clients.kprofessional.ca Open in urlscan Pro
213.188.198.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clients.kprofessional.ca/
Effective URL:
https://clients.kprofessional.ca/client-login
Submission: On May 23 via automatic, source certstream-suspicious (May 23rd 2024, 2:20:44 pm UTC) — Scanned from CA

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 25 domains to perform 84 HTTP transactions. The main IP is 213.188.198.15, located in United States and belongs to FLY, US. The main domain is clients.kprofessional.ca.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.

This is the only time clients.kprofessional.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	213.188.198.15 213.188.198.15	40509 (FLY) (FLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.85.52 108.138.85.52	16509 (AMAZON-02) (AMAZON-02)
2	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
4	142.251.111.97 142.251.111.97	15169 (GOOGLE) (GOOGLE)
1	23.218.218.173 23.218.218.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
2	64.233.180.100 64.233.180.100	15169 (GOOGLE) (GOOGLE)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
2	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
1	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.251.167.101 142.251.167.101	15169 (GOOGLE) (GOOGLE)
1	142.251.167.106 142.251.167.106	15169 (GOOGLE) (GOOGLE)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	104.18.4.86 104.18.4.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.14.29 104.21.14.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
1	104.18.5.86 104.18.5.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
2	3.162.125.72 3.162.125.72	16509 (AMAZON-02) (AMAZON-02)
1	172.253.63.153 172.253.63.153	15169 (GOOGLE) (GOOGLE)
4	18.233.115.216 18.233.115.216	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.64.81 108.138.64.81	16509 (AMAZON-02) (AMAZON-02)
2	18.154.227.129 18.154.227.129	16509 (AMAZON-02) (AMAZON-02)
2	104.198.23.205 104.198.23.205	15169 (GOOGLE) (GOOGLE)
84	28

16 213.188.198.15 (United States)

ASN40509 (FLY, US)

clients.kprofessional.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.85.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-52.iad12.r.cloudfront.net

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.218.173 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-173.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.180.100 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f100.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.101 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.4.86 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.14.29 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.intake-lr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o552561.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.5.86 (None, )

ASN13335 (CLOUDFLARENET, US)

voice.cohere.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.125.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-72.iad61.r.cloudfront.net

global.keeper-app-backend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.153 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f153.1e100.net

developers-dot-devsite-v2-prod.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.233.115.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-115-216.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.64.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-81.iad12.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.154.227.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-129.iad55.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.intake-lr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	kprofessional.ca clients.kprofessional.ca	3 MB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 736 clientstream.launchdarkly.com — Cisco Umbrella Rank: 886 events.launchdarkly.com — Cisco Umbrella Rank: 907	1 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39 Failed	354 KB
3	intake-lr.com cdn.intake-lr.com — Cisco Umbrella Rank: 24984 r.intake-lr.com — Cisco Umbrella Rank: 33689	232 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	369 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2114	291 KB
2	keeper-app-backend.com global.keeper-app-backend.com — Cisco Umbrella Rank: 751843	1 KB
2	cohere.so static.cohere.so — Cisco Umbrella Rank: 33779 voice.cohere.so — Cisco Umbrella Rank: 51044	110 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 10035	127 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1597	3 KB
1	appspot.com developers-dot-devsite-v2-prod.appspot.com — Cisco Umbrella Rank: 478154	1000 B
1	sentry.io o552561.ingest.sentry.io	308 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 13679
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	28 KB
0	jquery.com Failed code.jquery.com Failed
0	vimeo.com Failed player.vimeo.com Failed
0	osano.com Failed cmp.osano.com Failed
0	wdfl.co Failed r.wdfl.co Failed
84	25

	Domain	Requested by
16	clients.kprofessional.ca	clients.kprofessional.ca
4	events.launchdarkly.com	clients.kprofessional.ca
4	app.launchdarkly.com	clients.kprofessional.ca
4	px.ads.linkedin.com	2 redirects snap.licdn.com clients.kprofessional.ca
4	www.googletagmanager.com	clients.kprofessional.ca www.googletagmanager.com
2	r.intake-lr.com	clients.kprofessional.ca
2	js.intercomcdn.com	widget.intercom.io
2	global.keeper-app-backend.com	clients.kprofessional.ca
2	www.facebook.com	clients.kprofessional.ca
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.ca	clients.kprofessional.ca
2	analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	clients.kprofessional.ca connect.facebook.net
2	fonts.googleapis.com	clients.kprofessional.ca
1	widget.intercom.io	clients.kprofessional.ca
1	developers-dot-devsite-v2-prod.appspot.com	clients.kprofessional.ca
1	clientstream.launchdarkly.com	clients.kprofessional.ca
1	voice.cohere.so	static.cohere.so
1	o552561.ingest.sentry.io	clients.kprofessional.ca
1	cdn.intake-lr.com	clients.kprofessional.ca
1	static.cohere.so	clients.kprofessional.ca
1	www.google.com	clients.kprofessional.ca
1	www.linkedin.com	1 redirects
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	tag.clearbitscripts.com	clients.kprofessional.ca
1	cdnjs.cloudflare.com	clients.kprofessional.ca
0	code.jquery.com Failed	clients.kprofessional.ca
0	player.vimeo.com Failed	clients.kprofessional.ca
0	cmp.osano.com Failed	clients.kprofessional.ca
0	r.wdfl.co Failed	clients.kprofessional.ca
84	32

This site contains no links.

Subject Issuer	Validity	Valid
clients.kprofessional.ca R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
clearbitscripts.com Amazon RSA 2048 M03	`2024-05-11` - `2025-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
static.cohere.so Cloudflare Inc ECC CA-3	`2023-10-16` - `2024-10-15`	a year	crt.sh
intake-lr.com E1	`2024-05-05` - `2024-08-03`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
voice.cohere.so E1	`2024-04-15` - `2024-07-14`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M01	`2023-08-09` - `2024-09-05`	a year	crt.sh
global.keeper-app-backend.com Amazon RSA 2048 M01	`2023-07-31` - `2024-08-28`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-05-22` - `2025-06-21`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
api.logrocket.com R3	`2024-05-02` - `2024-07-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://clients.kprofessional.ca/client-login
Frame ID: BF57AE2599EDA69B1C1C7C8352B585FB
Requests: 75 HTTP requests in this frame

Frame: https://voice.cohere.so/chatPreload/
Frame ID: 7116727DA5C1755C8BBD3E355E933D2F
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.4d66b2f2.js
Frame ID: 299F984AABD1455649D9DD1F111242D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Client Portal

Page URL History Show full URLs

https://clients.kprofessional.ca/ Page URL
https://clients.kprofessional.ca/client-login Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

71 %
HTTPS

0 %
IPv6

25
Domains

32
Subdomains

28
IPs

2
Countries

3993 kB
Transfer

14984 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clients.kprofessional.ca/ Page URL
https://clients.kprofessional.ca/client-login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4188428%26time%3D1716474038978%26url%3Dhttps%253A%252F%252Fclients.kprofessional.ca%252Fclient-login%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&cookiesTest=true&liSync=true

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
clients.kprofessional.ca/ 104 KB
24 KB 316ms
242ms Document
text/html 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 57213
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 23 May 2024 14:20:38 GMT
fly-request-id: 01HYJX6HJ76G4HERA6GNXF0P6D-yyz
link: <http://static.keeper.app/wp-json/>; rel="https://api.w.org/" <http://static.keeper.app/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <http://static.keeper.app/>; rel=shortlink
server: Fly/ff37a3cc6 (2024-05-21)
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-id: sFvZk9Lm5kiy7H5dTp6L2de7hKGQFvyOzpGgUmLC8BdQvCWJ2ijBxw==
x-amz-cf-pop: HIO52-P1
x-cache: Hit from cloudfront

GET
H3 200 jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 55ms
32ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=1.9.1

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2071681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dA63AuXVsNwO5LC13tWJG0Dosw95o%2BOW3pKiAoxHMaSOdPGczYzVS17htfS%2Bvn3wMWHc7PgRlrmzvxnNQ9EgXqFQeNXJKVlMOV4CQ29fEEhrh1DrP5NXSbA3vIyJROBc4FFszSuA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8885b0121dadac18-YYZ
expires: Tue, 13 May 2025 14:20:38 GMT

GET
H2 403 tags.js
tag.clearbitscripts.com/v1/pk_9c0902078aa80874cb16c2234e137845/ 0
0 207ms
116ms Script
application/javascript 108.138.85.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_9c0902078aa80874cb16c2234e137845/tags.js

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-52.iad12.r.cloudfront.net

Software

Clearbit /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 4685cae701bd588fa0176a1c8b1e52f4.cloudfront.net (CloudFront)
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P2
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: TNf8BXkVw_Krees4sG19FDMHvkls2wwyEDWQrnprg0iDkwS80LsluQ==

GET rw.js
r.wdfl.co/ 0
0

GET osano.js
cmp.osano.com/AzqaarTYa9oY2oB/36cd0367-ca42-40c5-b3d6-679e8a77cc21/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 123ms
50ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:800normal|Montserrat:700normal|Montserrat:400normal|Montserrat:400italic|Montserrat:500normal&display=swap

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 14:20:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 14:20:38 GMT

GET
H2 200 head.min.css
clients.kprofessional.ca/wp-content/themes/landslide/dist/ 50 KB
10 KB 213ms
212ms Stylesheet
text/css 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/wp-content/themes/landslide/dist/head.min.css?abbbfdafdsafsfdbbfdsafsbykorraaaaa
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: zstd
via: 1.1 fb2e3e161147dc940086f9545b8e0e4a.cloudfront.net (CloudFront), 2 fly.io
age: 57144
x-amz-cf-pop: HIO52-P1
x-cache: Hit from cloudfront
last-modified: Wed, 30 Nov 2022 22:06:07 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6HVZPMHYFAWQKTF5BAPR-yyz
etag: "6387d3cf-c960"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 9T2g_vJ9zhT4caAnSWBCp-OyS-pT0rczZ8gBHNZfX_p3xJNNV18Iwg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 body.min.css
clients.kprofessional.ca/wp-content/themes/landslide/dist/ 78 KB
15 KB 210ms
209ms Stylesheet
text/css 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/wp-content/themes/landslide/dist/body.min.css?abbbfdafdsafsfdbbfdsafsbykorraaaaa
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: zstd
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 2 fly.io
age: 57144
x-amz-cf-pop: HIO52-P1
x-cache: Hit from cloudfront
last-modified: Wed, 30 Nov 2022 22:06:07 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6HVZWXGGPJ8MMDA09WZK-yyz
etag: "6387d3cf-137a5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: xQNFQg4MwXgDiG0rFOWrWLLjnQKCCJXaJvvhgmzUgl2FAIIhWHpAhQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET logo.svg
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET
H2 200 loader.gif
clients.kprofessional.ca/wp-content/plugins/logo-slider-wp/public/assets/img/ 2 KB
3 KB 158ms
156ms Image
image/gif 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.kprofessional.ca/wp-content/plugins/logo-slider-wp/public/assets/img/loader.gif
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
via: 1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront), 2 fly.io
last-modified: Sun, 05 May 2024 18:27:03 GMT
server: Fly/ff37a3cc6 (2024-05-21)
age: 57078
x-amz-cf-pop: JFK50-P8
etag: "6637cf77-9f1"
fly-request-id: 01HYJX6HW6QVX5MXSQVTFCHPKS-yyz
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2545
x-amz-cf-id: yNApBSadpJJNn60CZuTRfi52xqrxO_3S-YQHm2Rluc-3EB1qhOp6yw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Untitled-2.png
clients.kprofessional.ca/wp-content/uploads/2022/11/ 9 KB
10 KB 209ms
208ms Image
image/png 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/Untitled-2.png
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 2 fly.io
last-modified: Wed, 30 Nov 2022 22:06:07 GMT
server: Fly/ff37a3cc6 (2024-05-21)
age: 57078
x-amz-cf-pop: HIO52-P1
etag: "6387d3cf-25b5"
fly-request-id: 01HYJX6HW7K3SPCS145R6AJV7Q-yyz
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9653
x-amz-cf-id: zo4Oy17Z4GRclX95Djbox8lMgQx7o6sLx8drzsR1bi-RDdsUKGiBoA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bridged_final.png
clients.kprofessional.ca/wp-content/uploads/2024/02/ 15 KB
0 167ms
167ms Image
image/png 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients.kprofessional.ca/wp-content/uploads/2024/02/bridged_final.png
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
via: 1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront), 2 fly.io
last-modified: Wed, 14 Feb 2024 00:28:35 GMT
server: Fly/ff37a3cc6 (2024-05-21)
age: 57078
x-amz-cf-pop: JFK50-P8
etag: "65cc0933-29d37"
fly-request-id: 01HYJX6J15SXQFVQYFZFC5T9M9-yyz
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 171319
x-amz-cf-id: 9iEBXp7uhbRmwyATptPG3qyAWU56ZwggBCCqEiRiUHz25YjuzZMXyg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET trac-1.png
clients.kprofessional.ca/wp-content/uploads/2023/03/ 0
0

GET 618c9caeaa995970ec0585b5___digisist_full_red-dark.png
clients.kprofessional.ca/wp-content/uploads/2023/02/ 0
0

GET HB-Logo-1172-%C3%97-300-px-transparent-background.png
clients.kprofessional.ca/wp-content/uploads/2022/12/ 0
0

GET desktop-logo-300.png
clients.kprofessional.ca/wp-content/uploads/2022/12/ 0
0

GET VM-WASEK-5.png
clients.kprofessional.ca/wp-content/uploads/2022/12/ 0
0

GET AutomatedAccountingNewStd-1.png
clients.kprofessional.ca/wp-content/uploads/2022/12/ 0
0

GET Specialty-Bookkeepers-and-tax-logo-circle-horiz-small-300x60-1.png
clients.kprofessional.ca/wp-content/uploads/2022/12/ 0
0

GET Lionshare-Bookkeeping-logo.png
clients.kprofessional.ca/wp-content/uploads/2022/12/ 0
0

GET plumb.png
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET mountain.png
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET Logo_wide.webp
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET go-logo-shadow.png
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET Artboard.png
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET 6oun26huSMOdnrttzVJK_PNG_1.png
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET Screenshot-2024-01-09-at-2.41.49%E2%80%AFPM.png
clients.kprofessional.ca/wp-content/uploads/2024/01/ 0
0

GET player.js
player.vimeo.com/api/ 0
0

GET Untitled-design-18-1.png
clients.kprofessional.ca/wp-content/uploads/2022/11/ 0
0

GET jquery-3.6.0.min.js
code.jquery.com/ 0
0

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H2 200 Primary Request client-login Show response
clients.kprofessional.ca/ 3 KB
2 KB 311ms
311ms Document
text/html 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/client-login
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: ad22d9efebaf0a4b0551050acec6470b90f7567e61f1a45ad089c3d5a67301d5

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://clients.kprofessional.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 57207
content-encoding: zstd
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
content-type: text/html
date: Thu, 23 May 2024 14:20:38 GMT
document-policy: js-profiling
etag: "c36863aebe4f47b3650ed385646e80b4"
fly-request-id: 01HYJX6HWR769TR7FKDF61KMZV-yyz
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
vary: Accept-Encoding
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-id: hLi2kn536TCSF-n2YZ57nURrIt_WPXqmqcPi3o28Ncyv2Cs75WYoeQ==
x-amz-cf-pop: HIO52-P1
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 11 KB
774 B 51ms
49ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800&display=swap

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 13:43:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 14:20:38 GMT

GET
H2 200 rw.js Show response
clients.kprofessional.ca/ 16 KB
6 KB 209ms
209ms Script
text/javascript 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/rw.js
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: d439c91c81a7dcd715cae130359cb5a248cfbc48abf6ae7ed7b55cab6afc9f26

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: zstd
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: HIO52-P1
age: 57144
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6J822W5HZ3DCHHSEHD9R-yyz
etag: "192f3003f100e6bec36f3a16f0840f6c"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: AQ8UYce4j5pmdxcZzHWtBgw5wVtrvy8o6_S2N7R1oykUsGrNzjUslQ==

GET
H2 200 main.da69b734.js Show response
clients.kprofessional.ca/static/js/ 9 MB
2 MB 210ms
209ms Script
text/javascript 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/static/js/main.da69b734.js
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: 3e58369ab78ff29e61530d52412c3a33f74487b97a700c5d31a4672fd96447e7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: zstd
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: HIO52-P1
age: 57207
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:55 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6J9Q6KYTW53D7NJ51G76-yyz
etag: "941fdca07ecaea112e233964aa69f640-2"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: SlE9zueKvNtUhTsi1l4KSR7R_xrWSBzVdawMiLiNjRtYlHHKitf-QQ==

GET
H2 200 main.307c607a.css
clients.kprofessional.ca/static/css/ 1 MB
174 KB 210ms
209ms Stylesheet
text/css 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/static/css/main.307c607a.css
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: ba179aaadbba81058865bc6b2382582ffd6dd3f24f5aa0dbae2eb33980f31b96

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: zstd
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: HIO52-P1
age: 57207
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6J822EJZGF5M31TNCE9R-yyz
etag: "28dfb5daa9d8e8c5fd34083c93957aed"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: IfiA-LseqiRikm4kAKRGA9MxD1jlmuyLkeH5pJVDVQARl27QI_EJPQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 127ms
52ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-224894234-1

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d83e44764532179f55b0bacf8b5040a79e1dde6b7e5b21d75c906b6440db14af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75177
x-xss-protection: 0
last-modified: Thu, 23 May 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 14:20:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
91 KB 154ms
80ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2DKZ49V

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

47661d1ccc561fca5b96f362c96588493b3ac8dee94cc177e2138216594efc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92753
x-xss-protection: 0
last-modified: Thu, 23 May 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 14:20:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
106 KB 53ms
52ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B0SWYRGB58&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-224894234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

739bd358f5a586be808941dcb4308e33375e782637095090c77b34a461488b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 May 2024 14:20:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 52ms
52ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10872330789&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2DKZ49V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d263deb974a65468860d9ea67bee22ed7b27cbdc99ec77a96eb3e7e214e5bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85141
x-xss-protection: 0
last-modified: Thu, 23 May 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 14:20:38 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 127ms
37ms Script
application/javascript 23.218.218.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2DKZ49V

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.173 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-173.deploy.static.akamaitechnologies.com

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=28412
accept-ranges: bytes
content-length: 16683

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 111ms
35ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 May 2024 14:20:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: iqxLB9Q93jTKqss0LU1IwiC0Mc5abJwByIOKD/hgzRBQJNRAOy/SXG+BzNb5LGbEu24IVVpALfzaS0YxnsKjeA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 120ms
45ms Ping
text/plain 64.233.180.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B0SWYRGB58&gtm=45je45k0v9122735330z89138109485za200&_p=1716474038568&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1757384106.1716474039&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1716474038&sct=1&seg=0&dl=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&dr=https%3A%2F%2Fclients.kprofessional.ca%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=756
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B0SWYRGB58&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.180.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: on-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clients.kprofessional.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 118ms
42ms Ping
text/plain 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B0SWYRGB58&cid=1757384106.1716474039&gtm=45je45k0v9122735330z89138109485za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B0SWYRGB58&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clients.kprofessional.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 134ms
95ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B0SWYRGB58&cid=1757384106.1716474039&gtm=45je45k0v9122735330z89138109485za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=486257322

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10872330789/ 3 KB
1 KB 126ms
49ms Script
text/javascript 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10872330789/?random=1716474038941&cv=11&fst=1716474038941&bg=ffffff&guid=ON&async=1&gtm=45be45k0h1v9162602587z89138109485za200zb9138109485&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&ref=https%3A%2F%2Fclients.kprofessional.ca%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1095146653.1716474039&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10872330789&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

4fd07469a2eaaf881952389d0f721835a52819bf3a233eb72fff173251f22ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1427
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
980 B 134ms
64ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYZH8Fda9aO02N0h3ePjw==
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 120ECB6AABD94079887DF93C579A6630 Ref B: YTO01EDGE0718 Ref C: 2024-05-23T14:20:39Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 0006191fc15d6bd68ed3637487778f8f

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4188428%26time%3D1716474038978%26url%3Dhttps%253A%252F%252Fclients.kprofessional....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&cookiesTest=true&liSync=true

0
164 B

59ms
59ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&cookiesTest=true&liSync=true
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://clients.kprofessional.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Thu, 23 May 2024 14:20:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4AAEA45500E2487A8913B7F6F8A4A9B3 Ref B: YTO01EDGE0516 Ref C: 2024-05-23T14:20:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYZH8FgyHvI+c+3/2tqHw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Thu, 23 May 2024 14:20:38 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYZH8FfjH6Qr22+CRjePQ==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DD39BECE25E240C7982DF29BC3518843 Ref B: YTO01EDGE0516 Ref C: 2024-05-23T14:20:39Z
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4188428&time=1716474038978&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1124256301961796 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 113ms
113ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1124256301961796?v=2.9.156&r=stable&domain=clients.kprofessional.ca&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

d70f258f3216195401bae6fcefe8e0bf3b12cf7466296318641d0e5e13568212

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 May 2024 14:20:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=62, mss=1380, tbw=63339, tp=-1, tpl=-1, uplat=78, ullat=1
pragma: public
x-fb-debug: U/ECtqNKIfYwufFbirO7Q7vfUJ7EkUi4xHvh10BY0oBjbOYJBvfCWE4S1hisw33yXbGgMIFxDQ0ebto4RJT9jA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 109ms
35ms Script
text/javascript 142.251.167.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-224894234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 May 2024 14:14:50 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 349
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 May 2024 16:14:50 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10872330789/ 42 B
64 B 118ms
45ms Image
image/gif 142.251.167.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10872330789/?random=1716474038941&cv=11&fst=1716472800000&bg=ffffff&guid=ON&async=1&gtm=45be45k0h1v9162602587z89138109485za200zb9138109485&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&ref=https%3A%2F%2Fclients.kprofessional.ca%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1095146653.1716474039&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLS0IECjua8ddxgiLVeA8i5ozdpYzjmA&random=2998933131&rmt_tld=0&ipr=y

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.106 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/10872330789/ 42 B
64 B 50ms
49ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/10872330789/?random=1716474038941&cv=11&fst=1716472800000&bg=ffffff&guid=ON&async=1&gtm=45be45k0h1v9162602587z89138109485za200zb9138109485&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&ref=https%3A%2F%2Fclients.kprofessional.ca%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1095146653.1716474039&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLS0IECjua8ddxgiLVeA8i5ozdpYzjmA&random=2998933131&rmt_tld=1&ipr=y

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 107ms
35ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1124256301961796&ev=PageView&dl=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&rl=https%3A%2F%2Fclients.kprofessional.ca%2F&if=false&ts=1716474039130&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716474039128.823054217&cdl=API_unavailable&it=1716474039001&coo=false&rqm=GET

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2829, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 May 2024 14:20:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 261ms
189ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1124256301961796&ev=PageView&dl=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&rl=https%3A%2F%2Fclients.kprofessional.ca%2F&if=false&ts=1716474039130&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716474039128.823054217&cdl=API_unavailable&it=1716474039001&coo=false&rqm=FGET

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7c58a8b464e679c7","source_keys":["1","2"]},{"key_piece":"0xc3f9b87bcb36f862","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 23 May 2024 14:20:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=15, mss=1380, tbw=3147, tp=-1, tpl=-1, uplat=154, ullat=0
pragma: no-cache
x-fb-debug: JeLTAUqsuaR4/eBLenVIVs5pWNQTnVDsPvDofamfaMxHEFjnD5ZCjTKH8PTV4aJ0IEw0bXAWzXh28GygIb2GVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 43ms
42ms XHR
text/plain 142.251.167.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1466527615&t=pageview&_s=1&dl=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&ul=en-ca&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2070861034&gjid=915184949&cid=1757384106.1716474039&tid=UA-224894234-1&_gid=1498768066.1716474039&_r=1&gtm=457e45k0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1084656619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clients.kprofessional.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.js Show response
static.cohere.so/ 337 KB
110 KB 99ms
69ms Script
application/javascript 104.18.4.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cohere.so/main.js

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.4.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f1107c9df7c79a779c308a91e99bc629d53956e2f0e646a303f3a8f3cc7603

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"149bf97767320573ebbbf4214f899a38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qf7abKec1tzf5YjVazE3rSAUT5QicKeZekGuug5hYkYx7U3YG5Bqws6O5cs1BA5FjTlzbEH2I0uAl8%2BVCGBXuaigZVYE6ispK0p%2F5d00S28kPwVdbniWQr6bp19a82MZIoT1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8885b01dec58ac75-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 logger-1.min.js Show response
cdn.intake-lr.com/ 844 KB
167 KB 74ms
36ms Script
text/javascript 104.21.14.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.intake-lr.com/logger-1.min.js

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.29 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

525ec8aaeeab83fc933bf4ae7a8967451a208edde7509cccc2f90d50e67881a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4553-YYZ
last-modified: Wed, 22 May 2024 20:18:45 GMT
server: cloudflare
x-timer: S1716409416.078214,VS0,VE112
etag: W/"a4261bc5ae92098e194df92503581594d71e30cefdf4685da5aeb2350b54e332-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Q9IhPbw%2B8FyDhu5smjEmj%2BEsWP1oZ0DPBSffOmnys2uSfdnZFwZXyHyznJOrcz0%2FN6pRELwhjYK4kM9QDl7ktKF%2BG2XtdhH9d%2BXef5%2BEOUPl7QKySB4vddJro7g8Laqv1BaRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8885b01e0d1936a5-YYZ
x-cache-hits: 0

POST
H2 200 / Show response
o552561.ingest.sentry.io/api/5678521/envelope/ 2 B
308 B 94ms
43ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o552561.ingest.sentry.io/api/5678521/envelope/?sentry_key=a1ec4ceac79f4228841055b5e33cb53e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.68.0

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 db.worker.6e07c149.worker.js
clients.kprofessional.ca/static/js/ 296 KB
83 KB 208ms
208ms Other
text/javascript 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/static/js/db.worker.6e07c149.worker.js
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: 4fe54bb9ac95789950230a85bbe0b94af06d9b6cef5d166a291d2eff4cee8421

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: zstd
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: HIO52-P1
age: 57207
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:55 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6KR9S19MZVY9HGVJ1GTD-yyz
etag: "e3dd21e28f73d2c7f8a1c7e3879a80d0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: ww0Fvy45p1NwLXDenvjOvXX3cXslhN1BQCCZHqs8P5Wx79XpfkSNrg==

GET
H2 200 331.51caccc3.chunk.js Show response
clients.kprofessional.ca/static/js/ 251 KB
66 KB 210ms
209ms Script
text/javascript 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/static/js/331.51caccc3.chunk.js
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: b42ebdb8e62b506874f39955da26d972e8a51056e6b0c385b9da9c1339010dbc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: zstd
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: HIO52-P1
age: 57208
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6KS157DZKR40YH87W2PV-yyz
etag: "72be6b8b5f967683d034b403c95d5341"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: A00vu94nuG1WRHZtIeEnITPxmQtoB2eORENzrEoGXBTuHHCci2t0uQ==

GET
H2 200 365.c5f52413.chunk.js Show response
clients.kprofessional.ca/static/js/ 25 KB
11 KB 169ms
168ms Script
text/javascript 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/static/js/365.c5f52413.chunk.js
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: 603d33c5e40531598a27bb5ec10cecbdaeb0e340345b82063becec2dd59f6dbe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: zstd
via: 1.1 b8a14e264cc616c0c59fba7aea8f19be.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: JFK50-P8
age: 57207
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6KS2G0F02BHAS9W0Y5P2-yyz
etag: "bc2405a70bd6ce56f051c8395e85dea0"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 8klCejwla4R_qMVYJklGY_9HolVGUUJcjPSHmiqnAWchfXZGYVuvYg==

GET
H2 200 435.035d6c2c.chunk.js Show response
clients.kprofessional.ca/static/js/ 31 KB
11 KB 208ms
207ms Script
text/javascript 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/static/js/435.035d6c2c.chunk.js
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: 254f8952311b0fd9d1dfdbac116fe8bd46b61e32883910f8505d05500d548940

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: zstd
via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: HIO52-P1
age: 57207
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6KS2DMRK3S9HJ1HFX1Q6-yyz
etag: "4fb0c037e686ed564e68a08bf6066812"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: I7ihHT1KyIoM5NzyCAiFODrgQbi4liRLcHdS_6pmaaPYygC5zY1hLg==

GET
H2 200 46.bcf27794.chunk.js Show response
clients.kprofessional.ca/static/js/ 33 KB
10 KB 179ms
179ms Script
text/javascript 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/static/js/46.bcf27794.chunk.js
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: bd1227088541bff81198d6d7e4f24ca0393b6132fa89ec68e31e174d68659752

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: zstd
via: 1.1 0a4f6965adeb6ede9b7ffa17215c0b16.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: JFK50-P8
age: 57207
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6KS2TA0S0KC0JE0ES45Z-yyz
etag: "22c5cfbb3bcebc7dbc66d170107cc596"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: qp7_LAgkL5gDswPmExjTyLAg-t7tzXq-EOdwa_bdt3djbvJFPwizXQ==

OPTIONS
H2 200 63b838700e955212fb9b1b24
app.launchdarkly.com/sdk/goals/ Frame 0
0 77ms
18ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63b838700e955212fb9b1b24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://clients.kprofessional.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 23 May 2024 14:20:40 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-yyz4566-YYZ
x-timer: S1716474040.167271,VS0,VE1

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYTFjNDEyMDAtMTkwZi0xMWVmLTgzOGYtYzU3OWZlNTRlMWVhIn0
app.launchdarkly.com/sdk/evalx/63b838700e955212fb9b1b24/contexts/ Frame 0
0 76ms
18ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/63b838700e955212fb9b1b24/contexts/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYTFjNDEyMDAtMTkwZi0xMWVmLTgzOGYtYzU3OWZlNTRlMWVhIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://clients.kprofessional.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 23 May 2024 14:20:40 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-yyz4566-YYZ
x-timer: S1716474040.167294,VS0,VE1

GET
H2 200 63b838700e955212fb9b1b24 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 19ms
18ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/63b838700e955212fb9b1b24

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://clients.kprofessional.ca/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 May 2024 14:20:40 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-yyz4566-YYZ
x-timer: S1716474040.186896,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

GET
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYTFjNDEyMDAtMTkwZi0xMWVmLTgzOGYtYzU3OWZlNTRlMWVhIn0 Show response
app.launchdarkly.com/sdk/evalx/63b838700e955212fb9b1b24/contexts/ 1016 B
627 B 32ms
32ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/63b838700e955212fb9b1b24/contexts/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYTFjNDEyMDAtMTkwZi0xMWVmLTgzOGYtYzU3OWZlNTRlMWVhIn0
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76e27467a4add071be68e6ef6853a6d09a78c4c2eb21070f0db9f254a53314cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://clients.kprofessional.ca/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 254
x-served-by: cache-yyz4581-YYZ, cache-yyz4566-YYZ
x-timer: S1716474040.186748,VS0,VE15
etag: "155dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H3 200 /
voice.cohere.so/chatPreload/ Frame 7116 0
0 89ms
60ms Document
text/html 104.18.5.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voice.cohere.so/chatPreload/

Requested by

Host: static.cohere.so
URL: https://static.cohere.so/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.5.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://clients.kprofessional.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8885b01efcbcab45-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 23 May 2024 14:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6y3aal4g%2Bu7olu0Z2KIBD7Hhq8U3erxHh%2FBFSevseUhTFcPW2DZGE3u4w0u69OWf4rj7sYTNduuq7Vm09KnNBKkHfkwrelnQlRM3aocz2oJsH5VrlJwLP18j%2Bs2Uu8ANN4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
BLOB 200
OK d6dffddc-2ee2-4a03-b870-8a6e3c1db565
https://clients.kprofessional.ca/ 471 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://clients.kprofessional.ca/d6dffddc-2ee2-4a03-b870-8a6e3c1db565
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af248967612a92715a6e054f903572de3b0fdac53c00ef538d342e91b0ce2d49

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 482073
Content-Type

GET
H2 200 eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYTFjNDEyMDAtMTkwZi0xMWVmLTgzOGYtYzU3OWZlNTRlMWVhIn0
clientstream.launchdarkly.com/eval/63b838700e955212fb9b1b24/ 1 KB
0 140ms
45ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/63b838700e955212fb9b1b24/eyJraW5kIjoidXNlciIsImFub255bW91cyI6dHJ1ZSwia2V5IjoiYTFjNDEyMDAtMTkwZi0xMWVmLTgzOGYtYzU3OWZlNTRlMWVhIn0

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://clients.kprofessional.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

OPTIONS
H/1.1 204
No Content branding
global.keeper-app-backend.com/practice/ Frame 0
0 167ms
40ms Preflight 3.162.125.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.keeper-app-backend.com/practice/branding?whiteLabelUrl=https:%2F%2Fclients.kprofessional.ca

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-72.iad61.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: baggage,sentry-trace
Access-Control-Request-Method: GET
Origin: https://clients.kprofessional.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: baggage,sentry-trace
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Date: Thu, 23 May 2024 14:20:40 GMT
Origin-Agent-Cluster: ?1
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Access-Control-Request-Headers
Via: 1.1 4f8e8c9677a68ac8935c32689f962b7a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: l2tGdN4EiY2tJbry1WUG1BTyPBpY732NIY1-qVTS7EWlWqNwQBfqAQ==
X-Amz-Cf-Pop: IAD61-P3
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0

GET
H2 200 g-normal.png
developers-dot-devsite-v2-prod.appspot.com/identity/sign-in/ 529 B
1000 B 183ms
105ms Image
image/png 172.253.63.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://developers-dot-devsite-v2-prod.appspot.com/identity/sign-in/g-normal.png

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.153 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f153.1e100.net

Software

Google Frontend /

Resource Hash

0a7407fe631e920bdb4c4b76b202124757286a2c3a64c751fda6511f736c91f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
date: Thu, 23 May 2024 14:20:40 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 529
x-xss-protection: 0
pragma: no-cache
server: Google Frontend
vary: Cookie
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: https://developers.google.com
x-cloud-trace-context: d4b3ed981255d4858f4ea67213f8b0bf
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-XSRF-TOKEN, DNT
expires: 0

GET
H/1.1 200
OK branding Show response
global.keeper-app-backend.com/practice/ 201 B
1 KB 54ms
53ms XHR
application/json 3.162.125.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.keeper-app-backend.com/practice/branding?whiteLabelUrl=https:%2F%2Fclients.kprofessional.ca

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-72.iad61.r.cloudfront.net

Software

Resource Hash

fa6b2488d92659a884c28c519545f21e73addaffa5f9b893beb67a7c68529422

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://clients.kprofessional.ca/
baggage: sentry-environment=production,sentry-release=ba2cd78989fbf7ba4439856ab8cb17deb7d038b4,sentry-public_key=a1ec4ceac79f4228841055b5e33cb53e,sentry-trace_id=29eaf93832b34bf9a74f2aa39f6ea44e,sentry-sample_rate=0.1,sentry-sampled=false
sentry-trace: 29eaf93832b34bf9a74f2aa39f6ea44e-95e192e1db38d964-0
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 23 May 2024 14:20:40 GMT
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000; includeSubDomains
Via: 1.1 4f8e8c9677a68ac8935c32689f962b7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD61-P3
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 201
X-XSS-Protection: 0
X-Request-Id: Root=1-664f50b8-0d04feee4f20995554679ea9
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"c9-95zdb4S+Rk4DpuJznEfnGn92F6g"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?1
X-Amz-Cf-Id: IQyMslX48WFQesGYP50-rDV5oSPuaF2C_ZMCpBDmy0cV6yGRtl9xAA==

OPTIONS
H2 204 63b838700e955212fb9b1b24
events.launchdarkly.com/events/diagnostic/ Frame 0
0 113ms
35ms Preflight 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63b838700e955212fb9b1b24

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://clients.kprofessional.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 23 May 2024 14:20:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 n1ttmdbg Show response
widget.intercom.io/widget/ 7 KB
3 KB 110ms
35ms Script
application/javascript 108.138.64.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/n1ttmdbg
Requested by: Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/client-login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.64.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-64-81.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4e0489ee88859828ddc9d14bcfba3f324deacbd0ac9c9b1c0b538d423760894

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FzLFY3IpWvqAvqZezttR1mzKY640MTmJ
content-encoding: gzip
via: 1.1 31341771a4bfa40d7b1f61883ffb56c6.cloudfront.net (CloudFront)
date: Thu, 23 May 2024 14:15:26 GMT
x-amz-cf-pop: IAD12-P1
age: 315
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2669
last-modified: Thu, 23 May 2024 14:05:22 GMT
server: AmazonS3
etag: "4d2fa596e8cbb0ebba2b95631b8ae19e"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: UqJRfW0VT7mMfODuM4PdpHIi9Fa6pfwOUMhXkW6CQLAlrCu0lS3-9w==

POST
H2 202 63b838700e955212fb9b1b24 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 36ms
36ms XHR
application/json 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/63b838700e955212fb9b1b24

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-CA,en;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://clients.kprofessional.ca/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 favicon.ico
clients.kprofessional.ca/ 15 KB
2 KB 208ms
207ms Other
image/vnd.microsoft.icon 213.188.198.15
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clients.kprofessional.ca/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.188.198.15 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/ff37a3cc6 (2024-05-21) /
Resource Hash: 8f4d640240698260f5c32ec635b2fb8ec1dad3458dbf49c5ea7fdf48a353580a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/client-login
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:40 GMT
content-encoding: zstd
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 2 fly.io
x-amz-cf-pop: HIO52-P1
age: 57205
document-policy: js-profiling
x-amz-server-side-encryption: AES256
content-security-policy-report-only: report-uri https://global.keeper-app-backend.com/log/csp-log; default-src 'self' https://*.cohere.so; script-src 'self' 'wasm-unsafe-eval' https://*.googleapis.com https://app.birdie.so https://socketstorm.birdie.so https://widget.intercom.io https://cdn.ingest-lr.com https://r.ingest-lr.com https://static.intercomassets.com https://api-iam.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://r.wdfl.co; style-src 'self' 'unsafe-inline' https://cdn.birdie.so https://fonts.googleapis.com; img-src 'self' cid: blob: https: data:; font-src 'self' https://fonts.gstatic.com https://fonts.intercomcdn.com data:; worker-src 'self' blob: https://cdn.ingest-lr.com; connect-src * blob: data: 'unsafe-inline'; script-src-elem * 'unsafe-inline'; frame-src 'self' https://voice.cohere.so https://*.google.com https://giphy.com https://*.doubleclick.net https://client-portal-v2-production.firebaseapp.com https://intuit-qbo-prod-1.s3.amazonaws.com https://td.doubleclick.net https://giphy.com
x-cache: Hit from cloudfront
last-modified: Wed, 22 May 2024 22:26:54 GMT
server: Fly/ff37a3cc6 (2024-05-21)
fly-request-id: 01HYJX6MCC5ZCHDH32G63XD26Y-yyz
etag: "40939f99c08b988a0ac67bf5e29d1734"
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
x-amz-cf-id: WVXK1Z2vE3R8_qQ-2lZxzjWoKzoCpG4UaGfHTEHzGnTir0D2v6IQ9A==

GET
H2 200 frame-modern.4d66b2f2.js Show response
js.intercomcdn.com/ Frame 299F 459 KB
138 KB 249ms
87ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.4d66b2f2.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1ttmdbg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-129.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4d1bba5223479be2545f7cfaf04435c3d7c937b083371e75463fedbddbd36ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:05:26 GMT
content-encoding: gzip
via: 1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront)
x-amz-version-id: LMNoHMEaJ6LpACG3ExD0OdTTT9qo7Ukb
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
age: 916
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 140879
last-modified: Thu, 23 May 2024 14:02:37 GMT
server: AmazonS3
etag: "7c7d0b9cd8e60dc3e75b99fae211c05d"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 2taQsf4Yae6P-Xe937OyJLAN20fMFufkp5Mza75Ba2SOl99Kv5V3Ew==

GET
H2 200 vendor-modern.84baedee.js Show response
js.intercomcdn.com/ Frame 299F 492 KB
153 KB 202ms
40ms Script
application/javascript 18.154.227.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.84baedee.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1ttmdbg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-129.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

521bf0423a56c40d1ffeaf6f0a9fa1da940c487284307f85e995756670dab671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 85P151nULD6Y7YNJHwYktfBjJwEthxeM
content-encoding: gzip
via: 1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront)
date: Thu, 23 May 2024 14:17:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P5
age: 187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 155847
last-modified: Thu, 23 May 2024 09:40:20 GMT
server: AmazonS3
etag: "072df969182eb6d79f0cc08450299bf4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: sgoafMzoGPruz54--UQC0eEJpVtlqT4Vc-IWOJWdFKic9GTuCFs5mw==

OPTIONS
H2 204 63b838700e955212fb9b1b24
events.launchdarkly.com/events/bulk/ Frame 0
0 37ms
36ms Preflight 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/63b838700e955212fb9b1b24

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://clients.kprofessional.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 23 May 2024 14:20:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 63b838700e955212fb9b1b24 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 40ms
40ms XHR
application/json 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/63b838700e955212fb9b1b24

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-LaunchDarkly-Payload-ID: a35141b0-190f-11ef-838f-c579fe54e1ea
X-LaunchDarkly-Event-Schema: 4
Accept-Language: en-CA,en;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://clients.kprofessional.ca/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 i
r.intake-lr.com/ Frame 0
0 174ms
49ms Preflight 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.intake-lr.com/i?a=fchghe%2Fkeeper&r=5-f4d2220b-cb73-4508-addd-ad5cff1ec764&t=db2f8597-6527-46e5-b634-60e3faba616b&s=0&rs=0%2Cu&u=bd2c81c2-63de-413d-96b8-da8ae7616c2a&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://clients.kprofessional.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Thu, 23 May 2024 14:20:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.intake-lr.com/ 64 KB
65 KB 186ms
185ms XHR
application/json 104.198.23.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.intake-lr.com/i?a=fchghe%2Fkeeper&r=5-f4d2220b-cb73-4508-addd-ad5cff1ec764&t=db2f8597-6527-46e5-b634-60e3faba616b&s=0&rs=0%2Cu&u=bd2c81c2-63de-413d-96b8-da8ae7616c2a&is=1

Requested by

Host: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/static/js/main.da69b734.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

f317d059f50d4ca3d28a2e040a8f6b2ffba733ab05fad8a0a2915c55479c43f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
X-LogRocket-Relay-Version: 2023.12.0
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:20:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"1016c-+DIFkToUmnkgdz7eM8pv/KVu/ac"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 65900

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 46ms
45ms Ping
text/plain 64.233.180.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B0SWYRGB58&gtm=45je45k0v9122735330za200&_p=1716474038568&gcd=13l3l3l3l1&npa=0&dma=0&cid=1757384106.1716474039&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1716474038&sct=1&seg=0&dl=https%3A%2F%2Fclients.kprofessional.ca%2Fclient-login&dr=https%3A%2F%2Fclients.kprofessional.ca%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=13&tfd=5770
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B0SWYRGB58&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.180.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: on-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://clients.kprofessional.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 14:20:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clients.kprofessional.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.wdfl.co
URL: https://r.wdfl.co/rw.js

Domain: cmp.osano.com
URL: https://cmp.osano.com/AzqaarTYa9oY2oB/36cd0367-ca42-40c5-b3d6-679e8a77cc21/osano.js

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/logo.svg

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2023/03/trac-1.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2023/02/618c9caeaa995970ec0585b5___digisist_full_red-dark.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/12/HB-Logo-1172-%C3%97-300-px-transparent-background.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/12/desktop-logo-300.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/12/VM-WASEK-5.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/12/AutomatedAccountingNewStd-1.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/12/Specialty-Bookkeepers-and-tax-logo-circle-horiz-small-300x60-1.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/12/Lionshare-Bookkeeping-logo.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/plumb.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/mountain.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/Logo_wide.webp

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/go-logo-shadow.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/Artboard.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/6oun26huSMOdnrttzVJK_PNG_1.png

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2024/01/Screenshot-2024-01-09-at-2.41.49%E2%80%AFPM.png

Domain: player.vimeo.com
URL: https://player.vimeo.com/api/player.js

Domain: clients.kprofessional.ca
URL: https://clients.kprofessional.ca/wp-content/uploads/2022/11/Untitled-design-18-1.png

Domain: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2DKZ49V

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kprofessional.ca/	1970-01-20 22:57:30	Name: _gcl_au Value: 1.1.1095146653.1716474039
.kprofessional.ca/	1970-01-21 06:23:54	Name: _ga_B0SWYRGB58 Value: GS1.1.1716474038.1.0.1716474038.60.0.0
.doubleclick.net/	1970-01-20 20:47:54	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 22:57:30	Name: li_sugr Value: 88b1c8f7-cbb4-4054-b0cc-27fde8e382aa
.linkedin.com/	1970-01-21 05:33:30	Name: bcookie Value: "v=2&92557b33-987c-40c7-8aae-9754b7d95028"
.linkedin.com/	1970-01-20 20:49:20	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2903:u=1:x=1:i=1716474039:t=1716560439:v=2:sig=AQGwBCKHwbWjU-SNrstkRh0Np-4xwRn-"
.kprofessional.ca/	1970-01-20 22:57:30	Name: _fbp Value: fb.1.1716474039128.823054217
.kprofessional.ca/	1970-01-21 06:23:54	Name: _ga Value: GA1.2.1757384106.1716474039
.kprofessional.ca/	1970-01-20 20:49:20	Name: _gid Value: GA1.2.1498768066.1716474039
.kprofessional.ca/	1970-01-20 20:47:54	Name: _gat_gtag_UA_224894234_1 Value: 1
.linkedin.com/	1970-01-20 21:31:06	Name: UserMatchHistory Value: AQK9g-lBhLEEowAAAY-l00ttHF6_R-hGDsqbz65qw8Ek52JD-5_cZEMZ5hlNdXJhYHipEQ7sKXQ0sw
.linkedin.com/	1970-01-20 21:31:06	Name: AnalyticsSyncHistory Value: AQK8OH04R2rLNQAAAY-l00ttJI8FBqCfPsgWpKakIZKQzXqCHpJb3MZayy-h2CCqXPod44PrZf5mKNQNQ6kWMw
.www.linkedin.com/	1970-01-21 05:33:30	Name: bscookie Value: "v=1&20240523142039c4ae64a3-3331-4066-88f6-c61f43745eb6AQEG5mDLHVm8G1e9Yf0Ng89URgcNFumh"
clients.kprofessional.ca/	1970-01-20 20:49:20	Name: _lr_tabs_-fchghe%2Fkeeper Value: {%22sessionID%22:0%2C%22recordingID%22:%225-f4d2220b-cb73-4508-addd-ad5cff1ec764%22%2C%22webViewID%22:null%2C%22lastActivity%22:1716474040148}
clients.kprofessional.ca/	1970-01-20 20:49:20	Name: _lr_hb_-fchghe%2Fkeeper Value: {%22heartbeat%22:1716474040149}
clients.kprofessional.ca/	1969-12-31 23:59:59	Name: _lr_uf_-fchghe Value: 365eed81-b4b2-4727-8736-2b8a50fc2a93

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tag.clearbitscripts.com/v1/pk_9c0902078aa80874cb16c2234e137845/tags.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://clients.kprofessional.ca/client-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app.launchdarkly.com
cdn.intake-lr.com
cdnjs.cloudflare.com
clients.kprofessional.ca
clientstream.launchdarkly.com
cmp.osano.com
code.jquery.com
connect.facebook.net
developers-dot-devsite-v2-prod.appspot.com
events.launchdarkly.com
fonts.googleapis.com
global.keeper-app-backend.com
googleads.g.doubleclick.net
js.intercomcdn.com
o552561.ingest.sentry.io
player.vimeo.com
px.ads.linkedin.com
r.intake-lr.com
r.wdfl.co
snap.licdn.com
static.cohere.so
stats.g.doubleclick.net
tag.clearbitscripts.com
voice.cohere.so
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
clients.kprofessional.ca
cmp.osano.com
code.jquery.com
player.vimeo.com
r.wdfl.co
www.googletagmanager.com
104.17.24.14
104.18.4.86
104.18.5.86
104.198.23.205
104.21.14.29
108.138.64.81
108.138.85.52
13.107.42.14
142.250.31.155
142.251.111.97
142.251.163.94
142.251.167.101
142.251.167.106
151.101.2.217
172.253.115.95
172.253.62.157
172.253.63.153
18.154.227.129
18.233.115.216
213.188.198.15
23.218.218.173
3.162.125.72
31.13.66.19
31.13.66.35
34.120.195.249
64.233.180.100
76.223.31.44
0a7407fe631e920bdb4c4b76b202124757286a2c3a64c751fda6511f736c91f4
254f8952311b0fd9d1dfdbac116fe8bd46b61e32883910f8505d05500d548940
376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4
3e58369ab78ff29e61530d52412c3a33f74487b97a700c5d31a4672fd96447e7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47661d1ccc561fca5b96f362c96588493b3ac8dee94cc177e2138216594efc6e
4d1bba5223479be2545f7cfaf04435c3d7c937b083371e75463fedbddbd36ba5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fd07469a2eaaf881952389d0f721835a52819bf3a233eb72fff173251f22ec1
4fe54bb9ac95789950230a85bbe0b94af06d9b6cef5d166a291d2eff4cee8421
521bf0423a56c40d1ffeaf6f0a9fa1da940c487284307f85e995756670dab671
525ec8aaeeab83fc933bf4ae7a8967451a208edde7509cccc2f90d50e67881a1
603d33c5e40531598a27bb5ec10cecbdaeb0e340345b82063becec2dd59f6dbe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
739bd358f5a586be808941dcb4308e33375e782637095090c77b34a461488b23
76e27467a4add071be68e6ef6853a6d09a78c4c2eb21070f0db9f254a53314cf
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8f4d640240698260f5c32ec635b2fb8ec1dad3458dbf49c5ea7fdf48a353580a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad22d9efebaf0a4b0551050acec6470b90f7567e61f1a45ad089c3d5a67301d5
af248967612a92715a6e054f903572de3b0fdac53c00ef538d342e91b0ce2d49
b42ebdb8e62b506874f39955da26d972e8a51056e6b0c385b9da9c1339010dbc
ba179aaadbba81058865bc6b2382582ffd6dd3f24f5aa0dbae2eb33980f31b96
bd1227088541bff81198d6d7e4f24ca0393b6132fa89ec68e31e174d68659752
d263deb974a65468860d9ea67bee22ed7b27cbdc99ec77a96eb3e7e214e5bcb7
d439c91c81a7dcd715cae130359cb5a248cfbc48abf6ae7ed7b55cab6afc9f26
d70f258f3216195401bae6fcefe8e0bf3b12cf7466296318641d0e5e13568212
d83e44764532179f55b0bacf8b5040a79e1dde6b7e5b21d75c906b6440db14af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e0489ee88859828ddc9d14bcfba3f324deacbd0ac9c9b1c0b538d423760894
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
e9f1107c9df7c79a779c308a91e99bc629d53956e2f0e646a303f3a8f3cc7603
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f317d059f50d4ca3d28a2e040a8f6b2ffba733ab05fad8a0a2915c55479c43f0
fa6b2488d92659a884c28c519545f21e73addaffa5f9b893beb67a7c68529422

clients.kprofessional.ca Open in urlscan Pro 213.188.198.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

71 %HTTPS

0 %IPv6

25 Domains

32 Subdomains

28 IPs

2 Countries

3993 kBTransfer

14984 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

clients.kprofessional.ca Open in urlscan Pro
213.188.198.15 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

71 %
HTTPS

0 %
IPv6

25
Domains

32
Subdomains

28
IPs

2
Countries

3993 kB
Transfer

14984 kB
Size

16
Cookies

84 HTTP transactions
0 data transactions