.ca accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 13:43:21 GMT x-content-type-options nosniff age 284920 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 14 Feb 2025 13:43:21 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	436ms 139ms	Font font/woff2	142.250.65.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:300,400,500,700|PT+Sans:300,400,500,700|Poppins:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.163 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f3.1e100.net Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.firainhealth.com.dalebateman.ca accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 15:12:38 GMT x-content-type-options nosniff age 279563 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 14 Feb 2025 15:12:38 GMT
GET H2	200	1jK3uMlMCGlCPLB_rdKbJz0-lm70FAjhL-JsWHh8_oF1MmFXRTWR6SdpWxzPrHqm5GWt-yLfpALFz-Mxnfd7nf9DzLd17Fpd-A=w261 lh3.googleusercontent.com/	19 KB 19 KB	377ms 374ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/1jK3uMlMCGlCPLB_rdKbJz0-lm70FAjhL-JsWHh8_oF1MmFXRTWR6SdpWxzPrHqm5GWt-yLfpALFz-Mxnfd7nf9DzLd17Fpd-A=w261 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash 4b61565da2aab9324501062674073c4ec85d25845a902e6ffa45e6bcaa6eff1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:36 GMT x-content-type-options nosniff age 565 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19057 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:36 GMT
GET H2	200	YLWMu0YkcLVQpAalYTZREdpK1f8Z0aqiJrSDX5sGKRNfrMU87yEyBRCxm8T_XRX3tZXXM9Ygbyt8JhhtmQsfwpRy6YLBNOZA0fY=w417 lh3.googleusercontent.com/	10 KB 10 KB	377ms 376ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/YLWMu0YkcLVQpAalYTZREdpK1f8Z0aqiJrSDX5sGKRNfrMU87yEyBRCxm8T_XRX3tZXXM9Ygbyt8JhhtmQsfwpRy6YLBNOZA0fY=w417 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash 56e04601a0d3de4c0d277fd0250ac192ca4dc42fea767cbebde4009f091a8dc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:36 GMT x-content-type-options nosniff age 565 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10616 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:36 GMT
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/events/	35 B 685 B	391ms 129ms	XHR image/gif	35.192.151.63
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=sVtSnmTjUxz8GQjaziA7AC&v=&e=&st=wordpress&lc=en-US&pid=TFFzCcyz6i5juD2Msz4CDQ&uid=aQvpEMzYzo9HFcGYFWCqVd&sid=UBRSq4jUqR3WxTc94bUS2e&cid=lp-sVtSnmTjUxz8GQjaziA7AC&uri=https%3A%2F%2Fwww.firainhealth.com.dalebateman.ca%2F&rf=&rx=1600&ry=1200&tz=-10%3A00 Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN (), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 20:52:01 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://www.firainhealth.com.dalebateman.ca X-Forwarded-For 185.202.221.240 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 01e8h4c5mdu8c5htr3v0
GET H2	200	_SyXhldnEDOgdYRRlft9X8G6Fe85shb2mXvxsKFLScNhUz7brNKdvL_zu1IHSJP6OdD4vTXwdnWvVmYpUAWM24n-0lO32-eVARQ=w261 lh3.googleusercontent.com/	25 KB 25 KB	328ms 326ms	Image image/png	142.250.64.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/_SyXhldnEDOgdYRRlft9X8G6Fe85shb2mXvxsKFLScNhUz7brNKdvL_zu1IHSJP6OdD4vTXwdnWvVmYpUAWM24n-0lO32-eVARQ=w261 Requested by Host: www.firainhealth.com.dalebateman.ca URL: https://www.firainhealth.com.dalebateman.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.64.65 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s30-in-f1.1e100.net Software fife / Resource Hash 5c974ec20e7e525b224c4aa9cc2d0540ba77068ab5838e4e20b79c32dcdc88e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sun, 18 Feb 2024 20:42:36 GMT x-content-type-options nosniff age 565 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25603 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 19 Feb 2024 20:42:36 GMT
GET H/1.1	200 OK	capture api.leadpages.io/analytics/v1/observations/	35 B 357 B	118ms 117ms	Image image/gif	35.192.151.63
General Check archive.org Show headers Download Go to Show image Full URL https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,1298,368,1673,133,1684,2036,2037,3628,3628 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN (), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 20:52:02 GMT Server Stargate Transfer-Encoding chunked X-Forwarded-For 185.202.221.240 Content-Type image/gif access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 01e8h4dgvcsf1mv2jo30
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/observations/	35 B 460 B	118ms 118ms	XHR image/gif	35.192.151.63
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=dQDuGn46QcxWKPUaDi4twk&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=921.3000030517578,234.4000015258789,1,391.5 Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN (), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-US,en;q=0.9 Referer https://www.firainhealth.com.dalebateman.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Sun, 18 Feb 2024 20:52:05 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://www.firainhealth.com.dalebateman.ca X-Forwarded-For 185.202.221.240 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 01e8h5cdlcdrtfmmoo40

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| LeadPagesCenterObject function| center object| sup

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.api.leadpages.io/analytics/v1/events/capture	1970-01-20 18:32:55	Name: view.TFFzCcyz6i5juD2Msz4CDQ.sVtSnmTjUxz8GQjaziA7AC Value: 1708289522000
			js.center.io/	1970-01-21 04:07:29	Name: centerVisitorId Value: aQvpEMzYzo9HFcGYFWCqVd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.firainhealth.com.dalebateman.ca/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
static.leadpages.net
www.firainhealth.com.dalebateman.ca
142.250.176.202
142.250.64.65
142.250.65.163
216.239.38.21
34.107.203.240
35.192.151.63
54.39.243.219
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
2c101d0dbe70ff31c76de09589e13d68373a5171fb6ca63526f661883e1eb43f
46a60ab87ee182e783d4e20f86486a9917bf94cc4641adeba7db2b5f8a45c27e
4b61565da2aab9324501062674073c4ec85d25845a902e6ffa45e6bcaa6eff1e
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6
56e04601a0d3de4c0d277fd0250ac192ca4dc42fea767cbebde4009f091a8dc4
5c974ec20e7e525b224c4aa9cc2d0540ba77068ab5838e4e20b79c32dcdc88e4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a875fa22291ed684a273fdb5a7590872a6f2e7ce1f4c70d7d78f829147496f92
ace02c2a838b1113016e7ad2f5450ae4bdd78b10204ee99f69a2dff2508a1c65
b965d48a24fb66ff1231fdcf8609859a0e582425795b745766312c1e703d93a5
c1e21b859d89bba98d378d4193647dd43be4f266f9f643095af87bdc2dd44d09
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
e1b140ddc82111f460550e591b0483af21d42b67f57dd40f503ff645fe71e529
e704d34d333879b8f7cb2171de591973803cf8e41e588937477c565f16fc7916
ea7486b2cd841b9f3d37365ee56873b486884152b409db4d65eab759c65faa54