www.koho.ca Open in urlscan Pro
2a03:b0c0:3:d0::d23:4001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.koho.ca/
Submission Tags: falconsandbox
Submission: On August 28 via api (August 28th 2021, 7:27:04 pm UTC) from US

Summary HTTP 125 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 39 IPs in 7 countries across 62 domains to perform 125 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d23:4001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.koho.ca.
TLS certificate: Issued by R3 on July 27th 2021. Valid for: 3 months.

This is the only time www.koho.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d23:4001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	95.101.27.76 95.101.27.76	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.207.75 143.204.207.75	16509 (AMAZON-02) (AMAZON-02)
3	206.189.191.180 206.189.191.180	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.101.13.26 151.101.13.26	54113 (FASTLY) (FASTLY)
1	34.102.147.248 34.102.147.248	15169 (GOOGLE) (GOOGLE)
2 35	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
11	35.244.128.15 35.244.128.15	15169 (GOOGLE) (GOOGLE)
4	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	54.71.121.82 54.71.121.82	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.89.35 13.224.89.35	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	72.246.100.56 72.246.100.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.120.52.200 3.120.52.200	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.108.131 18.194.108.131	16509 (AMAZON-02) (AMAZON-02)
2 2	18.184.95.242 18.184.95.242	16509 (AMAZON-02) (AMAZON-02)
3 3	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.197.219.138 18.197.219.138	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:1314:397:4325:f0c1	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.224.101.82 13.224.101.82	16509 (AMAZON-02) (AMAZON-02)
1	3.94.65.142 3.94.65.142	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.231.184.117 34.231.184.117	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.203.33.226 18.203.33.226	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	52.58.164.24 52.58.164.24	16509 (AMAZON-02) (AMAZON-02)
1 1	52.1.230.29 52.1.230.29	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	52.5.82.14 52.5.82.14	14618 (AMAZON-AES) (AMAZON-AES)
1	99.81.82.31 99.81.82.31	16509 (AMAZON-02) (AMAZON-02)
2 2	13.224.96.7 13.224.96.7	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	13.224.96.27 13.224.96.27	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.140.212 45.79.140.212	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	44.240.46.30 44.240.46.30	16509 (AMAZON-02) (AMAZON-02)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
2 3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	52.72.173.19 52.72.173.19	14618 (AMAZON-AES) (AMAZON-AES)
125	39

20 2a03:b0c0:3:d0::d23:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

www.koho.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.27.76 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-76.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-75.fra53.r.cloudfront.net

cdn.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 206.189.191.180 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: cdn102.acsbapp.com

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.26 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.128.15 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 15.128.244.35.bc.googleusercontent.com

cdn.sanity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.121.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-121-82.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-35.zrh50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.246.100.56 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-100-56.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.52.200 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.108.131 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-108-131.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.95.242 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.175.87.114 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.219.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-219-138.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:1314:397:4325:f0c1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.101.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-101-82.zrh50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.65.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-65-142.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.184.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-184-117.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.33.226 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-33-226.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.164.24 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-164-24.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.230.29 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-230-29.compute-1.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.82.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-82-14.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.82.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-82-31.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.7 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-7.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.27 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-27.zrh50.r.cloudfront.net

pixel.placed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.140.212 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-09.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.240.46.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-46-30.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.173.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-173-19.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	26 KB
20	koho.ca www.koho.ca	584 KB
11	sanity.io cdn.sanity.io	138 KB
7	launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com events.launchdarkly.com	4 KB
6	google.com 2 redirects www.google.com	219 B
6	doubleclick.net 4 redirects cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	google.de www.google.de	299 B
4	yahoo.com 3 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	3 KB
4	tiktok.com analytics.tiktok.com	86 KB
3	bluekai.com 3 redirects tags.bluekai.com	2 KB
3	amplitude.com cdn.amplitude.com api.amplitude.com	18 KB
3	google-analytics.com www.google-analytics.com	59 KB
3	googleadservices.com www.googleadservices.com	16 KB
3	acsbapp.com acsbapp.com cdn.acsbapp.com	157 KB
3	bing.com bat.bing.com	9 KB
2	facebook.com www.facebook.com	388 B
2	linkedin.com 1 redirects px.ads.linkedin.com px4.ads.linkedin.com	902 B
2	pubmatic.com 2 redirects image6.pubmatic.com	529 B
2	tapad.com 2 redirects pixel.tapad.com	932 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	620 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	739 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	499 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	778 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	998 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	659 B
2	bidswitch.net 2 redirects x.bidswitch.net	886 B
2	adsrvr.org 2 redirects match.adsrvr.org	913 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	facebook.net connect.facebook.net	113 KB
2	segment.io cdn.segment.io api.segment.io	70 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
1	twitter.com analytics.twitter.com	657 B
1	linksynergy.com consent.linksynergy.com	337 B
1	t.co t.co	455 B
1	taboola.com 1 redirects sync.taboola.com	300 B
1	ispot.tv 1 redirects pi.ispot.tv	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	exelator.com loadus.exelator.com	324 B
1	placed.com 1 redirects pixel.placed.com	566 B
1	rubiconproject.com 1 redirects token.rubiconproject.com	332 B
1	mookie1.com 1 redirects odr.mookie1.com	601 B
1	samba.tv 1 redirects ads.samba.tv	291 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	885 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	761 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	484 B
1	agkn.com 1 redirects aa.agkn.com	338 B
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	googleapis.com fonts.googleapis.com	509 B
1	rakuten.com tag.rmp.rakuten.com	21 KB
1	polyfill.io cdn.polyfill.io	550 B
0	survata.com Failed px.surveywall-api.survata.com Failed
125	62

	Domain	Requested by
35	s.amazon-adsystem.com	2 redirects www.koho.ca s.amazon-adsystem.com
20	www.koho.ca	www.koho.ca
11	cdn.sanity.io	www.koho.ca
6	www.google.com	2 redirects www.koho.ca
4	www.google.de	www.koho.ca
4	app.launchdarkly.com	www.koho.ca
4	analytics.tiktok.com	www.koho.ca analytics.tiktok.com
3	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
3	ups.analytics.yahoo.com	3 redirects
3	tags.bluekai.com	3 redirects
3	www.google-analytics.com	cdn.segment.io www.google-analytics.com www.koho.ca
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	bat.bing.com	www.koho.ca bat.bing.com
2	events.launchdarkly.com	www.koho.ca
2	cdn.acsbapp.com	www.koho.ca
2	www.facebook.com	www.koho.ca
2	api.amplitude.com	www.koho.ca
2	image6.pubmatic.com	2 redirects
2	pixel.tapad.com	2 redirects
2	ib.adnxs.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	connect.facebook.net	cdn.segment.io connect.facebook.net
2	www.googletagmanager.com	www.koho.ca cdn.segment.io
1	analytics.twitter.com	static.ads-twitter.com
1	consent.linksynergy.com	www.koho.ca
1	clientstream.launchdarkly.com	www.koho.ca
1	t.co	www.koho.ca
1	stats.g.doubleclick.net	www.koho.ca
1	px4.ads.linkedin.com	www.koho.ca
1	px.ads.linkedin.com	1 redirects
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	pixel.placed.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	beacon.krxd.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	sync.targeting.unrulymedia.com	1 redirects
1	aa.agkn.com	1 redirects
1	snap.licdn.com	cdn.segment.io
1	static.ads-twitter.com	cdn.segment.io
1	cdn.amplitude.com	cdn.segment.io
1	api.segment.io	www.koho.ca
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.koho.ca
1	tag.rmp.rakuten.com	www.koho.ca
1	cdn.polyfill.io	www.koho.ca
1	acsbapp.com	www.koho.ca
1	cdn.segment.io	www.koho.ca
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
125	73

This site contains links to these domains. Also see Links.

Domain
accessibe.com

Subject Issuer	Validity	Valid
koho.ca R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-10-05`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.rmp.rakuten.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-02-15`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
sanity.io R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
clientstream.launchdarkly.com Amazon	`2020-10-21` - `2021-11-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
consent.linksynergy.com GTS CA 1D4	`2021-07-24` - `2021-10-22`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
events.launchdarkly.com Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.koho.ca/
Frame ID: EDBB9D5EE1E682D6B5315C86C6E5A3FF
Requests: 99 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400&dcc=t
Frame ID: 5BCD6B5A16BFB0E7D9D6E3EFEFD7F9EB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM
Frame ID: 6339BA76163099B09F9B074B823A05F5
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KOHO: Reloadable Prepaid Visa Card | No Fees & Instant Cash Back on Everything

Detected technologies

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Netlify/i

Page Statistics

125
Requests

99 %
HTTPS

23 %
IPv6

62
Domains

73
Subdomains

39
IPs

7
Countries

1410 kB
Transfer

4853 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400&dcc=t

Request Chain 43

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&dcc=t

Request Chain 76

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=N34g1y99999K9ioC

Request Chain 77

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=165000203892000302771&ex=neustar.biz

Request Chain 78

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6936022020 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6936022020 HTTP 302
https://sync.1rx.io/usersync/tradedesk/7d38a0e6-fc2a-40f3-8059-9b29b20e67ba HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-77673172-f562-449c-b99c-519d2f75dd9a-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-77673172-f562-449c-b99c-519d2f75dd9a-003%26ex%3Drhythmone.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=RX-77673172-f562-449c-b99c-519d2f75dd9a-003&ex=rhythmone.com

Request Chain 79

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bf61338cce62aeabc8afe454ff299991

Request Chain 80

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=NNuuvy99999K9ioC

Request Chain 81

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPe22a3b2f-0835-11ec-9286-0629c465fcda HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPe22a3b2f-0835-11ec-9286-0629c465fcda&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?id=01ac44d66e890c29a1a5df27a73bc731d362d7f8&ex=aoldisplay.com

Request Chain 82

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4f5029c9-d158-4cce-889e-8e6dfe294d0c

Request Chain 86

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=c0dbaf5f5fdca778c9f64864c393f65&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 87

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 89

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e10c841f52b23ce8

Request Chain 90

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=A5r3lQxHTxqGUFXeALhJ3Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=A5r3lQxHTxqGUFXeALhJ3Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91831324637951612880130429680699917345

Request Chain 91

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=tV5o22c1QbeuYwr91LmWLA HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812227912581582595&gdpr=&gdpr_consent=

Request Chain 93

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6037327531066404406

Request Chain 94

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=e2753a1e-0835-11ec-87c2-194044dd0206 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=e27539d8-0835-11ec-87c2-194044dd0206

Request Chain 95

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22e941d54c-7e3c-40cb-bec6-25d5528442fa%22,%22Time%22:%2220210828T152646.743805%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=e941d54c-7e3c-40cb-bec6-25d5528442fa

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECYhSslphtRYzU_wFYOxSrk&google_cver=1

Request Chain 97

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 98

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=aa30021906218723c38bee3a43950eb7

Request Chain 99

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=285ccfb8-778e-ca21-1d71-9499fc5bc579

Request Chain 100

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KHi6xyfOSSe9NgI_6lVfpTc4d1w4ZgAC

Request Chain 101

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C9E18EA36333252D

Request Chain 102

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4499394753202184547&ex=appnexus.com

Request Chain 103

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=EriXib2Rj_izTquuoD1pMw&ex=rubiconproject.com&status=ok

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=PRq6hQKgSMqCnnVT4Gl29w& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 105

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-d4d88ded-3886-4510-9f55-222be29a6889&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-d4d88ded-3886-4510-9f55-222be29a6889 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-d4d88ded-3886-4510-9f55-222be29a6889&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-d4d88ded-3886-4510-9f55-222be29a6889 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-d4d88ded-3886-4510-9f55-222be29a6889

Request Chain 107

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DF78D2A611872F0830286D06F

Request Chain 108

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Rd.bCSZ1l2NIh7Sk1p9fDLqpgsYpLm8-

Request Chain 109

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5a2429b5fc178d6f72c428e8b1dc35be8662373013bf0538e8ff6072dab2e6dd

Request Chain 110

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=8993C342-778D-441B-901F-AA625D16D8E3

Request Chain 111

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1630090234400%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=N34g1y99999K9ioC

Request Chain 112

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=b58884a1-cd5f-4687-a002-96d0af9b713f-tuct8241377

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1630178806155&url=https%3A%2F%2Fwww.koho.ca%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1630178806155&url=https%3A%2F%2Fwww.koho.ca%2F&e_ipv6=AQJJzYN_Pmr8rwAAAXuOOos9Be0_cXEd6j7JKtVRwC_13idAMhIoJm7azfbOi4m-sIaLqd7e

Request Chain 132

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9o0qYYDvJ4DZ7_UP3O6S2AY&sscte=1&crd=&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLdb-8aFuWErzqOokXKQv8HWyl6oMbRxc8A HTTP 302
https://www.google.com/pagead/1p-conversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYDvJ4DZ7_UP3O6S2AY&cid=CAQSKQCNIrLM6ZpTKavA8W4Mh_BDudA3BfzfLGN_p14mNM3kOq2A-qzV1tQz&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLa9YK3jF1YjAPel5zlSqoXJSaHPnso5tWg&random=3248973264&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYDvJ4DZ7_UP3O6S2AY&cid=CAQSKQCNIrLM6ZpTKavA8W4Mh_BDudA3BfzfLGN_p14mNM3kOq2A-qzV1tQz&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLa9YK3jF1YjAPel5zlSqoXJSaHPnso5tWg&random=3248973264&resp=GooglemKTybQhCsO&ipr=y

Request Chain 133

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9o0qYYuKKO6P9u8P-uG-wAI&sscte=1&crd=&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLXqaCUpfDi5f9u0QbU1VRQQopM9Pe-hCYw HTTP 302
https://www.google.com/pagead/1p-conversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYuKKO6P9u8P-uG-wAI&cid=CAQSKQCNIrLMVrnxuWv6RTyJvaGUScSpMv6JflaNlGTMQJlVHkNfLTYz5Yn9&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLZanvVeZ3jut36DGrSa2GBnMcwFfD3j0CA&random=1666665562&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYuKKO6P9u8P-uG-wAI&cid=CAQSKQCNIrLMVrnxuWv6RTyJvaGUScSpMv6JflaNlGTMQJlVHkNfLTYz5Yn9&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLZanvVeZ3jut36DGrSa2GBnMcwFfD3j0CA&random=1666665562&resp=GooglemKTybQhCsO&ipr=y

125 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.koho.ca/ 295 KB
41 KB 41ms
6ms Document
text/html 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

7299f74ea105ed53a3bebc058f1805b7c66c3eb2ebdd4983cac932c13eebb8eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.koho.ca
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 27 Aug 2021 20:41:55 GMT
etag: "685b27cce3ffc5983a510cce81f2ef51-ssl-df"
link: </webpack-runtime-efc255640c64fb681977.js>; rel=preload; as=script, </framework-c98446d6f6bc5dfd6500.js>; rel=preload; as=script, </cd5bab3e-d8c378decc33e6a1983c.js>; rel=preload; as=script, </app-e670e2f6ae264291ca00.js>; rel=preload; as=script, </commons-d1afc2ef5a94cf82ae68.js>; rel=preload; as=script, </589ed713fc8705bdcaca5fe2e92bb0a0b9b7f26d-8c96b1aae2dd1764f880.js>; rel=preload; as=script, </component---src-pages-index-tsx-9c576845c3969afc4a80.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/index/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy: same-origin
strict-transport-security: max-age=15768000
content-length: 41152
server: Netlify
content-encoding: br
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
age: 81891
x-nf-request-id: 01FE73N1HH7FAGR403P88T4942

GET
H2 200 webpack-runtime-efc255640c64fb681977.js Show response
www.koho.ca/ 7 KB
3 KB 19ms
17ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/webpack-runtime-efc255640c64fb681977.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

886ad029484d8748d9efa01829b721fa519f17544f9d958cf21cb672eeacdbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /webpack-runtime-efc255640c64fb681977.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1HZSG5CEFPJZGRSR2YT
date: Fri, 27 Aug 2021 20:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81889
strict-transport-security: max-age=31536000
content-length: 2890
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "5761a146d6decc80d9885c62a0412dcf-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 framework-c98446d6f6bc5dfd6500.js Show response
www.koho.ca/ 127 KB
39 KB 16ms
15ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/framework-c98446d6f6bc5dfd6500.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

a8801417a41b97200fab092c58ddc6033e0d53213da8d6c06e3f2a6d68757a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /framework-c98446d6f6bc5dfd6500.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1HZRWFAVMS6WKHTE9R6
date: Fri, 27 Aug 2021 20:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81889
strict-transport-security: max-age=31536000
content-length: 40086
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "961d48cc3fefa069590b12c6afb0f167-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 cd5bab3e-d8c378decc33e6a1983c.js Show response
www.koho.ca/ 453 KB
105 KB 20ms
19ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/cd5bab3e-d8c378decc33e6a1983c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

aa98b27fff76e1d4b854c8b2b3e07ec2d78cea5080a73ad612c19f26cd58e684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /cd5bab3e-d8c378decc33e6a1983c.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1HZQA43KTXC77JWKW6N
date: Fri, 27 Aug 2021 20:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81889
strict-transport-security: max-age=31536000
content-length: 107019
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "a619b1f0e37bf9f1d29c5bee5ffbcce1-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 app-e670e2f6ae264291ca00.js Show response
www.koho.ca/ 265 KB
78 KB 32ms
31ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/app-e670e2f6ae264291ca00.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

f7e45f90ef81243fbc3b1327f9bdb996ca52f49f51a87e33f78bc3f6dfa337ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /app-e670e2f6ae264291ca00.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1HZ9G682KA9PQRFHZ24
date: Fri, 27 Aug 2021 20:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81889
strict-transport-security: max-age=31536000
content-length: 79612
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "fdc62e6ff3f5adcda97f8019c2c88000-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 commons-d1afc2ef5a94cf82ae68.js Show response
www.koho.ca/ 593 KB
156 KB 27ms
26ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/commons-d1afc2ef5a94cf82ae68.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

0cfe3bdfa70d744236192511a17f6da9c94f47f6775bb70c053a30ab867b9097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /commons-d1afc2ef5a94cf82ae68.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1HZ7X5N5RFGHQB1QAX9
date: Fri, 27 Aug 2021 20:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81889
strict-transport-security: max-age=31536000
content-length: 159938
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "3f22a2d894aa3603234c7583828bcbf1-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 589ed713fc8705bdcaca5fe2e92bb0a0b9b7f26d-8c96b1aae2dd1764f880.js Show response
www.koho.ca/ 53 KB
14 KB 26ms
26ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/589ed713fc8705bdcaca5fe2e92bb0a0b9b7f26d-8c96b1aae2dd1764f880.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

dd3f2939328a1110e1fc359e20e8a32a0e2683eb18b59fd13a0afcd6cef94f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /589ed713fc8705bdcaca5fe2e92bb0a0b9b7f26d-8c96b1aae2dd1764f880.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J05E2STM3M56NNR7JM
date: Fri, 27 Aug 2021 20:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81889
strict-transport-security: max-age=31536000
content-length: 13874
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "d58da5982e5da943b94095f51eaa3a71-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 component---src-pages-index-tsx-9c576845c3969afc4a80.js Show response
www.koho.ca/ 29 KB
10 KB 15ms
14ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/component---src-pages-index-tsx-9c576845c3969afc4a80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

658c672e4ca7014e62a9bab6b834ca81111d579ca54c4b7dd69a4847cabc1f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /component---src-pages-index-tsx-9c576845c3969afc4a80.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J0DMM4G73QWPS363MG
date: Fri, 27 Aug 2021 20:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81889
strict-transport-security: max-age=31536000
content-length: 9951
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "b374fcfc0898817fce95a60135ce98d8-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 app-data.json
www.koho.ca/page-data/ 50 B
208 B 14ms
14ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/app-data.json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

ab69584786707a867241dac3eef649ff5d2c62557d73070cc9cdcdf9fb82bf5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/app-data.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J05M3DF65WJ932ANRB
date: Fri, 27 Aug 2021 20:41:56 GMT
referrer-policy: same-origin
server: Netlify
age: 81889
etag: "ebd767cb1cc62142c5ba52e7dce239f1-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 50
x-content-type-options: nosniff

GET
H2 200 page-data.json
www.koho.ca/page-data/index/ 205 B
309 B 17ms
16ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/index/page-data.json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3c2e455c9192e6eeffc92c7221f46403692cbc5cac4092f5148d32383189ad0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/index/page-data.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J0F58GTATBM0P2T8ER
date: Fri, 27 Aug 2021 20:41:56 GMT
referrer-policy: same-origin
server: Netlify
age: 81889
etag: "a59a84e46d9aed29a4e4678ff4b7201f-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 205
x-content-type-options: nosniff

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 46ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:44 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 4EAA68217BEE421B9497698736A5AC11 Ref B: FRAEDGE1319 Ref C: 2021-08-28T19:26:45Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 113 KB
34 KB 252ms
187ms Script
application/javascript 95.101.27.76
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.76 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-76.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 83b6d802aa090ce29898946d1e0ddfdbe5dfa984870b14badb85025d1635d8dd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id: 5484f6d9.416d24c
date: Sat, 28 Aug 2021 19:26:45 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-52-40-143.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-76.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 156,92.123.107.76
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=5, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 202108281926450102450452133758688E
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.52.40.143
x-tt-trace-host: 0121355237834a2543abb03d0d1e1fb546de756f237338ecd352d00fce47e0ebb2d01f2258a10118397e24217bf14b3f60bca0c3660c420b2134acac50b0e8b5cb9f929d7b6d308cb3dea12f9554d1fb08c2b7028ce57fb82409988461a56f2f3927c7c13ac8cd76d6507246cc92baee71
expires: Sat, 28 Aug 2021 19:26:45 GMT

GET
H2 200 1319236167.json
www.koho.ca/page-data/sq/d/ 63 KB
12 KB 22ms
21ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/1319236167.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

2782912d4a379634c1972af62d3016850711b3777691741c49c960d99d74fe5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/sq/d/1319236167.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J27VC9GZ90K62HV36T
date: Fri, 27 Aug 2021 20:41:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81888
strict-transport-security: max-age=31536000
content-length: 11741
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "91fa4d9e2f05a870871fad9d9d3ea152-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 2616581508.json
www.koho.ca/page-data/sq/d/ 2 KB
488 B 33ms
32ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/2616581508.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

2487584d1d5e94425b0181d326b8fb1d323b29e7b94d3358fd6c7d26d58377fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/sq/d/2616581508.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J2RWMCHMZRFKBCN19Z
date: Fri, 27 Aug 2021 20:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81888
strict-transport-security: max-age=31536000
content-length: 380
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "0686a18dc5d5d219a1dd6156c9b4f5a8-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 2744905544.json
www.koho.ca/page-data/sq/d/ 57 B
185 B 14ms
13ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/2744905544.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

68f9b9134bf198470bf6ea801ee4cda7d59cb38b36dc7c73f068a15733636b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/sq/d/2744905544.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J2EADN1Z6H5FMWTJWW
date: Fri, 27 Aug 2021 20:41:57 GMT
referrer-policy: same-origin
server: Netlify
age: 81888
etag: "c0a6224c0fbf677c05e637c111b59260-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 57
x-content-type-options: nosniff

GET
H2 200 2745130768.json
www.koho.ca/page-data/sq/d/ 855 B
960 B 26ms
25ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/2745130768.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

637931eacc5a7439b79149780f7370434f24b4b5cf764d88c479aba9cb47538a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/sq/d/2745130768.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J3WT22K7N9MMCFXNWC
date: Fri, 27 Aug 2021 20:41:57 GMT
referrer-policy: same-origin
server: Netlify
age: 81888
etag: "3485596bd88c021b770440e2e3909fbf-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 855
x-content-type-options: nosniff

GET
H2 200 609459093.json
www.koho.ca/page-data/sq/d/ 626 B
732 B 16ms
15ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/609459093.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3da26abb943827f784b20c95594adb89bd951c44a89e84c66f517455508b1c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/sq/d/609459093.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J4Q1WWZ1XWRMRT6K5P
date: Fri, 27 Aug 2021 20:41:57 GMT
referrer-policy: same-origin
server: Netlify
age: 81888
etag: "8856301ab4e75db7daf8ea3a0e741e44-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 626
x-content-type-options: nosniff

GET
H2 200 93387544.json
www.koho.ca/page-data/sq/d/ 331 KB
26 KB 16ms
15ms Other
application/json 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/93387544.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

388b1806a542af580c3bf12fa4862af386b8a8200154fe90fc86095d50f4fdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /page-data/sq/d/93387544.json
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1J4NWDGS1ZP1K7HAP7W
date: Fri, 27 Aug 2021 20:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81888
strict-transport-security: max-age=31536000
content-length: 26140
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "bf72684bce6aed6050099eb127a1811b-ssl"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
40 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c193c4a9f2405bec9d8801e1b264b47bdff3122a0328c8006b09e1834eea62c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40362
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 19:26:45 GMT

GET
H/1.1 200
OK analytics.min.js Show response
cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/ 414 KB
70 KB 721ms
627ms Script
text/javascript 143.204.207.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-75.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ac86714f52c3116e33e0e972e5f89522654a4a0ae9bdfe36482feb308c73e9b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: P7U8jO9FgkVMF3e6vVCATbRUfOB4oLsT
Content-Encoding: br
ETag: W/"9427e42bba4a2f76a684273d83d0e2b7"
X-Amz-Cf-Pop: FRA53-C1
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jul 2021 23:57:10 GMT
Server: AmazonS3
Date: Sat, 28 Aug 2021 19:26:46 GMT
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: text/javascript; charset=utf-8
Via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
Cache-Control: public, max-age=120
X-Amz-Cf-Id: AfdPqzRQJmPOs19O9Sp3pfvAx6ySRBgg5BXAjZsx-PbNQITaRsbTrw==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 417 KB
137 KB 360ms
119ms Script
application/x-javascript 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 58e40d95870fef25e0f1bd642fbc0b36bbd99b4450ef6ba547b964434499309e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:45 GMT
content-encoding: br
last-modified: Fri, 27 Aug 2021 17:48:34 GMT
etag: "682c0-61292572-3461731750a17bf5;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 139807
expires: Sun, 29 Aug 2021 19:26:45 GMT

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e448770772961d20f0141c02b6696766b8f52f22df94ce404b011d5ae0e31f48

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 basis-grotesque-regular-pro-14e27a296fba4d0a515537b4fc81dacb.woff2
www.koho.ca/static/ 49 KB
49 KB 18ms
17ms Font
font/woff2 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/static/basis-grotesque-regular-pro-14e27a296fba4d0a515537b4fc81dacb.woff2

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/basis-grotesque-regular-pro-14e27a296fba4d0a515537b4fc81dacb.woff2
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1JC5WQNRF7NPVX52NE8
date: Fri, 27 Aug 2021 20:41:57 GMT
referrer-policy: same-origin
server: Netlify
age: 81888
etag: "d8a1a0c36900e07e039c6fe4e91ce4e2-ssl"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000,immutable
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 50128
x-content-type-options: nosniff

GET
H2 200 basis-grotesque-bold-b5f93f83bec082293f58a1798af469eb.woff2
www.koho.ca/static/ 27 KB
27 KB 15ms
15ms Font
font/woff2 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/static/basis-grotesque-bold-b5f93f83bec082293f58a1798af469eb.woff2

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/basis-grotesque-bold-b5f93f83bec082293f58a1798af469eb.woff2
pragma: no-cache
origin: https://www.koho.ca
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.koho.ca
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1JCDN38C2987QPGC6AP
date: Fri, 27 Aug 2021 20:41:57 GMT
referrer-policy: same-origin
server: Netlify
age: 81888
etag: "3c1ed2fdad6224eec9cc6c125b0e741b-ssl"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: public,max-age=31536000,immutable
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 27812
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2775f9134045c38174acb9cf77badff3cfc1cfe2919ec7bb8eb47add1022b394

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bcd93c2711d68e47f66238748e034ead15de88a1c4c0792599afda0bb9ea067

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v3/ 101 B
550 B 89ms
29ms Script
text/javascript 151.101.13.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v3/polyfill.min.js?features=ResizeObserver,smoothscroll

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.26 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 560439
detected-user-agent: HeadlessChrome/92.0.4515
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 89
referrer-policy: origin-when-cross-origin
last-modified: Sat, 21 Aug 2021 07:26:51 GMT
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/92.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0d731642f716eeb3eadb1e53aa826601a827b37a7e069e76a33c5a07129f31f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f059841000d5c7211ea2975d2422c54a5cae4070f58f9acc6c18b3c50063c2b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93e784bb85186ce49cd21ac4a91debd17715a82b5c203ad0a7535d7d0a06fca3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab98d4ccb0415f3649a890d6d41d66aaac83bb5c74e1b92794cff38b3a3795a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 204 56368685.js Show response
bat.bing.com/p/action/ 0
109 B 158ms
158ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56368685.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 28 Aug 2021 19:26:45 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 798D5586660345CAA8400A38E8817F4D Ref B: FRAEDGE1319 Ref C: 2021-08-28T19:26:45Z
x-cache: CONFIG_NOCACHE

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 701218781757fa125d6e34e3051c61521b2c1acb1919ddc115b3f55b59edc219

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e7e3d0e5be5c8eee823df70926f17e2cca09b2b4cdec0fdf83ed16da1119578

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d43dfcad7d3ad157fbec0df52312437faa4c5f80dac48233746a1e0055971961

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8412592ef28ebbc4807894663f1892432bb4770cc96b66b26ec1297878051933

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8bff92e6545043a88da89833cddfa43dcf946407940dcf06cba4fdd4cd076fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 86 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9d7b0cc5ec11e81acc44db8f29db898a2da0c8656a57d8d28d18592cd6bd3e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b33dd08dc58f62eb8b6be088af136a4fd18e7593ab911f22950d9a6c3140a974

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4be9d3c7fb912b4cca966dd6fd5f8df403f2d58156cf237840acb1816dec483

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a15fce61dfb09bc7fda3a6ef50f2aac26b1b81d893a95d8587e1b420c85fbf1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 684-9758c15b9972897aef3d.js Show response
www.koho.ca/ 79 KB
21 KB 8ms
7ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/684-9758c15b9972897aef3d.js

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/webpack-runtime-efc255640c64fb681977.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3c4ee94ca982c185d2124204bb31ca6b720fa31b0ca4c79bfc360ef56831e7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /684-9758c15b9972897aef3d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N1RA930A4GBE46NX25KJ
date: Fri, 27 Aug 2021 20:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81887
strict-transport-security: max-age=31536000
content-length: 21802
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "4aa3b3d2d1169e481e6ae5def8e180b4-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 122943.ct.js Show response
tag.rmp.rakuten.com/ 64 KB
21 KB 1121ms
283ms Script
text/javascript 34.102.147.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rmp.rakuten.com/122943.ct.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/app-e670e2f6ae264291ca00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: f76c0486fa0d396d5a494ba58335fd77320644cd9e89b7357e3365ab60b268d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: gzip
last-modified: Sat, 28 Aug 2021 19:26:46 GMT
x-cache: miss
x-samesite: secure
via: 1.1 google
cache-control: max-age=86400
accept-ranges: bytes
content-type: text/javascript
alt-svc: clear

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame 5BCD
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...

602 B
1 KB

140ms
140ms

Document
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400&dcc=t

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-e670e2f6ae264291ca00.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

bcb4caa5ae816c712cee74a5211ae62f79ca60ee4ffd55aa636f45efdebc5571

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A7WLnL-6ckHbqR9a4m3RYoc|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server: Server
Date: Sat, 28 Aug 2021 19:26:45 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 602
Connection: keep-alive
x-amz-rid: 7RZH6T53WWQYKK6NCCFD
Set-Cookie: ad-id=A7WLnL-6ckHbqR9a4m3RYoc; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 19:26:45 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 19:26:45 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Sat, 28 Aug 2021 19:26:45 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 4TRRP9E3X768YN37QEJH
Set-Cookie: ad-id=A7WLnL-6ckHbqR9a4m3RYoc|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 19:26:45 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...

43 B
932 B

141ms
141ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&dcc=t

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: REB0A9EWN4XAWZNM8SQP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X767SRTJ3RVJER3JY1C6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
173 B 42ms
42ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56368685&Ver=2&mid=5e75cfac-c41b-4077-811a-8bd6f0842ec3&sid=e1bd0a20083511ec96c38d4a6b3bf10a&vid=e1bd63e0083511eca2e2875107fb8e5a&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&kw=Prepaid%20Visa,%20Prepaid%20Visa%20Card,%20Cash%20Back,%20Online%20Banking,%20Banking%20App,%20KOHO&p=https%3A%2F%2Fwww.koho.ca%2F&r=&lt=210&evt=pageLoad&msclkid=N&sv=1&rn=274497
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 28 Aug 2021 19:26:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 501C4395DF9E42A18AFE1EDBFD91EC5E Ref B: FRAEDGE1319 Ref C: 2021-08-28T19:26:45Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7cb61fbc77003c7dedd9ebd45478ba484b652e36-440x112.png
cdn.sanity.io/images/lo2qjzoq/production/ 3 KB
3 KB 232ms
135ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/7cb61fbc77003c7dedd9ebd45478ba484b652e36-440x112.png?w=212&h=54&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

0ebe940ed4a00c9aa613b1cbed61c09242e99985cbc0f4a28cd0d795a0e85850

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: aa077c57065155e3
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: aa077c57065155e3
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 2774
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 7b69588a4e5d7b258ec4a21a46b64d5528106b6b-1176x1242.png
cdn.sanity.io/images/lo2qjzoq/production/ 18 KB
18 KB 781ms
685ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/7b69588a4e5d7b258ec4a21a46b64d5528106b6b-1176x1242.png?rect=0,0,1176,1241&w=576&h=608&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

fd004258c3c816a7f5b4fb3619a9054d0ad6f49c08dff327e9962a1dbe88870b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: 37066e4b97ea6d2e
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: 37066e4b97ea6d2e
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 18286
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 8402d9dd79fbf271c86883c073df6ae1056d2a6d-1900x143.png
cdn.sanity.io/images/lo2qjzoq/production/ 12 KB
12 KB 246ms
150ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/8402d9dd79fbf271c86883c073df6ae1056d2a6d-1900x143.png?w=970&h=73&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

1a61a8404ee495e19d9596ba6a7a8d2014a0cc14cbe63bdccda767d461e0472e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: 7f5afffc7f1070a8
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: 7f5afffc7f1070a8
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 12138
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 4957ac9de133f635f784d51c34d377d60396a403-948x852.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
17 KB 273ms
177ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/4957ac9de133f635f784d51c34d377d60396a403-948x852.png?w=472&h=424&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

83ba29fce57896360b8e41e7ef2518302f2e2785981fe9ea5231d63b97fef010

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: de6f791f0dc4d0cb
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: de6f791f0dc4d0cb
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 16812
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 f1b9872a04d0392becb16091027708b0b1d59212-847x854.png
cdn.sanity.io/images/lo2qjzoq/production/ 17 KB
17 KB 564ms
468ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/f1b9872a04d0392becb16091027708b0b1d59212-847x854.png?w=472&h=476&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

de3e28cc68fc62a20bf83c46bfa6437cf56df975c49ec69ae5fd4194f45f5f50

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: 4bb181c8fbafdb00
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: 4bb181c8fbafdb00
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 17540
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 d00640f756f5577b5f2adbea852bc8b9e7e40e0a-928x862.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
16 KB 267ms
215ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/d00640f756f5577b5f2adbea852bc8b9e7e40e0a-928x862.png?rect=0,0,928,861&w=472&h=438&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

25e7ebf9e9c15a90ad6ecdfee7938d277c21e572f0cab61353993d450cc5ffda

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: aa1badab82d89cae
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: aa1badab82d89cae
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 16658
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 ac45933e1bc954c0e95a20ecc3233e2b2b151607-734x52.png
cdn.sanity.io/images/lo2qjzoq/production/ 5 KB
5 KB 464ms
463ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/ac45933e1bc954c0e95a20ecc3233e2b2b151607-734x52.png?rect=3,0,728,52&w=420&h=30&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

07854e6586eb862f14c989f142d09f8ff8e139e2e5b0830ce297e67f3a15ce4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: d3becf728b710b5f
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: d3becf728b710b5f
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 5178
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 740996d18488c7e3e67302f11bbee749d3e629fe-1174x1232.png
cdn.sanity.io/images/lo2qjzoq/production/ 18 KB
18 KB 469ms
469ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/740996d18488c7e3e67302f11bbee749d3e629fe-1174x1232.png?w=688&h=722&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

308883bf05de6cd715920ceaf6509b520aa23e4b195b1439c4059b96e4ffbbc4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: b042a621cf736f28
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: b042a621cf736f28
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 18828
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 96d03c135b7d49d6109caa2e6ed26a4df309e655-1920x725.png
cdn.sanity.io/images/lo2qjzoq/production/ 10 KB
10 KB 503ms
502ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/96d03c135b7d49d6109caa2e6ed26a4df309e655-1920x725.png?rect=2,0,1916,725&w=576&h=218&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

4c89ad605f96915ce4012b6b1700843e596e116dadb2b8b48aa540115467c515

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: 3b58a7e05800dd3a
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: 3b58a7e05800dd3a
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 10240
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 75c042f88eb34f95e127c2db88cfe5eccb0f9c19-1049x1902.png
cdn.sanity.io/images/lo2qjzoq/production/ 13 KB
13 KB 543ms
542ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/75c042f88eb34f95e127c2db88cfe5eccb0f9c19-1049x1902.png?rect=0,0,1049,1901&w=144&h=261&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

c14e96d40f6933dd55cd9fcadcf3eed5eeb112b9df6bfb5db5351758aa377136

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: ea9c67d2362b192
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: ea9c67d2362b192
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 13124
cache-control: public, max-age=31536000, s-maxage=2592000

GET
H2 200 ffdb67d685ed1a005b8a4369227e500e6fdb0ec9-599x801.png
cdn.sanity.io/images/lo2qjzoq/production/ 8 KB
8 KB 466ms
465ms Image
image/webp 35.244.128.15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/ffdb67d685ed1a005b8a4369227e500e6fdb0ec9-599x801.png?w=240&h=321&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.128.15 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.128.244.35.bc.googleusercontent.com

Software

Resource Hash

4d548c6334b5e1c46e91fa0432920094cde9eebab964d67e3a48d5106a9880af

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 google
x-content-type-options: nosniff
xkey: project-lo2qjzoq-production
x-b3-traceid: 1268f4995a0b3a34
date: Sat, 28 Aug 2021 19:26:45 GMT
vary: accept
content-type: image/webp
x-varnish-age: 0
x-b3-spanid: 1268f4995a0b3a34
x-b3-sampled: 0
accept-ranges: bytes
alt-svc: clear
content-length: 7996
cache-control: public, max-age=31536000, s-maxage=2592000

OPTIONS
H2 200 5f05eea3fa48230af9ecce82
app.launchdarkly.com/sdk/goals/ Frame 0
0 472ms
406ms Preflight 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f05eea3fa48230af9ecce82

Protocol

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Origin: https://www.koho.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Sat, 28 Aug 2021 19:26:46 GMT
via: 1.1 varnish
x-served-by: cache-fra19124-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1630178806.844158,VS0,VE379
vary: Accept-Encoding
age: 0
content-length: 23

GET
H2 200 5f05eea3fa48230af9ecce82 Show response
app.launchdarkly.com/sdk/goals/ 2 B
162 B 393ms
391ms XHR
application/json 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f05eea3fa48230af9ecce82

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-e670e2f6ae264291ca00.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/2.23.0
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Sat, 28 Aug 2021 19:26:46 GMT
content-length: 26
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1630178806.252153,VS0,VE364
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 1

GET
H2 200 876-f09642e21774dd7c98d3.js Show response
www.koho.ca/ 1 KB
750 B 8ms
8ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/876-f09642e21774dd7c98d3.js

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/webpack-runtime-efc255640c64fb681977.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

3f797d7451ce0fe87d9677b4f692b1292ebce28544912b82e5649fba8cc4a610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /876-f09642e21774dd7c98d3.js
pragma: no-cache
cookie: _uetsid=e1bd0a20083511ec96c38d4a6b3bf10a; _uetvid=e1bd63e0083511eca2e2875107fb8e5a
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.koho.ca
referer: https://www.koho.ca/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nf-request-id: 01FE73N20E8QSWY5Y88J9SDQQK
date: Fri, 27 Aug 2021 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81887
strict-transport-security: max-age=31536000
content-length: 620
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: SAMEORIGIN
etag: "cb569f3cb93ecce60d92ff0ec870a8df-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 999 B
509 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:500

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-e670e2f6ae264291ca00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48f1cec4d3a98b4af33a83c44f3599a5bb2ac6d4995b793291ed5f0148fcd84c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 19:14:54 GMT
server: ESF
date: Sat, 28 Aug 2021 19:26:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 19:26:45 GMT

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImUxZTRjZDQwLTA4MzUtMTFlYy1iZWM3LTczZDM4Y2Y4ZmU1NiJ9
app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/ Frame 0
0 84ms
32ms Preflight 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImUxZTRjZDQwLTA4MzUtMTFlYy1iZWM3LTczZDM4Y2Y4ZmU1NiJ9
Protocol: H2
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Origin: https://www.koho.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
allow: OPTIONS, GET
accept-ranges: bytes
date: Sat, 28 Aug 2021 19:26:45 GMT
via: 1.1 varnish
x-served-by: cache-fra19124-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1630178806.844149,VS0,VE4
age: 0
content-length: 0

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImUxZTRjZDQwLTA4MzUtMTFlYy1iZWM3LTczZDM4Y2Y4ZmU1NiJ9 Show response
app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/ 19 KB
3 KB 423ms
423ms XHR
application/json 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImUxZTRjZDQwLTA4MzUtMTFlYy1iZWM3LTczZDM4Y2Y4ZmU1NiJ9
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/app-e670e2f6ae264291ca00.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8274d368423efc5a325b15f523737b057683a8688ecbf2d3ef07863c2dba763e

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/2.23.0
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: gzip
vary: Authorization, Accept-Encoding
age: 0
x-cache: MISS
content-length: 3232
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
x-timer: S1630178806.876726,VS0,VE395
etag: "2610dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 195ms
195ms Script
application/javascript 95.101.27.76
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.76 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-76.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id: ce271af7.416d594
date: Sat, 28 Aug 2021 19:26:45 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-53-33-173.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-76.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 165,92.123.107.76
server-timing: cdn-cache; desc=MISS, edge; dur=160, origin; dur=5, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 202108281926450102450491831557E1AC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.53.33.173
x-tt-trace-host: 0121355237834a2543abb03d0d1e1fb546de756f237338ecd352d00fce47e0ebb2ef98753e4da97d7803e5dd87b1f8bf9f562c7740a4d7c4c60bf171f742b3704cb5cbf7ade77a1c661d32391e25fc6e48e2c4b75eb85ecfdaca7e029a14e5ec49ec8ab6b79cb7aa13c99e3cd844fcd67e
expires: Sat, 28 Aug 2021 19:26:45 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 190ms
190ms Script
application/javascript 95.101.27.76
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BTGIL6BQ55EMJL0L2V00&hostname=www.koho.ca
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.76 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-76.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b5edbaf6dc6a49994a970bf7e2618a58fb272c23d01c955e186210157af9c085

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-akamai-request-id: a12d207c.416d5ac
date: Sat, 28 Aug 2021 19:26:45 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-53-33-143.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-76.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 159,92.123.107.76
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=6, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 20210828192645010245024158285B658B
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.53.33.143
x-tt-trace-host: 0121355237834a2543abb03d0d1e1fb546de756f237338ecd352d00fce47e0ebb287175113730cd93f56c0ca30c211141fc8877d219633e92ea8f73232ef24d96267324eb6e12bb0e4e641432c8b636ba5e1c32d0d172ce3d2b5caef6d942c117ed261bbc8a1298af775771f8b97c52607
expires: Sat, 28 Aug 2021 19:26:45 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 221ms
221ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14053
x-xss-protection: 0
server: cafe
etag: 9441931574288766250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 19:26:45 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.koho.ca
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 19:08:51 GMT
x-content-type-options: nosniff
age: 346674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20348
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:07:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 19:08:51 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 6339 5 KB
6 KB 123ms
123ms Document
text/html 209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

852b2c1669b97568665432e39d0b395a2354354ce5afbb869d9212c3750216f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-privacy=0; ad-id=A5KsUngsWkGWjPrQ2fCJkVQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=732952957270507400&dcc=t

Response headers

Server: Server
Date: Sat, 28 Aug 2021 19:26:46 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5343
Connection: keep-alive
x-amz-rid: 1HNDY1GEBWME1BJB976T
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
714 B 199ms
199ms Ping
application/octet-stream 95.101.27.76
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.76 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-76.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a171bb6b.416d742
date: Sat, 28 Aug 2021 19:26:46 GMT
x-cache-remote: TCP_MISS from a23-64-122-127.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a92-123-107-76.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 169,92.123.107.76
server-timing: cdn-cache; desc=MISS, edge; dur=155, origin; dur=15, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202108281926460102450151361158DA5B
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.64.122.127
x-tt-trace-host: 0121355237834a2543abb03d0d1e1fb546de756f237338ecd352d00fce47e0ebb2f633ef1ffa73f38153ee70c2b00faf5e3059f5d87a0d3c486d2b641a19e8d312e44aa7f411241d25cc36fd6a3b59db4ff6d5a67d043aaf401924ea4fa4b6058fe3b5398f7047e62bcfe3db65e6a6228d
expires: Sat, 28 Aug 2021 19:26:46 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
139 B 546ms
180ms XHR
application/json 54.71.121.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.121.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-121-82.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.koho.ca
date: Sat, 28 Aug 2021 19:26:46 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.io
URL: https://cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6867
date: Sat, 28 Aug 2021 17:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 28 Aug 2021 19:32:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.io
URL: https://cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25996
x-xss-protection: 0
pragma: public
x-fb-debug: K6mAOoczcov4y2JDtjOvcv1Hy5sfKOF9zAOlj64t3L/KUXIaUCX5gDLVt4H6lUzZlL3v/s2EHPKD8ryCkuGj6g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 28 Aug 2021 19:26:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 116ms
43ms Script
application/javascript 13.224.89.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.io
URL: https://cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-35.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 01:09:14 GMT
content-encoding: gzip
age: 18555453
x-cache: Hit from cloudfront
content-length: 17889
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: hRc1Oa318UmVh4yKzv-mLTA1iVuhL4RAUpvo09yflxXoh0gmQ1ixow==

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-902961551

Requested by

Host: cdn.segment.io
URL: https://cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcdde59f42a39ba34b1785a3e433bf17fef73ea8538d733dbdaf23ee4ec91480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39423
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 19:26:46 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 93ms
28ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cdn.segment.io
URL: https://cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 23:59:25 GMT
age: 72487
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1630178806.200212,VS0,VE0
x-served-by: cache-fra19153-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 21ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cdn.segment.io
URL: https://cdn.segment.io/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 19:26:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=83015
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 99 KB
39 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-T48D83B&cid=55401939.1630178806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

106b0776d18e71797d9c93df4bb9a5f9f3312b4912580f2382116dbe744e63f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40411
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 28 Aug 2021 19:26:46 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=N34g1y99999K9ioC

43 B
556 B

268ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=N34g1y99999K9ioC

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V1MJ7KQQN7BCTC5XYE59
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=N34g1y99999K9ioC
Date: Sat, 28 Aug 2021 19:26:46 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 8710
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=165000203892000302771&ex=neustar.biz

43 B
556 B

125ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=165000203892000302771&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HR0VAF15XQVS0MHR9EZX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=165000203892000302771&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6936022020
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6936022020
https://sync.1rx.io/usersync/tradedesk/7d38a0e6-fc2a-40f3-8059-9b29b20e67ba
https://sync.targeting.unrulymedia.com/csync/RX-77673172-f562-449c-b99c-519d2f75dd9a-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-77673172-f562-449c-b99c-519d2f75dd9a-003%26ex%3Dr...
https://s.amazon-adsystem.com/ecm3?id=RX-77673172-f562-449c-b99c-519d2f75dd9a-003&ex=rhythmone.com

43 B
556 B

123ms
122ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=RX-77673172-f562-449c-b99c-519d2f75dd9a-003&ex=rhythmone.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V9T2DRDR9BD9RRQFYC2X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=RX-77673172-f562-449c-b99c-519d2f75dd9a-003&ex=rhythmone.com
date: Sat, 28 Aug 2021 19:26:46 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX77673172f562449cb99c519d2f75dd9a003
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bf61338cce62aeabc8afe454ff299991

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bf61338cce62aeabc8afe454ff299991

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TVMRBNB00RG5NG5YQ3S2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=bf61338cce62aeabc8afe454ff299991
date: Sat, 28 Aug 2021 19:26:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=NNuuvy99999K9ioC

43 B
556 B

240ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=NNuuvy99999K9ioC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5ZV055VVD476BPT5GMRK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=NNuuvy99999K9ioC
Date: Sat, 28 Aug 2021 19:26:46 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 769b
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPe22a3b2f-0835-11ec-9286-0629c465fcda
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UPe22a3b2f-0835-11ec-9286-0629c465fcda&verify=true
https://s.amazon-adsystem.com/ecm3?id=01ac44d66e890c29a1a5df27a73bc731d362d7f8&ex=aoldisplay.com

43 B
556 B

122ms
122ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=01ac44d66e890c29a1a5df27a73bc731d362d7f8&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NBMV8CKQKN28AVHQVDZH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 28 Aug 2021 19:26:46 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=01ac44d66e890c29a1a5df27a73bc731d362d7f8&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4f5029c9-d158-4cce-889e-8e6dfe294d0c

43 B
556 B

219ms
122ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4f5029c9-d158-4cce-889e-8e6dfe294d0c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1ZT2TSHC2RS7DRAAGVRC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Sat, 28 Aug 2021 19:26:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=4f5029c9-d158-4cce-889e-8e6dfe294d0c

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 6339 43 B
183 B 294ms
93ms Image
image/gif 2600:1f18:612b:4216:1314:397:4325:f0c1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1314:397:4325:f0c1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 6339 0
0 399ms
131ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 6339 731 B
731 B 54ms
29ms Image
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 685feee29912145a-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=c0dbaf5f5fdca778c9f64864c393f65&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

189ms
122ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=c0dbaf5f5fdca778c9f64864c393f65&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XQQEGQ5YA9GVPJJG9CCX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=c0dbaf5f5fdca778c9f64864c393f65&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1630178806123073-368
Expires: Sat, 28 Aug 2021 19:26:46 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

119ms
119ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VJN1EBKNGECMAM35D97P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 28 Aug 2021 19:26:46 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=VS7R8ABD5P1PK0YH362C:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: VS7R8ABD5P1PK0YH362C
strict-transport-security: max-age=47474747; includeSubDomains; preload
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-amz-cf-id: v8H53JBlTaGJXaZ5CvGNadKxwUem8jk-t_At-XQBhyQdqd0gdNgaeg==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 6339 0
263 B 469ms
117ms Image
text/plain 3.94.65.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.65.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-65-142.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e10c841f52b23ce8

43 B
556 B

122ms
121ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e10c841f52b23ce8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1CQBYJNQM0E0S079P0RQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e10c841f52b23ce8
date: Sat, 28 Aug 2021 19:26:46 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=A5r3lQxHTxqGUFXeALhJ3Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=A5r3lQxHTxqGUFXeALhJ3Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91831324637951612880130429680699917345

43 B
556 B

122ms
122ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91831324637951612880130429680699917345

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JV2JEDP16ATTCNR943X2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v015-0b4dd7f9c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 47Xqg4joQJs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91831324637951612880130429680699917345
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=tV5o22c1QbeuYwr91LmWLA
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812227912581582595&gdpr=&gdpr_consent=

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812227912581582595&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:48 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZXBNZFYZC8HKEBBCPQD7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812227912581582595&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 6339 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6037327531066404406

43 B
556 B

124ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6037327531066404406

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PVFCWXVE0TT0RTJR3CM2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6037327531066404406
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=e2753a1e-0835-11ec-87c2-194044dd0206
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=e27539d8-0835-11ec-87c2-194044dd0206

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=e27539d8-0835-11ec-87c2-194044dd0206

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EBQY43N414K14W8CTNEK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 28 Aug 2021 19:26:46 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=e27539d8-0835-11ec-87c2-194044dd0206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 75
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22e941d54c-7e3c-40cb-bec6-25d5528442fa%22,%22Time%22:%2220210828T152646.743805%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=e941d54c-7e3c-40cb-bec6-25d5528442fa

43 B
556 B

124ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=e941d54c-7e3c-40cb-bec6-25d5528442fa

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DRY6SYYETXVGDVQAY2SN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=e941d54c-7e3c-40cb-bec6-25d5528442fa
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECYhSslphtRYzU_wFYOxSrk&google_cver=1

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECYhSslphtRYzU_wFYOxSrk&google_cver=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:48 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QF55ZV5RAJXC9XDV8X67
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESECYhSslphtRYzU_wFYOxSrk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6339
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
339 B

140ms
46ms

Image
text/plain

99.81.82.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.82.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-82-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:47 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1630178807
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Sat, 28 Aug 2021 19:26:47 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a006-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=aa30021906218723c38bee3a43950eb7

43 B
556 B

124ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=aa30021906218723c38bee3a43950eb7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WEVDF8KDQ14CYH3XDC2W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 28 Aug 2021 19:26:47 GMT
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=aa30021906218723c38bee3a43950eb7
content-length: 108
x-amz-cf-id: 0VoRMkjva5FwtpjskOVxD_XkcAd8o-OvJG7HpJugoSuBG1JOCTrfWQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=285ccfb8-778e-ca21-1d71-9499fc5bc579

43 B
556 B

123ms
122ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=285ccfb8-778e-ca21-1d71-9499fc5bc579

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Q7ZQ37XXBQHA41A5JKAF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 28 Aug 2021 19:26:47 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=285ccfb8-778e-ca21-1d71-9499fc5bc579
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KHi6xyfOSSe9NgI_6lVfpTc4d1w4ZgAC

43 B
556 B

124ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KHi6xyfOSSe9NgI_6lVfpTc4d1w4ZgAC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H6FRPDH4JZWM46TVJRXV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KHi6xyfOSSe9NgI_6lVfpTc4d1w4ZgAC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Sat, 28 Aug 2021 19:26:47 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C9E18EA36333252D

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C9E18EA36333252D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZJ0WPHCCG3SNAHR578NP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:44 GMT
frontend-id: 12
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C9E18EA36333252D
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=4499394753202184547&ex=appnexus.com

43 B
556 B

124ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=4499394753202184547&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VVKF270FZNM3M4Y8J9SQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
X-Proxy-Origin: 185.236.203.92; 185.236.203.92; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fabab484-754e-44f8-8227-ceddddd6facf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=4499394753202184547&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=EriXib2Rj_izTquuoD1pMw&ex=rubiconproject.com&status=ok

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=EriXib2Rj_izTquuoD1pMw&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7Z6F73YPYF1SV1Z9BFQ6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=EriXib2Rj_izTquuoD1pMw&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=PRq6hQKgSMqCnnVT4Gl29w&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

119ms
119ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:48 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3JW17A1G5B8K8NFG9HWV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-d4d88ded-3886-4510-9f55-222be29a6889&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-d4d88ded-3886-4510-9f55-222be29a6889&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-d4d88ded-3886-4510-9f55-222be29a6889

43 B
556 B

125ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-d4d88ded-3886-4510-9f55-222be29a6889

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 06JVQCF8FDNZ2YQATX0N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-d4d88ded-3886-4510-9f55-222be29a6889
date: Sat, 28 Aug 2021 19:26:47 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 /
loadus.exelator.com/load/ Frame 6339 0
324 B 395ms
48ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_n-xtf-1630090234400_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=PRq6hQKgSMqCnnVT4Gl29w&ep=jV5qzT2MQeWYXlC5fT5__Ho393h1mspnIWL8lR-VaatEZWa_G3-n1KUx8yEnE1FTdL2Zk2Bo82Bs86roKh1FU3VbOVJOuwWthLHg-eozxyM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DF78D2A611872F0830286D06F

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DF78D2A611872F0830286D06F

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M5J6ZWSYZSVXBN3MWNS6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 28 Aug 2021 19:26:47 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DF78D2A611872F0830286D06F
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Sat, 28 Aug 2021 19:26:46 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Rd.bCSZ1l2NIh7Sk1p9fDLqpgsYpLm8-

43 B
556 B

125ms
124ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Rd.bCSZ1l2NIh7Sk1p9fDLqpgsYpLm8-

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SR8J0PFZX28GMWVZ7850
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 28 Aug 2021 19:26:47 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-Rd.bCSZ1l2NIh7Sk1p9fDLqpgsYpLm8-
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5a2429b5fc178d6f72c428e8b1dc35be8662373013bf0538e8ff6072dab2e6dd

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5a2429b5fc178d6f72c428e8b1dc35be8662373013bf0538e8ff6072dab2e6dd

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3T209R052MRH4884TNNM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:47 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=5a2429b5fc178d6f72c428e8b1dc35be8662373013bf0538e8ff6072dab2e6dd
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=8993C342-778D-441B-901F-AA625D16D8E3

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=8993C342-778D-441B-901F-AA625D16D8E3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EQNHRB58W2K8HQ2C6WRF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=8993C342-778D-441B-901F-AA625D16D8E3
date: Sat, 28 Aug 2021 19:26:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1630090234400%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=N34g1y99999K9ioC

43 B
556 B

123ms
122ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=N34g1y99999K9ioC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PK6W384CQC4NBXYWYPQM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1630090234400&id=N34g1y99999K9ioC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
BK-Server: 44ee
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6339
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=b58884a1-cd5f-4687-a002-96d0af9b713f-tuct8241377

43 B
556 B

123ms
123ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=b58884a1-cd5f-4687-a002-96d0af9b713f-tuct8241377

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 19:26:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TP1D1SRHW7WA112TY2BF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=b58884a1-cd5f-4687-a002-96d0af9b713f-tuct8241377
date: Sat, 28 Aug 2021 19:26:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14084

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1630178806155&url=https%3A%2F%2Fwww.koho.ca%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1630178806155&url=https%3A%2F%2Fwww.koho.ca%2F&e_ipv6=AQJJzYN_Pmr8rwAAAXuOOos9Be0_cXEd6j7JKtVRwC_13idAMhIoJm7azfbOi4m-sIaLqd7e

0
156 B

615ms
396ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1630178806155&url=https%3A%2F%2Fwww.koho.ca%2F&e_ipv6=AQJJzYN_Pmr8rwAAAXuOOos9Be0_cXEd6j7JKtVRwC_13idAMhIoJm7azfbOi4m-sIaLqd7e
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:47 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: Pfqw5PyOnxZQjaSrdysAAA==

Redirect headers

date: Sat, 28 Aug 2021 19:26:46 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1630178806155&url=https%3A%2F%2Fwww.koho.ca%2F&e_ipv6=AQJJzYN_Pmr8rwAAAXuOOos9Be0_cXEd6j7JKtVRwC_13idAMhIoJm7azfbOi4m-sIaLqd7e
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: PaWezfyOnxagLpr6nisAAA==

GET
H3-29 200 599633800219052 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 147ms
140ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/599633800219052?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d0dc431bd0ce4d883da2c31973280a1fdc238251dc889b421bfd020b7bd9946

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 17VDR1158ZkU4CuEOni9cy7Tv5hkCAxIMPTFU4BWfVlk+7mgeCr3+CxvDtxBH09r3GQ6cbDpEb2dC7spg2GJyg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 28 Aug 2021 19:26:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=339431107&t=pageview&_s=1&dl=https%3A%2F%2Fwww.koho.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADQAAAAC~&jid=95481930&gjid=1426904068&cid=55401939.1630178806&tid=UA-41908934-3&_gid=1993732051.1630178806&_r=1&_slc=1&z=1464809304

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.koho.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-41908934-3&cid=55401939.1630178806&jid=95481930&gjid=1426904068&_gid=1993732051.1630178806&_u=aGBAAEACQAAAAC~&z=761376251

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 28 Aug 2021 19:26:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.koho.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 28ms
28ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-41908934-3&cid=55401939.1630178806&jid=95481930&_u=aGBAAEACQAAAAC~&z=1574059595

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-41908934-3&cid=55401939.1630178806&jid=95481930&_u=aGBAAEACQAAAAC~&z=1574059595

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 238ms
159ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nvggn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.koho.ca%2F

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 28 Aug 2021 19:26:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d2e34725f335f7b3825a9873a55a5cf868f6200b61d5c4991c9c13e8fafa9397
x-transaction: 25862d8ac97717ec
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 548ms
189ms XHR
text/html 44.240.46.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.46.30 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-46-30.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 28 Aug 2021 19:26:46 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H/1.1 200
OK eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImUxZTRjZDQwLTA4MzUtMTFlYy1iZWM3LTczZDM4Y2Y4ZmU1NiJ9
clientstream.launchdarkly.com/eval/5f05eea3fa48230af9ecce82/ 19 KB
0 150ms
49ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5f05eea3fa48230af9ecce82/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImUxZTRjZDQwLTA4MzUtMTFlYy1iZWM3LTczZDM4Y2Y4ZmU1NiJ9

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 19:26:46 GMT
Ld-Region: eu-west-1
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: text/event-stream; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1630178806326&cv=9&fst=1630178806326&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4df7d998f5d7f2ea32c7615648926c1ed890848e02555c5eedc094002f796a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/902961551/ 2 KB
1 KB 424ms
123ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/902961551/?random=1630178806330&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

cd5086d57e697cf86aa2a27783d3173af95f54a0501ef2ddd0c41f93d8311da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/902961551/ 2 KB
1 KB 808ms
507ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/902961551/?random=1630178806335&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

da106383a0fb35aeb8c11dc77f5474d7ba6eff2185a8e4c8cd1496739ec67fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/902961551/ 0
0 16ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/902961551/?random=1630178806330&cv=9&fst=1630178806330&num=1&fmt=3&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/902961551/ 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/902961551/?random=1630178806335&cv=9&fst=1630178806335&num=1&fmt=3&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=599633800219052&ev=PageView&dl=https%3A%2F%2Fwww.koho.ca%2F&rl=&if=false&ts=1630178806354&sw=1600&sh=1200&v=2.9.45&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1630178806352.341036305&it=1630178806164&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 28 Aug 2021 19:26:46 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/902961551/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/902961551/?random=1630178806326&cv=9&fst=1630177200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&async=1&fmt=3&is_vtc=1&random=3637072800&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/902961551/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/902961551/?random=1630178806326&cv=9&fst=1630177200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&async=1&fmt=3&is_vtc=1&random=3637072800&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 187ms
187ms XHR
text/html 44.240.46.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.46.30 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-46-30.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 28 Aug 2021 19:26:46 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 p
consent.linksynergy.com/consent/v2/ 37 B
337 B 916ms
108ms Image
image/gif 34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.linksynergy.com/consent/v2/p?rmch=cs&tp=gdpr&domain=www.koho.ca&sought=false&attr_sid=122943&in_scope=true&purposes=&vendors=&ext_id=83057b69-fdb5-41d9-a4a7-23056d19b068
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:47 GMT
via: 1.1 google
content-type: image/gif
alt-svc: clear
content-length: 37
x-samesite: secure

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/902961551/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u...
https://www.google.com/pagead/1p-conversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
https://www.google.de/pagead/1p-conversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...

42 B
64 B

21ms
21ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYDvJ4DZ7_UP3O6S2AY&cid=CAQSKQCNIrLM6ZpTKavA8W4Mh_BDudA3BfzfLGN_p14mNM3kOq2A-qzV1tQz&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLa9YK3jF1YjAPel5zlSqoXJSaHPnso5tWg&random=3248973264&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/902961551/?random=1114693978&cv=9&fst=1630178806330&num=1&value=0&label=Ka6fCKTjl3wQj7PIrgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYDvJ4DZ7_UP3O6S2AY&cid=CAQSKQCNIrLM6ZpTKavA8W4Mh_BDudA3BfzfLGN_p14mNM3kOq2A-qzV1tQz&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLa9YK3jF1YjAPel5zlSqoXJSaHPnso5tWg&random=3248973264&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/902961551/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.de/pagead/1p-conversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
64 B

20ms
20ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYuKKO6P9u8P-uG-wAI&cid=CAQSKQCNIrLMVrnxuWv6RTyJvaGUScSpMv6JflaNlGTMQJlVHkNfLTYz5Yn9&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLZanvVeZ3jut36DGrSa2GBnMcwFfD3j0CA&random=1666665562&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Aug 2021 19:26:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/902961551/?random=1631358044&cv=9&fst=1630178806335&num=1&value=0&label=wcq0CMH1tYYBEI-zyK4D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=1836477868.1630178806&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9o0qYYuKKO6P9u8P-uG-wAI&cid=CAQSKQCNIrLMVrnxuWv6RTyJvaGUScSpMv6JflaNlGTMQJlVHkNfLTYz5Yn9&eitems=ChAI8L2niQYQv_b8ma6alq45Eh0A9FXYLZanvVeZ3jut36DGrSa2GBnMcwFfD3j0CA&random=1666665562&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=599633800219052&ev=Microdata&dl=https%3A%2F%2Fwww.koho.ca%2F&rl=&if=false&ts=1630178807861&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22KOHO%3A%20Reloadable%20Prepaid%20Visa%20Card%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1630178806352.341036305&it=1630178806164&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 28 Aug 2021 19:26:47 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
657 B 227ms
148ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nvggn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.koho.ca%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 28 Aug 2021 19:26:49 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1f2f4c41060be1cb5a6360a9c71f5c5669d6ee12a66b5c5df980a4b4740076e4
x-transaction: 0a6127ce19a38ee2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/koho.ca/ 136 B
322 B 913ms
118ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/koho.ca/config.json
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: 8c8105f1ae88f6605a24443ba23183e0699cd47da49d7188b54ae078b943b0ea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:49 GMT
last-modified: Sat, 28 Aug 2021 19:21:17 GMT
etag: "88-612a8cad-9df20d05bc212bd4;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 136
expires: Sun, 29 Aug 2021 19:26:49 GMT

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 202 KB
20 KB 119ms
118ms Fetch
application/json 206.189.191.180
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.191.180 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: cdn102.acsbapp.com
Software: /
Resource Hash: b13aaa93ec4706e12d84a688dc827fa17c8a0ae9b5e5c3993e9cd0aa44450b29

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:26:49 GMT
content-encoding: br
last-modified: Fri, 27 Aug 2021 17:51:02 GMT
etag: "326c2-61292606-72f1ca6467b834e1;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20142
expires: Sun, 29 Aug 2021 19:26:49 GMT

POST
H/1.1 202
Accepted 5f05eea3fa48230af9ecce82 Show response
events.launchdarkly.com/events/bulk/ 0
509 B 126ms
126ms XHR
application/json 52.72.173.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f05eea3fa48230af9ecce82

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/684-9758c15b9972897aef3d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.173.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-173-19.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Payload-ID: e4f5b6c0-0835-11ec-bec7-73d38cf8fe56
X-LaunchDarkly-Wrapper: react-client-sdk/2.23.0
X-LaunchDarkly-Event-Schema: 3
X-LaunchDarkly-User-Agent: JSClient/2.19.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 28 Aug 2021 19:26:51 GMT
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length: 0
Access-Control-Expose-Headers: Date

OPTIONS
H/1.1 204
No Content 5f05eea3fa48230af9ecce82
events.launchdarkly.com/events/bulk/ Frame 0
0 355ms
115ms Preflight
application/json 52.72.173.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f05eea3fa48230af9ecce82

Protocol

HTTP/1.1

Server

52.72.173.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-173-19.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Origin: https://www.koho.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 28 Aug 2021 19:26:51 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 300
Strict-Transport-Security: max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amazon-adsystem.com/	1970-01-21 17:28:02	Name: ad-privacy Value: 0
.koho.ca/	1970-01-19 22:59:14	Name: _fbp Value: fb.1.1630178806352.341036305
.koho.ca/	1970-01-20 05:35:15	Name: stc122943 Value: tsa:1630178807895.60973084.18381739.34203001395981314.:20210828195647\|env:1%7C20210928192647%7C20210828195647%7C1%7C1125647:20220828192647\|uid:1630178807895.1454937349.4880528.122943.645022255.:20220828192647\|srchist:1125647%3A1%3A20210928192647:20220828192647
.koho.ca/	1970-01-19 20:49:38	Name: _gat Value: 1
.koho.ca/	1970-01-19 20:51:05	Name: _gid Value: GA1.2.1993732051.1630178806
.koho.ca/	1970-01-20 14:20:50	Name: _ga Value: GA1.2.55401939.1630178806
.amazon-adsystem.com/	1970-01-20 02:00:41	Name: ad-id Value: A5KsUngsWkGWjPrQ2fCJkVQ
.koho.ca/	1970-01-19 22:59:14	Name: _gcl_au Value: 1.1.1836477868.1630178806
.koho.ca/	1970-01-19 20:51:05	Name: _uetsid Value: e1bd0a20083511ec96c38d4a6b3bf10a
.koho.ca/	1970-01-20 06:11:14	Name: _uetvid Value: e1bd63e0083511eca2e2875107fb8e5a
.koho.ca/	1970-01-23 12:25:38	Name: amplitude_id_10563d121b16631a278c49bd4b44caaekoho.ca Value: eyJkZXZpY2VJZCI6IjY3OWM1ZTZkLWIyNTUtNDkwMS04ZmE2LTMxY2NmZTYxM2NmNFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYzMDE3ODgwNjI1NSwibGFzdEV2ZW50VGltZSI6MTYzMDE3ODgwNjI2MCwiZXZlbnRJZCI6MiwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjJ9
.koho.ca/	1969-12-31 23:59:59	Name: amplitude_idundefinedkoho.ca Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.koho.ca/	1970-01-20 05:35:14	Name: ajs_anonymous_id Value: %22271f241b-1eb5-4398-a3a9-b8ee3df7efa6%22

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.koho.ca/app-e670e2f6ae264291ca00.js(Line 2) Message: localStorage is disabled and color mode might not work as expected. Please check your Site Settings. TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.koho.ca/app-e670e2f6ae264291ca00.js(Line 2) Message: localStorage is disabled and color mode might not work as expected. Please check your Site Settings. TypeError: Cannot read property 'setItem' of null
console-api	error	URL: https://www.koho.ca/framework-c98446d6f6bc5dfd6500.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://www.koho.ca/framework-c98446d6f6bc5dfd6500.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acsbapp.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
analytics.tiktok.com
analytics.twitter.com
api.amplitude.com
api.segment.io
app.launchdarkly.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.acsbapp.com
cdn.amplitude.com
cdn.polyfill.io
cdn.sanity.io
cdn.segment.io
clientstream.launchdarkly.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consent.linksynergy.com
dpm.demdex.net
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.adsrvr.org
odr.mookie1.com
pi.ispot.tv
pixel.advertising.com
pixel.placed.com
pixel.tapad.com
px.ads.linkedin.com
px.surveywall-api.survata.com
px4.ads.linkedin.com
s.amazon-adsystem.com
sb.scorecardresearch.com
snap.licdn.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.co
t.myvisualiq.net
tag.rmp.rakuten.com
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.koho.ca
x.bidswitch.net
px.surveywall-api.survata.com
104.244.42.195
104.244.42.5
108.174.10.14
13.224.101.82
13.224.89.35
13.224.96.27
13.224.96.7
13.248.242.197
141.226.228.48
142.250.185.194
142.250.185.66
143.204.207.75
151.101.12.157
151.101.13.26
151.101.14.132
151.101.14.217
18.184.95.242
18.194.108.131
18.197.219.138
18.203.33.226
185.64.189.115
185.94.180.125
2.18.234.21
2.18.234.233
206.189.191.180
209.54.177.54
212.82.100.182
213.19.147.45
2600:1f18:612b:4216:1314:397:4325:f0c1
2606:4700:10::6816:1857
2620:119:50e1:101::6cae:b25
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:400c:c09::9c
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:b0c0:3:d0::d23:4001
3.120.52.200
3.94.65.142
34.102.147.248
34.231.184.117
34.254.143.3
34.98.64.218
34.98.67.3
34.98.67.61
35.227.248.159
35.244.128.15
37.157.6.242
37.252.173.27
44.240.46.30
45.79.140.212
52.1.230.29
52.5.82.14
52.58.164.24
52.72.173.19
54.175.87.114
54.71.121.82
69.173.144.139
72.246.100.56
76.223.31.44
77.243.60.138
95.101.27.76
99.81.82.31
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
07854e6586eb862f14c989f142d09f8ff8e139e2e5b0830ce297e67f3a15ce4e
0cfe3bdfa70d744236192511a17f6da9c94f47f6775bb70c053a30ab867b9097
0e7e3d0e5be5c8eee823df70926f17e2cca09b2b4cdec0fdf83ed16da1119578
0ebe940ed4a00c9aa613b1cbed61c09242e99985cbc0f4a28cd0d795a0e85850
106b0776d18e71797d9c93df4bb9a5f9f3312b4912580f2382116dbe744e63f5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15906e6d782942494450b5474366c4098c542e8ebfbf2aabb9b824b451971970
1a61a8404ee495e19d9596ba6a7a8d2014a0cc14cbe63bdccda767d461e0472e
1ac86714f52c3116e33e0e972e5f89522654a4a0ae9bdfe36482feb308c73e9b
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
2487584d1d5e94425b0181d326b8fb1d323b29e7b94d3358fd6c7d26d58377fc
25e7ebf9e9c15a90ad6ecdfee7938d277c21e572f0cab61353993d450cc5ffda
2775f9134045c38174acb9cf77badff3cfc1cfe2919ec7bb8eb47add1022b394
2782912d4a379634c1972af62d3016850711b3777691741c49c960d99d74fe5e
2bcd93c2711d68e47f66238748e034ead15de88a1c4c0792599afda0bb9ea067
2d0dc431bd0ce4d883da2c31973280a1fdc238251dc889b421bfd020b7bd9946
308883bf05de6cd715920ceaf6509b520aa23e4b195b1439c4059b96e4ffbbc4
388b1806a542af580c3bf12fa4862af386b8a8200154fe90fc86095d50f4fdfc
3c2e455c9192e6eeffc92c7221f46403692cbc5cac4092f5148d32383189ad0e
3c4ee94ca982c185d2124204bb31ca6b720fa31b0ca4c79bfc360ef56831e7c4
3da26abb943827f784b20c95594adb89bd951c44a89e84c66f517455508b1c1f
3f797d7451ce0fe87d9677b4f692b1292ebce28544912b82e5649fba8cc4a610
48f1cec4d3a98b4af33a83c44f3599a5bb2ac6d4995b793291ed5f0148fcd84c
4a15fce61dfb09bc7fda3a6ef50f2aac26b1b81d893a95d8587e1b420c85fbf1
4c89ad605f96915ce4012b6b1700843e596e116dadb2b8b48aa540115467c515
4d548c6334b5e1c46e91fa0432920094cde9eebab964d67e3a48d5106a9880af
4df7d998f5d7f2ea32c7615648926c1ed890848e02555c5eedc094002f796a37
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
58e40d95870fef25e0f1bd642fbc0b36bbd99b4450ef6ba547b964434499309e
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
637931eacc5a7439b79149780f7370434f24b4b5cf764d88c479aba9cb47538a
658c672e4ca7014e62a9bab6b834ca81111d579ca54c4b7dd69a4847cabc1f49
68f9b9134bf198470bf6ea801ee4cda7d59cb38b36dc7c73f068a15733636b80
6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1
701218781757fa125d6e34e3051c61521b2c1acb1919ddc115b3f55b59edc219
7299f74ea105ed53a3bebc058f1805b7c66c3eb2ebdd4983cac932c13eebb8eb
8274d368423efc5a325b15f523737b057683a8688ecbf2d3ef07863c2dba763e
83b6d802aa090ce29898946d1e0ddfdbe5dfa984870b14badb85025d1635d8dd
83ba29fce57896360b8e41e7ef2518302f2e2785981fe9ea5231d63b97fef010
8412592ef28ebbc4807894663f1892432bb4770cc96b66b26ec1297878051933
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
852b2c1669b97568665432e39d0b395a2354354ce5afbb869d9212c3750216f1
886ad029484d8748d9efa01829b721fa519f17544f9d958cf21cb672eeacdbb3
8c8105f1ae88f6605a24443ba23183e0699cd47da49d7188b54ae078b943b0ea
93e784bb85186ce49cd21ac4a91debd17715a82b5c203ad0a7535d7d0a06fca3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a8801417a41b97200fab092c58ddc6033e0d53213da8d6c06e3f2a6d68757a00
aa98b27fff76e1d4b854c8b2b3e07ec2d78cea5080a73ad612c19f26cd58e684
ab69584786707a867241dac3eef649ff5d2c62557d73070cc9cdcdf9fb82bf5b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b13aaa93ec4706e12d84a688dc827fa17c8a0ae9b5e5c3993e9cd0aa44450b29
b33dd08dc58f62eb8b6be088af136a4fd18e7593ab911f22950d9a6c3140a974
b4be9d3c7fb912b4cca966dd6fd5f8df403f2d58156cf237840acb1816dec483
b5edbaf6dc6a49994a970bf7e2618a58fb272c23d01c955e186210157af9c085
b9d7b0cc5ec11e81acc44db8f29db898a2da0c8656a57d8d28d18592cd6bd3e4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcb4caa5ae816c712cee74a5211ae62f79ca60ee4ffd55aa636f45efdebc5571
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c0d731642f716eeb3eadb1e53aa826601a827b37a7e069e76a33c5a07129f31f
c14e96d40f6933dd55cd9fcadcf3eed5eeb112b9df6bfb5db5351758aa377136
c193c4a9f2405bec9d8801e1b264b47bdff3122a0328c8006b09e1834eea62c2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd5086d57e697cf86aa2a27783d3173af95f54a0501ef2ddd0c41f93d8311da9
d43dfcad7d3ad157fbec0df52312437faa4c5f80dac48233746a1e0055971961
da106383a0fb35aeb8c11dc77f5474d7ba6eff2185a8e4c8cd1496739ec67fd1
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
dcdde59f42a39ba34b1785a3e433bf17fef73ea8538d733dbdaf23ee4ec91480
dd3f2939328a1110e1fc359e20e8a32a0e2683eb18b59fd13a0afcd6cef94f2e
de3e28cc68fc62a20bf83c46bfa6437cf56df975c49ec69ae5fd4194f45f5f50
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e448770772961d20f0141c02b6696766b8f52f22df94ce404b011d5ae0e31f48
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
eab98d4ccb0415f3649a890d6d41d66aaac83bb5c74e1b92794cff38b3a3795a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f059841000d5c7211ea2975d2422c54a5cae4070f58f9acc6c18b3c50063c2b7
f76c0486fa0d396d5a494ba58335fd77320644cd9e89b7357e3365ab60b268d1
f7e45f90ef81243fbc3b1327f9bdb996ca52f49f51a87e33f78bc3f6dfa337ab
f8bff92e6545043a88da89833cddfa43dcf946407940dcf06cba4fdd4cd076fd
fd004258c3c816a7f5b4fb3619a9054d0ad6f49c08dff327e9962a1dbe88870b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.koho.ca Open in urlscan Pro 2a03:b0c0:3:d0::d23:4001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

99 %HTTPS

23 %IPv6

62 Domains

73 Subdomains

39 IPs

7 Countries

1410 kBTransfer

4853 kBSize

13 Cookies

1 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.koho.ca Open in urlscan Pro
2a03:b0c0:3:d0::d23:4001 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

99 %
HTTPS

23 %
IPv6

62
Domains

73
Subdomains

39
IPs

7
Countries

1410 kB
Transfer

4853 kB
Size

13
Cookies

125 HTTP transactions
16 data transactions