www.koho.ca Open in urlscan Pro
2600:1f18:2489:8202:3e66:ff9e:de27:befe Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://koho.ca/
Effective URL:
https://www.koho.ca/
Submission: On October 14 via manual (October 14th 2022, 8:59:22 pm UTC) from CA — Scanned from CA

Summary HTTP 162 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 44 IPs in 4 countries across 66 domains to perform 162 HTTP transactions. The main IP is 2600:1f18:2489:8202:3e66:ff9e:de27:befe, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.koho.ca.
TLS certificate: Issued by R3 on September 29th 2022. Valid for: 3 months.

This is the only time www.koho.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.198.14.52 104.198.14.52	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2600:1f18:248... 2600:1f18:2489:8202:3e66:ff9e:de27:befe	14618 (AMAZON-AES) (AMAZON-AES)
26	35.190.70.79 35.190.70.79	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
11	13.225.223.151 13.225.223.151	16509 (AMAZON-02) (AMAZON-02)
1	34.102.147.248 34.102.147.248	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.200.1.44 23.200.1.44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	108.138.113.246 108.138.113.246	16509 (AMAZON-02) (AMAZON-02)
1	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
2 39	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
4	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
4	107.23.224.148 107.23.224.148	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
1 6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
3 3	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	13.225.214.50 13.225.214.50	16509 (AMAZON-02) (AMAZON-02)
2 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	184.50.205.90 184.50.205.90	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.0.12.161 52.0.12.161	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:612... 2600:1f18:612b:4200:438d:f16b:f4fb:94af	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	13.35.98.188 13.35.98.188	16509 (AMAZON-02) (AMAZON-02)
1	34.199.90.210 34.199.90.210	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.195.71.40 34.195.71.40	14618 (AMAZON-AES) (AMAZON-AES)
1	3.232.47.238 3.232.47.238	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.126.92 35.190.126.92	15169 (GOOGLE) (GOOGLE)
1 1	34.230.221.167 34.230.221.167	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.203.222.38 52.203.222.38	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1 1	34.206.33.80 34.206.33.80	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.167.164.42 185.167.164.42	198622 (ADFORM) (ADFORM)
2 2	192.35.249.120 192.35.249.120	11742 (SPOTX-IAD) (SPOTX-IAD)
1 1	52.70.74.183 52.70.74.183	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.205.220.58 52.205.220.58	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
1	23.21.59.154 23.21.59.154	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.164.96.83 18.164.96.83	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.237.150.96 104.237.150.96	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
2 2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	108.138.128.58 108.138.128.58	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.54 18.164.96.54	16509 (AMAZON-02) (AMAZON-02)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
1	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.164.115.222 18.164.115.222	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	54.213.236.150 54.213.236.150	16509 (AMAZON-02) (AMAZON-02)
1	44.239.41.64 44.239.41.64	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
162	44

2 104.198.14.52 (The Dalles, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 52.14.198.104.bc.googleusercontent.com

koho.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:1f18:2489:8202:3e66:ff9e:de27:befe (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.koho.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 35.190.70.79 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 79.70.190.35.bc.googleusercontent.com

cdn.sanity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com

tag.rmp.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.200.1.44 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-1-44.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.113.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-246.jfk50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.23.224.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-224-148.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.184 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.50.205.90 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.12.161 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-12-161.compute-1.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:438d:f16b:f4fb:94af (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.233 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.98.188 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-98-188.jfk50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.90.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-90-210.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.71.40 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-71-40.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.47.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-47-238.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.126.92 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 92.126.190.35.bc.googleusercontent.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.221.167 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-221-167.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.222.38 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-222-38.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.33.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-33-80.compute-1.amazonaws.com

px.surveywall-api.survata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.42 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.120 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.74.183 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-74-183.compute-1.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.220.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-220-58.compute-1.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.98 (Glen Cove, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.59.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-59-154.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.83 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-83.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.150.96 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-06.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-58.jfk50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.115.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-222.jfk50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.213.236.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-236-150.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.41.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-41-64.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 296	27 KB
26	sanity.io cdn.sanity.io — Cisco Umbrella Rank: 16889	281 KB
23	koho.ca 2 redirects koho.ca — Cisco Umbrella Rank: 982866 www.koho.ca	411 KB
11	segment.com cdn.segment.com — Cisco Umbrella Rank: 1442	74 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 870 events.launchdarkly.com — Cisco Umbrella Rank: 589 clientstream.launchdarkly.com — Cisco Umbrella Rank: 644	14 KB
6	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	4 KB
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 926	2 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 9257	629 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	629 B
3	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 894 image6.pubmatic.com — Cisco Umbrella Rank: 671	974 B
3	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294 cms.analytics.yahoo.com — Cisco Umbrella Rank: 871	1 KB
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	2 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 789 vars.hotjar.com — Cisco Umbrella Rank: 916	69 KB
3	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 872	97 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 379	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	114 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	222 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2741 api.amplitude.com — Cisco Umbrella Rank: 1386	18 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 456	558 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1270	2 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1134	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	724 B
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 409	400 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 156	640 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1148 lm.serving-sys.com — Cisco Umbrella Rank: 1897	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 572	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 627	997 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347 token.rubiconproject.com — Cisco Umbrella Rank: 682	1 KB
2	360yield.com 1 redirects match.360yield.com — Cisco Umbrella Rank: 2893	650 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528 usermatch.krxd.net — Cisco Umbrella Rank: 1251	357 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 702	1 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1806	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 943	18 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 547	393 B
1	t.co t.co — Cisco Umbrella Rank: 483	376 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1020	171 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 742	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 624	15 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2195	258 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1072	300 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2120	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2722	750 B
1	survata.com 1 redirects px.surveywall-api.survata.com — Cisco Umbrella Rank: 2693	749 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 987	633 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5176	419 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1871	94 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2527	263 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2210	881 B
1	zeotap.com 1 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 1683	319 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5041	398 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 539	459 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 474	640 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1567	157 B
1	gstatic.com fonts.gstatic.com	21 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1457	8 KB
1	rakuten.com tag.rmp.rakuten.com — Cisco Umbrella Rank: 7313	12 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	917 B
0	linkedin.com Failed www.linkedin.com Failed
0	clarity.ms Failed www.clarity.ms Failed
0	linksynergy.com Failed consent.linksynergy.com Failed
162	66

	Domain	Requested by
39	s.amazon-adsystem.com	2 redirects www.koho.ca s.amazon-adsystem.com
26	cdn.sanity.io	www.koho.ca
21	www.koho.ca	www.koho.ca
11	cdn.segment.com	www.koho.ca cdn.segment.com
6	tr.snapchat.com	1 redirects sc-static.net
4	events.launchdarkly.com	www.koho.ca
4	app.launchdarkly.com	www.koho.ca
3	www.google.ca
3	www.google.com
3	cm.g.doubleclick.net	3 redirects
3	ib.adnxs.com	3 redirects
3	analytics.tiktok.com	www.koho.ca analytics.tiktok.com
3	bat.bing.com	www.koho.ca bat.bing.com
3	www.googletagmanager.com	www.koho.ca cdn.segment.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.facebook.com
2	www.google-analytics.com	cdn.segment.com www.google-analytics.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	pixel.tapad.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	loadus.exelator.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	eb2.3lift.com	1 redirects s.amazon-adsystem.com
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.360yield.com	1 redirects s.amazon-adsystem.com
2	ads.stickyadstv.com	1 redirects s.amazon-adsystem.com
2	t.myvisualiq.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	sc-static.net	www.koho.ca tr.snapchat.com
2	koho.ca	2 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	analytics.twitter.com
1	t.co
1	api.amplitude.com	cdn.amplitude.com
1	api.segment.io	cdn.segment.com
1	cdn.amplitude.com	cdn.segment.com
1	snap.licdn.com	cdn.segment.com
1	static.ads-twitter.com	cdn.segment.com
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	px.surveywall-api.survata.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	mwzeom.zeotap.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	alb.reddit.com
1	script.hotjar.com	static.hotjar.com
1	clientstream.launchdarkly.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	www.koho.ca
1	www.redditstatic.com	www.koho.ca
1	tag.rmp.rakuten.com	www.koho.ca
1	fonts.googleapis.com	www.koho.ca
0	www.linkedin.com Failed
0	www.clarity.ms Failed	bat.bing.com
0	consent.linksynergy.com Failed
162	80

This site contains links to these domains. Also see Links.

Domain
web.koho.ca
help.koho.ca
status.koho.ca
koho-financial.canny.io
www.instagram.com
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com
www.pinterest.ca
open.spotify.com

Subject Issuer	Validity	Valid
koho.ca R3	`2022-09-29` - `2022-12-28`	3 months	crt.sh
*.sanity.io Sectigo RSA Domain Validation Secure Server CA	`2022-10-04` - `2023-11-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.rmp.rakuten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-28` - `2023-02-17`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
events.launchdarkly.com Amazon	`2022-08-19` - `2023-09-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
clientstream.launchdarkly.com Amazon	`2022-09-09` - `2023-10-07`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2022-09-24` - `2022-12-23`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-19`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-24` - `2022-10-22`	3 months	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.koho.ca/
Frame ID: 73A1F729B95DB3060C94E83639FBDC4D
Requests: 123 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-KGDFZD8
Frame ID: 2797D884FE87B1C1D2A7A54538672FA8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=330599697544675900&dcc=t
Frame ID: C33A1EA9D801FF3AF5608A967D733D26
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Frame ID: F85994ECBB3F6E73BBCB3B53868369C4
Requests: 42 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=4514f12f-fb6c-49fc-8bce-fc3c08d2a580&u_sclid=cddc66f5-99d4-4338-8b49-d993c2755fd3
Frame ID: C4952F33CC39596373BFECAB9B357441
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 04E0E9C9942AD865803AC1E3EBF51CAF
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1665531000096&pnid=140&pcid=dfcff16c-4f9c-4669-9a59-0a3624974b72
Frame ID: 2FFFBB4BC9EB14D4EC5478BB7E017F25
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 03804658E7CAF00761891362EA9389F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KOHO: Reloadable Prepaid Mastercard | No Fees & Instant Cash Back on Everythinglogo.kohologo.kohologo.koho

Page URL History Show full URLs

http://koho.ca/ HTTP 301
https://koho.ca/ HTTP 301
https://www.koho.ca/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rakuten (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

tag\.rmp\.rakuten\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

162
Requests

75 %
HTTPS

21 %
IPv6

66
Domains

80
Subdomains

44
IPs

4
Countries

1350 kB
Transfer

4045 kB
Size

87
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://web.koho.ca/signup/?af_adset=HOME&af_adset_id=76yw0ndi&af_channel=GENERAL&language=en
Title: Get StartedOpen Account

Search URL Search Domain Scan URL

URL: http://web.koho.ca/login/
Title: Log In

Search URL Search Domain Scan URL

URL: https://web.koho.ca/signup/?af_adset=HOME&af_adset_id=jaqreign&af_channel=GENERAL&language=en
Title: Get StartedOpen Account

Search URL Search Domain Scan URL

URL: https://web.koho.ca/signup/?af_adset=HOME&af_adset_id=og1ztkcu&af_channel=GENERAL&language=en
Title: Get StartedOpen Account

Search URL Search Domain Scan URL

URL: https://help.koho.ca/
Title: FAQs

Search URL Search Domain Scan URL

URL: https://status.koho.ca/
Title: Status Page

Search URL Search Domain Scan URL

URL: https://web.koho.ca/signup/?af_adset=HOME&af_adset_id=k4ul5ntn&af_channel=PAGES&language=en
Title: Get StartedOpen Account

Search URL Search Domain Scan URL

URL: https://web.koho.ca/signup/?af_adset=HOME&af_adset_id=kfxc5cxm&af_channel=PAGES&language=en
Title: Open Account

Search URL Search Domain Scan URL

URL: https://koho-financial.canny.io/public-roadmap
Title: Roadmap

Search URL Search Domain Scan URL

URL: https://www.instagram.com/getkoho/?hl=en

Search URL Search Domain Scan URL

URL: https://twitter.com/GetKoho

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KOHO/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC-HnC-dcg5_KYW6pQ7H4JQA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/koho

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/getkoho/

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/3n9gcir6n134y1xdhrn08nylj?si=a2-6anaGT3KZjo2gG0ctww

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://koho.ca/ HTTP 301
https://koho.ca/ HTTP 301
https://www.koho.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=330599697544675900 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=330599697544675900&dcc=t

Request Chain 69

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&dcc=t

Request Chain 86

https://ib.adnxs.com/setuid/a9?entity=188&code=eB6o9KmPRDKWTZt-gSvwPw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DeB6o9KmPRDKWTZt-gSvwPw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eB6o9KmPRDKWTZt-gSvwPw

Request Chain 87

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=213230604304012414965&ex=neustar.biz

Request Chain 88

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=1yrQ2DFqQA6cQxR4MQa2Eg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=1yrQ2DFqQA6cQxR4MQa2Eg&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y0nNpMtw.cJAHpmtHsuFvQAA

Request Chain 89

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=437c19d6dc3a978a9d550881cc276ea3

Request Chain 90

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 91

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kp87basCRLup_T2cStSaMw HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kp87basCRLup_T2cStSaMw&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kp87basCRLup_T2cStSaMw

Request Chain 92

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=b307f18e-c5de-4dfc-911b-4cc219e76128

Request Chain 93

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=acef63acbcc64123b39d5767b2df9167

Request Chain 94

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-tuiO861E2pHmK44_1SI0WelpxxQdim1u6NLV~A&status=NOT_FOUND&ex=gemini

Request Chain 95

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=cabb9519-3b6c-4339-77da-d9363703ab9e

Request Chain 96

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3053b86159ef2f60dd1a47a17ce3401f&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 97

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 99

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com

Request Chain 102

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10234c71ef45ebd60

Request Chain 103

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y9UDYEEyTAGOkoPEG2PYZw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y9UDYEEyTAGOkoPEG2PYZw

Request Chain 105

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=jq5gSTaPQBeTG5fGJP3YDA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=jq5gSTaPQBeTG5fGJP3YDA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=78842219956032804033537639651165603233

Request Chain 106

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=qlBqp3cER8SSePCPGv23qQ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829189854625425&gdpr=&gdpr_consent=

Request Chain 107

https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

Request Chain 108

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2535973557128297510

Request Chain 109

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=10dec076-4c03-11ed-a645-1c8a12470303 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=10dec01a-4c03-11ed-a645-1c8a12470303

Request Chain 110

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a6307655-77a5-4f7a-b211-2bb5f88955fe%22,%22Time%22:%2220221014T205916.999602%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a6307655-77a5-4f7a-b211-2bb5f88955fe

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEKw_EcE3_CCaG7axMUcVFwU&google_cver=1

Request Chain 113

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=528b4ccef505f25cf45af00707c9d7b7

Request Chain 114

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=5f463e5c-a66d-c91a-370a-696dc00d4f12

Request Chain 115

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=Khv6lJtEs7owTNqZZ67riDc4c5c4ZgIC

Request Chain 116

https://eb2.3lift.com/xuid?mid=8341&xuid=VG5rICh_QGumkDSxqVjCaQ&dongle=az46 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=VG5rICh_QGumkDSxqVjCaQ&dongle=az46&gdpr=0&cmp_cs=&us_privacy=

Request Chain 117

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=11208201A28E8C93

Request Chain 118

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4921778707525838525&ex=appnexus.com

Request Chain 119

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=VdWxfEb4Tqe2IG3fctlg_Q&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=VdWxfEb4Tqe2IG3fctlg_Q

Request Chain 120

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=wu85R940YsCg4lBKJ9VOwsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=-Cs4vu7UTkmcL_su8mpS-A& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 122

https://loadus.exelator.com/load/?p=204&g=8888&j=0 HTTP 302
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=132da92736a76fffe9b245de24d68f9b

Request Chain 123

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED68A5CD4963D91A1CBF024FB812

Request Chain 124

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=34e77068c4f40369c37f996ce96203a4b95ed30221048a7ab1e91e1dd0efed8b

Request Chain 125

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=F044BFCB-7DFC-4C02-BD1F-17C74E35BECA

Request Chain 126

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7ab79ff7-06fc-4479-b023-fc230c2fd4f7-tucta435325

Request Chain 137

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1665781156677&u_scsid=7fb0ffc6-cd1a-481c-a2fa-42b6a7e3a5b5&u_sclid=795a3563-0bfa-420f-aeb9-0527cc4e674a HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665531000096%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665531000096%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1665531000096&pnid=140&pcid=dfcff16c-4f9c-4669-9a59-0a3624974b72

Request Chain 154

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1665781157010&url=https%3A%2F%2Fwww.koho.ca%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1665781157010&url=https%3A%2F%2Fwww.koho.ca%2F&cookiesTest=true HTTP 0
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1665781157010%26url%3Dhttps%253A%252F%252Fwww.koho.ca%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue

162 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.koho.ca/
Redirect Chain

http://koho.ca/
https://koho.ca/
https://www.koho.ca/

189 KB
27 KB

108ms
24ms

Document
text/html

2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

38f270d394ded540ab46852b1c8ab6d2026be44b9ab1c5c532fbb17e3dda16cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 3608
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 26986
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 19:59:07 GMT
etag: "258c0e5a1d4a674b0918903eebf84002-ssl-df"
link: </webpack-runtime-f91e6a6e7db0c069e3d2.js>; rel=preload; as=script, </framework-509b653fa17480bc5594.js>; rel=preload; as=script, </app-d298ac539b8b79daa3c1.js>; rel=preload; as=script, </58bfd7af7b4195f04e5761745722b4bb6a3b8261-d357fbd53b46518680c0.js>; rel=preload; as=script, </component---src-templates-pages-home-tsx-6c2deab0fee477a57637.js>; rel=preload; as=script, </page-data/app-data.json>; rel=preload; as=fetch; crossorigin, </page-data/index/page-data.json>; rel=preload; as=fetch; crossorigin
referrer-policy: same-origin
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nf-request-id: 01GFC4PHJTMQB7TQSE8AF4TF2T
x-xss-protection: 1; mode=block

Redirect headers

content-length: 35
content-type: text/plain; charset=utf-8
date: Fri, 14 Oct 2022 20:59:15 GMT
location: https://www.koho.ca/
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains
x-nf-request-id: 01GFC4PHE2XRWP1VPB69AZCD6D

GET
H2 200 webpack-runtime-f91e6a6e7db0c069e3d2.js Show response
www.koho.ca/ 8 KB
4 KB 27ms
24ms Script
application/javascript 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/webpack-runtime-f91e6a6e7db0c069e3d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

c1edf37f3c5acba8fe3c79bc52b0fbad8d9024f030634becf35f202d56a6450c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHM583GP7436YZR55Z6F
date: Fri, 14 Oct 2022 20:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2633
content-length: 3559
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "a4cfe11969e580dce8d3abbaaae7e13c-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 framework-509b653fa17480bc5594.js Show response
www.koho.ca/ 146 KB
46 KB 55ms
53ms Script
application/javascript 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/framework-509b653fa17480bc5594.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

1bdadd45403a8fd27d42d0830e3aa22b169a5069528c32fccfc32d195a9ebf03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHM6ZX901P9JE7FP8QJW
date: Fri, 14 Oct 2022 20:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2633
content-length: 46954
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "46d81027405facd229ada5266da439df-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 app-d298ac539b8b79daa3c1.js Show response
www.koho.ca/ 505 KB
161 KB 29ms
27ms Script
application/javascript 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

2048b2cc89fd6ed263c11b5f5fdca0b77d84d23028da8e55ebb06d61acea011e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHM5VBSEE1D89GB5T73B
date: Fri, 14 Oct 2022 19:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 4508
content-length: 164407
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "790c3573f3b1d356fc337f2b4f818ebc-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 58bfd7af7b4195f04e5761745722b4bb6a3b8261-d357fbd53b46518680c0.js Show response
www.koho.ca/ 18 KB
7 KB 76ms
74ms Script
application/javascript 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/58bfd7af7b4195f04e5761745722b4bb6a3b8261-d357fbd53b46518680c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

8a52c4e94c8518d7d5b6c5eb4b0c8094a1a88935f119d788f0ed5ddb851e063a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHM6ZDEFNBDN5G996KSZ
date: Fri, 14 Oct 2022 20:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2633
content-length: 6719
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "be889e5a6158fd2f8fde88b9bf9d7441-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 component---src-templates-pages-home-tsx-6c2deab0fee477a57637.js Show response
www.koho.ca/ 2 KB
1 KB 27ms
25ms Script
application/javascript 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/component---src-templates-pages-home-tsx-6c2deab0fee477a57637.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

6c26a7981a041b26927f64feae226e366e392b1d323eb780b32cda1591539c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHM6KD5EYBSVHK8CJ62P
date: Fri, 14 Oct 2022 19:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 5757
content-length: 1085
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "cb4e41d5c4086f2bdf0013e73e5e154f-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 app-data.json
www.koho.ca/page-data/ 50 B
166 B 77ms
76ms Other
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/app-data.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

b8b99a5a182ff02703181a37fa4627ed047ad957e5fb11bd9469659d53ad02c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.koho.ca/
Origin: https://www.koho.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHM6D4PK96NBP0C26J3Q
date: Fri, 14 Oct 2022 19:23:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
server: Netlify
age: 5744
etag: "343824be7b7e6d89324e53d4dfa1c937-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 50
x-xss-protection: 1; mode=block

GET
H2 200 page-data.json
www.koho.ca/page-data/index/ 19 KB
3 KB 29ms
28ms Other
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/index/page-data.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

1bc20140a7ceb64c88553310aeedbe02b3931c3caeb08d7cf04be0692dd720e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.koho.ca/
Origin: https://www.koho.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHM6YRP678EXVHTBY11Z
date: Fri, 14 Oct 2022 19:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 4891
content-length: 2894
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "cbf225d12ab629024eb0b6eb8db33b49-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 basis-grotesque-regular-pro-14e27a296fba4d0a515537b4fc81dacb.woff2
www.koho.ca/static/ 49 KB
49 KB 49ms
48ms Font
font/woff2 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/static/basis-grotesque-regular-pro-14e27a296fba4d0a515537b4fc81dacb.woff2

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.koho.ca/
Origin: https://www.koho.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHN5KPTSQ3PGJ3WC67WC
date: Fri, 14 Oct 2022 19:23:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
server: Netlify
age: 5721
etag: "b45f8a2fb9b8841ceee3fbc3a5dc7b37-ssl"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-length: 50128
x-xss-protection: 1; mode=block

GET
H2 200 basis-grotesque-bold-b5f93f83bec082293f58a1798af469eb.woff2
www.koho.ca/static/ 27 KB
27 KB 46ms
40ms Font
font/woff2 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/static/basis-grotesque-bold-b5f93f83bec082293f58a1798af469eb.woff2

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.koho.ca/
Origin: https://www.koho.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHNWK4Q6T13MRH1TC930
date: Fri, 14 Oct 2022 19:23:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
server: Netlify
age: 5721
etag: "5a711b623fb480087ad3bda4062e5563-ssl"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-length: 27812
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 403c06f11d3ad802990ee9771290f10257bd183c4b95b7d0cb3b19f5ba659f2f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2bc8293d37d6f74e4ef0c556b5aaf0bbd5191d3e2afbb1dbd6ee287c3a8ea4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 100 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d4b909667e2118731c5e16d44fd6b07331f53f5de1cbee889d2fb9a5cac4462

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5514a0f79e2d3218c0a879f9751aa04d16a108051c58b8d919f3e39abd6accf9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a99338d7faef9aa9d0d905c7e1c1dc6ec4d047d708343ebd24f2cd3dcc17198f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02767469affeeba7ad27cde647c85689a2ac053d0a56cb1ad2ca7d34f83acaa4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 100 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57d2068246a4469f7e2de2105c11a749a977a7f614f4bb6c068cc7b383a70e15

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1b2fb444bb90995f7bbbbed7ce40c54dd82eb6f1ce56634e886deac907a1645

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78d4ccdb0cd633adcd10c0bbb206d42a706aba3b7bf9ffc819c4fd97730900d2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f472713621e35dfa778bc1061a6a7fa591cbc2c41f3875222089044510d088f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96d6ec83a26fab1b84af476debce0f5f94834e82bf7ceda75fe41217840b4321

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 085dc1b122847ef8ffe6bf3ad9782ff84c64b867d075ebed6fec0bc416d4bd04

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d92e58c143eba7fa4d03c53eb6d8fb61cd481bc9939e57ce39f1d7726a603147

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 073531fb824eb3c2b5ac99af6d1ac66fe99ad5db60be98a05c1ccac912fe7793

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 30726b2911926113cc07a1bd2d228ebb9f0ea6c8-2239x2290.png
cdn.sanity.io/images/lo2qjzoq/production/ 15 KB
15 KB 59ms
16ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/30726b2911926113cc07a1bd2d228ebb9f0ea6c8-2239x2290.png?rect=2,0,2237,2290&w=506&h=518&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

5f53bdf3c69a74da560f349ae399740f7b130114dcfa1af69bf0c784dd5a92f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:00:11 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 765eadad5ee439f60711aa7a08c73360
age: 7144
x-varnish-age: 1225
x-b3-parentspanid: 31b142530e3e86a8
vha6-origin: image-varnish-ssd-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15318
last-modified: Fri, 30 Sep 2022 14:39:42 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: cffe40f018d88292
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 66100dbd8b6d164053e086533ab33a825685e914-640x216.png
cdn.sanity.io/images/lo2qjzoq/production/ 3 KB
3 KB 63ms
20ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/66100dbd8b6d164053e086533ab33a825685e914-640x216.png?w=160&h=54&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

96aba7799fa320c7bf5a30a04f27337f2ed0e10c34410bec0eefdd40c728b0e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 14:05:24 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 439ec7cb7ec3f836df678b59989a0560
age: 1320831
x-varnish-age: 2264
x-b3-parentspanid: f06908562dc4ab1b
vha6-origin: image-varnish-ssd-4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2614
last-modified: Tue, 30 Aug 2022 15:36:51 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: ee6f5a9a0d970045
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 b9721e6a433d03efab4342d059ef15467bab4cbf-2000x1821.png
cdn.sanity.io/images/lo2qjzoq/production/ 12 KB
12 KB 77ms
34ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/b9721e6a433d03efab4342d059ef15467bab4cbf-2000x1821.png?w=424&h=386&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

014c10425bdc694a27eeddfa9785ebbfe4121aa49dd6d231d4ec9fce543a48fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 18:45:19 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 3f4e1133492f79d97789f8a455824d29
age: 180836
x-varnish-age: 0
x-b3-parentspanid: e2353a9a173e8142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12322
last-modified: Fri, 13 May 2022 13:58:46 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: ce324b51fe3e474d
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 02a55acfb8f0f4e54d58f5e96b3649b9925d533d-660x54.png
cdn.sanity.io/images/lo2qjzoq/production/ 3 KB
3 KB 79ms
36ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/02a55acfb8f0f4e54d58f5e96b3649b9925d533d-660x54.png?w=320&h=26&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

d71fff72d0294c8d6312843a8a5df4ac9ff9d7ba87506dc80bf90eb9cc1a9d3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 09:32:29 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 8257a5db112151e032b0c9d7f1f5a55e
age: 1423606
x-varnish-age: 0
x-b3-parentspanid: 70ffcc97f475d298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3322
last-modified: Fri, 01 Apr 2022 17:12:22 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 390596fcfc0bb165
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 155d9f7778fa4652cfa6e44accc1f80deb53b0f5-906x945.png
cdn.sanity.io/images/lo2qjzoq/production/ 25 KB
25 KB 71ms
29ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/155d9f7778fa4652cfa6e44accc1f80deb53b0f5-906x945.png?rect=0,1,906,944&w=424&h=442&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

86032966ccd07b8890de5d5529859ced87eed5a1d2b415d677fb7820c8438cdc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:00:11 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 1a0ba4ca33d250999cf866a230fec2a4
age: 7144
x-varnish-age: 1225
x-b3-parentspanid: a6b9bfa5c9bdd8ea
vha6-origin: image-varnish-ssd-4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25126
last-modified: Fri, 13 May 2022 14:02:37 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: f800ff59c2d3e92a
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 2690233651d80535a4ed159c9b978878f4788411-957x1084.png
cdn.sanity.io/images/lo2qjzoq/production/ 19 KB
19 KB 62ms
21ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/2690233651d80535a4ed159c9b978878f4788411-957x1084.png?rect=0,1,957,1083&w=424&h=480&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

f450ae1b6bc9280b67e90050b1ab4994300bf538c11e96cd7a867f325d3fc3eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:00:11 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 8d0bff841d2e5e6f939257affef7ef7c
age: 7144
x-varnish-age: 1225
x-b3-parentspanid: ea27d1619fbc4b7f
vha6-origin: image-varnish-ssd-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19046
last-modified: Fri, 13 May 2022 14:02:53 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 189bedeaf0ff653
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 6b267e363247bccb265341b10798e5ddcf599f26-556x506.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
16 KB 25ms
22ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/6b267e363247bccb265341b10798e5ddcf599f26-556x506.png?w=278&h=253&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

9c484539388d61dbc27a710080851e24ef685246d32995ebaa74bdb02cfefa5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 06:59:51 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: b7b62a2efa5c30eae19e5ea26c8ad13d
age: 136764
x-varnish-age: 20146
x-b3-parentspanid: 52023ee6710e0907
vha6-origin: image-varnish-ssd-7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16256
last-modified: Fri, 10 Jun 2022 20:25:48 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 4f6f40ccb465a9cb
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 38daaf92a1daf1834e80cca5cf12115afcfbd391-281x461.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
16 KB 23ms
20ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/38daaf92a1daf1834e80cca5cf12115afcfbd391-281x461.png?w=278&h=456&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

fece88327e8b655bd3f9a80f32c3cc2159392b4ed91cc5d0ae33baecebb9a13d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Sat, 17 Sep 2022 08:32:49 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: c52bb0ce470bc3497eec84bb48278020
age: 2377586
x-varnish-age: 29351
x-b3-parentspanid: f5f1b0814e877e2c
vha6-origin: image-varnish-ssd-3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16156
last-modified: Fri, 10 Jun 2022 20:26:04 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: eb69b2aa55c0ca26
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 23a1af8c0cc07a05de51c782f1e9eac0c6676d36-327x445.png
cdn.sanity.io/images/lo2qjzoq/production/ 9 KB
9 KB 22ms
19ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/23a1af8c0cc07a05de51c782f1e9eac0c6676d36-327x445.png?w=278&h=378&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

1e9a6f0854d2011cc8897b5325cdede357860226cd38a6750ea8f9cc2311730c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 12:35:38 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 67d8d60cacda2073c85f728e1f57d243
age: 116617
x-varnish-age: 0
x-b3-parentspanid: f5f3070ca2df1c2e
vha6-origin: image-varnish-ssd-3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9288
last-modified: Fri, 10 Jun 2022 20:27:01 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: b9b3c3fc036b7e3e
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 0b3d3d48217444a5e393033c55f1863be8a383d9-2000x151.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
16 KB 18ms
15ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/0b3d3d48217444a5e393033c55f1863be8a383d9-2000x151.png?w=1140&h=86&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

d7ed0be9eee783947224c87deceaaa0bddc6c4acb97f47c69964464385293965

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 06:59:51 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: c0b31472d1dd95b3ed694e3832465bd3
age: 136764
x-varnish-age: 7585
x-b3-parentspanid: 021162234f509625
vha6-origin: image-varnish-ssd-5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16242
last-modified: Fri, 01 Apr 2022 17:28:54 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: fb920dd2e782f3c6
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 695e857a6a1c3c122f76a7fbfa8fb1c3b3bbf6d6-584x99.png
cdn.sanity.io/images/lo2qjzoq/production/ 4 KB
4 KB 21ms
18ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/695e857a6a1c3c122f76a7fbfa8fb1c3b3bbf6d6-584x99.png?rect=1,0,582,99&w=300&h=51&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

082e2888ad00a274eee4a5597f1521af574c08c7c2ae895b806e589383b4392e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 12:21:44 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 8bf7b7b6cc80691c609041d404c11b73
age: 117451
x-varnish-age: 5003
x-b3-parentspanid: 2d627ff0bb2b0621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4100
last-modified: Fri, 01 Apr 2022 17:29:10 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 6a6389defd176dab
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 a7619f4e7cdd0232ee2126b055f39495aa182003-212x80.png
cdn.sanity.io/images/lo2qjzoq/production/ 1 KB
1 KB 26ms
24ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/a7619f4e7cdd0232ee2126b055f39495aa182003-212x80.png?w=106&h=40&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

0ef104776d0c3fae6a35809c613601f4f177b629888f2a5a3565af143f709311

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:46:25 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 996ac08ac299d79f51534587c2abbfd2
age: 375170
x-varnish-age: 0
x-b3-parentspanid: c560d99b71a72721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
last-modified: Fri, 07 Jan 2022 16:51:40 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: c6860a4410dbd960
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 2d404c408931ed92e8bbb84c4765eab2c0bed684-80x80.png
cdn.sanity.io/images/lo2qjzoq/production/ 1 KB
1 KB 27ms
25ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/2d404c408931ed92e8bbb84c4765eab2c0bed684-80x80.png?w=80&h=80&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

3af56cba32c582f9141acca4672e3d0ccd13e121bd77c0fb7b6e7906a696bb51

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 08:46:18 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: ee055b891a69933d4510da584f9902f4
age: 130377
x-varnish-age: 5140
x-b3-parentspanid: 54776ee25dc4a074
vha6-origin: image-varnish-ssd-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1132
last-modified: Fri, 07 Jan 2022 16:51:52 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: cd68a491a0e86bbf
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 2616581508.json Show response
www.koho.ca/page-data/sq/d/ 2 KB
608 B 26ms
23ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/2616581508.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

46aac19cba9f65ff099a72c654ce816d6703a2cb69b7a1e5415785f690ef3173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHY657BCYJMQYV6SMCAJ
date: Fri, 14 Oct 2022 20:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2633
content-length: 488
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "60eba92eca78e48c007995a897d6cdae-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 2744905544.json Show response
www.koho.ca/page-data/sq/d/ 57 B
172 B 29ms
26ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/2744905544.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

68f9b9134bf198470bf6ea801ee4cda7d59cb38b36dc7c73f068a15733636b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHY7E9915NYP9SYF23DN
date: Fri, 14 Oct 2022 19:24:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
server: Netlify
age: 5714
etag: "2acc02e16bd38dfa5262c2af05b545d7-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 57
x-xss-protection: 1; mode=block

GET
H2 200 2753812762.json Show response
www.koho.ca/page-data/sq/d/ 2 KB
1 KB 30ms
28ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/2753812762.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

1ec9eebffd6aff3989e6b594a07692da14b005d37572f0ada714486684291b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHY7R9BJZ2V96J9BW6AH
date: Fri, 14 Oct 2022 20:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2633
content-length: 939
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "d8d11ebdc64904d787e08bc3224abd55-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 285283800.json Show response
www.koho.ca/page-data/sq/d/ 657 B
747 B 52ms
50ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/285283800.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

f71018fb803f43c1ce6866ceeeb7e2d57fc8da6af3db0a9500ba262c53171faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHY7G7Z9WDV177ZT10XS
date: Fri, 14 Oct 2022 19:24:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
server: Netlify
age: 5714
etag: "56a1f714a8402eae81e4adc77336924a-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 657
x-xss-protection: 1; mode=block

GET
H2 200 3687175392.json Show response
www.koho.ca/page-data/sq/d/ 20 KB
7 KB 30ms
29ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/3687175392.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

9280ea5e0bc23c6946ba24ca561d977abb8e1d7dc06d506bb82c78efd13ea731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHY7QFBS88M5CZSAMP2K
date: Fri, 14 Oct 2022 20:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2633
content-length: 6466
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "c3458f54191a20e3b58bec2e25093927-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 609459093.json Show response
www.koho.ca/page-data/sq/d/ 630 B
720 B 53ms
51ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/609459093.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

0feea6934dbc499045d5a4d5b454fe22f7eb77165b5593c3a2c5b5d1ea696917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHY8WGBZR8AMHPDR3ZWP
date: Fri, 14 Oct 2022 19:24:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
server: Netlify
age: 5714
etag: "bda415d4919f2684c0fe67796a5a91b7-ssl"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 630
x-xss-protection: 1; mode=block

GET
H2 200 93387544.json Show response
www.koho.ca/page-data/sq/d/ 663 KB
67 KB 31ms
30ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/sq/d/93387544.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

8644902a02ab16a5fd2f76491ee3cb562c8a83d25b58bd783a3749128ee0fb5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PHY8NEJ0P5NYJW5RAKK5
date: Fri, 14 Oct 2022 20:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 2633
content-length: 68197
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "43dc15f48aa0d0fa393ddf38a70ba5ae-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H3 200 30726b2911926113cc07a1bd2d228ebb9f0ea6c8-2239x2290.png
cdn.sanity.io/images/lo2qjzoq/production/ 15 KB
15 KB 29ms
28ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/30726b2911926113cc07a1bd2d228ebb9f0ea6c8-2239x2290.png?rect=2,0,2237,2290&w=506&h=518&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

5f53bdf3c69a74da560f349ae399740f7b130114dcfa1af69bf0c784dd5a92f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:00:11 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 765eadad5ee439f60711aa7a08c73360
age: 7144
x-varnish-age: 1225
x-b3-parentspanid: 31b142530e3e86a8
vha6-origin: image-varnish-ssd-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15318
last-modified: Fri, 30 Sep 2022 14:39:42 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: cffe40f018d88292
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 66100dbd8b6d164053e086533ab33a825685e914-640x216.png
cdn.sanity.io/images/lo2qjzoq/production/ 3 KB
3 KB 27ms
26ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/66100dbd8b6d164053e086533ab33a825685e914-640x216.png?w=160&h=54&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

96aba7799fa320c7bf5a30a04f27337f2ed0e10c34410bec0eefdd40c728b0e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 14:05:24 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 439ec7cb7ec3f836df678b59989a0560
age: 1320831
x-varnish-age: 2264
x-b3-parentspanid: f06908562dc4ab1b
vha6-origin: image-varnish-ssd-4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2614
last-modified: Tue, 30 Aug 2022 15:36:51 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: ee6f5a9a0d970045
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 2690233651d80535a4ed159c9b978878f4788411-957x1084.png
cdn.sanity.io/images/lo2qjzoq/production/ 19 KB
19 KB 26ms
25ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/2690233651d80535a4ed159c9b978878f4788411-957x1084.png?rect=0,1,957,1083&w=424&h=480&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

f450ae1b6bc9280b67e90050b1ab4994300bf538c11e96cd7a867f325d3fc3eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:00:11 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 8d0bff841d2e5e6f939257affef7ef7c
age: 7144
x-varnish-age: 1225
x-b3-parentspanid: ea27d1619fbc4b7f
vha6-origin: image-varnish-ssd-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19046
last-modified: Fri, 13 May 2022 14:02:53 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 189bedeaf0ff653
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 155d9f7778fa4652cfa6e44accc1f80deb53b0f5-906x945.png
cdn.sanity.io/images/lo2qjzoq/production/ 25 KB
25 KB 22ms
21ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/155d9f7778fa4652cfa6e44accc1f80deb53b0f5-906x945.png?rect=0,1,906,944&w=424&h=442&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

86032966ccd07b8890de5d5529859ced87eed5a1d2b415d677fb7820c8438cdc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:00:11 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 1a0ba4ca33d250999cf866a230fec2a4
age: 7144
x-varnish-age: 1225
x-b3-parentspanid: a6b9bfa5c9bdd8ea
vha6-origin: image-varnish-ssd-4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25126
last-modified: Fri, 13 May 2022 14:02:37 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: f800ff59c2d3e92a
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 b9721e6a433d03efab4342d059ef15467bab4cbf-2000x1821.png
cdn.sanity.io/images/lo2qjzoq/production/ 12 KB
12 KB 40ms
37ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/b9721e6a433d03efab4342d059ef15467bab4cbf-2000x1821.png?w=424&h=386&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

014c10425bdc694a27eeddfa9785ebbfe4121aa49dd6d231d4ec9fce543a48fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 18:45:19 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 3f4e1133492f79d97789f8a455824d29
age: 180836
x-varnish-age: 0
x-b3-parentspanid: e2353a9a173e8142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12322
last-modified: Fri, 13 May 2022 13:58:46 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: ce324b51fe3e474d
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 02a55acfb8f0f4e54d58f5e96b3649b9925d533d-660x54.png
cdn.sanity.io/images/lo2qjzoq/production/ 3 KB
3 KB 40ms
37ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/02a55acfb8f0f4e54d58f5e96b3649b9925d533d-660x54.png?w=320&h=26&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

d71fff72d0294c8d6312843a8a5df4ac9ff9d7ba87506dc80bf90eb9cc1a9d3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 09:32:29 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 8257a5db112151e032b0c9d7f1f5a55e
age: 1423606
x-varnish-age: 0
x-b3-parentspanid: 70ffcc97f475d298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3322
last-modified: Fri, 01 Apr 2022 17:12:22 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 390596fcfc0bb165
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 0b3d3d48217444a5e393033c55f1863be8a383d9-2000x151.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
16 KB 38ms
35ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/0b3d3d48217444a5e393033c55f1863be8a383d9-2000x151.png?w=1140&h=86&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

d7ed0be9eee783947224c87deceaaa0bddc6c4acb97f47c69964464385293965

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 06:59:51 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: c0b31472d1dd95b3ed694e3832465bd3
age: 136764
x-varnish-age: 7585
x-b3-parentspanid: 021162234f509625
vha6-origin: image-varnish-ssd-5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16242
last-modified: Fri, 01 Apr 2022 17:28:54 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: fb920dd2e782f3c6
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 695e857a6a1c3c122f76a7fbfa8fb1c3b3bbf6d6-584x99.png
cdn.sanity.io/images/lo2qjzoq/production/ 4 KB
4 KB 36ms
34ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/695e857a6a1c3c122f76a7fbfa8fb1c3b3bbf6d6-584x99.png?rect=1,0,582,99&w=300&h=51&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

082e2888ad00a274eee4a5597f1521af574c08c7c2ae895b806e589383b4392e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 12:21:44 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 8bf7b7b6cc80691c609041d404c11b73
age: 117451
x-varnish-age: 5003
x-b3-parentspanid: 2d627ff0bb2b0621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4100
last-modified: Fri, 01 Apr 2022 17:29:10 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 6a6389defd176dab
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 23a1af8c0cc07a05de51c782f1e9eac0c6676d36-327x445.png
cdn.sanity.io/images/lo2qjzoq/production/ 9 KB
9 KB 43ms
26ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/23a1af8c0cc07a05de51c782f1e9eac0c6676d36-327x445.png?w=278&h=378&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

1e9a6f0854d2011cc8897b5325cdede357860226cd38a6750ea8f9cc2311730c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 12:35:38 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 67d8d60cacda2073c85f728e1f57d243
age: 116617
x-varnish-age: 0
x-b3-parentspanid: f5f3070ca2df1c2e
vha6-origin: image-varnish-ssd-3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9288
last-modified: Fri, 10 Jun 2022 20:27:01 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: b9b3c3fc036b7e3e
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 38daaf92a1daf1834e80cca5cf12115afcfbd391-281x461.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
16 KB 46ms
25ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/38daaf92a1daf1834e80cca5cf12115afcfbd391-281x461.png?w=278&h=456&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

fece88327e8b655bd3f9a80f32c3cc2159392b4ed91cc5d0ae33baecebb9a13d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Sat, 17 Sep 2022 08:32:49 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: c52bb0ce470bc3497eec84bb48278020
age: 2377586
x-varnish-age: 29351
x-b3-parentspanid: f5f1b0814e877e2c
vha6-origin: image-varnish-ssd-3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16156
last-modified: Fri, 10 Jun 2022 20:26:04 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: eb69b2aa55c0ca26
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 6b267e363247bccb265341b10798e5ddcf599f26-556x506.png
cdn.sanity.io/images/lo2qjzoq/production/ 16 KB
16 KB 49ms
28ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/6b267e363247bccb265341b10798e5ddcf599f26-556x506.png?w=278&h=253&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

9c484539388d61dbc27a710080851e24ef685246d32995ebaa74bdb02cfefa5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 06:59:51 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: b7b62a2efa5c30eae19e5ea26c8ad13d
age: 136764
x-varnish-age: 20146
x-b3-parentspanid: 52023ee6710e0907
vha6-origin: image-varnish-ssd-7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16256
last-modified: Fri, 10 Jun 2022 20:25:48 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: 4f6f40ccb465a9cb
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 a7619f4e7cdd0232ee2126b055f39495aa182003-212x80.png
cdn.sanity.io/images/lo2qjzoq/production/ 1 KB
1 KB 50ms
29ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/a7619f4e7cdd0232ee2126b055f39495aa182003-212x80.png?w=106&h=40&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

0ef104776d0c3fae6a35809c613601f4f177b629888f2a5a3565af143f709311

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 12:46:25 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: 996ac08ac299d79f51534587c2abbfd2
age: 375170
x-varnish-age: 0
x-b3-parentspanid: c560d99b71a72721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
last-modified: Fri, 07 Jan 2022 16:51:40 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: c6860a4410dbd960
x-b3-sampled: 0
accept-ranges: bytes

GET
H3 200 2d404c408931ed92e8bbb84c4765eab2c0bed684-80x80.png
cdn.sanity.io/images/lo2qjzoq/production/ 1 KB
1 KB 49ms
28ms Image
image/webp 35.190.70.79
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/lo2qjzoq/production/2d404c408931ed92e8bbb84c4765eab2c0bed684-80x80.png?w=80&h=80&auto=format

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

79.70.190.35.bc.googleusercontent.com

Software

Resource Hash

3af56cba32c582f9141acca4672e3d0ccd13e121bd77c0fb7b6e7906a696bb51

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'
x-sanity-asset-storage: gcs-default
x-content-type-options: nosniff
date: Thu, 13 Oct 2022 08:46:18 GMT
via: 1.1 google
xkey: project-lo2qjzoq-production
x-b3-traceid: ee055b891a69933d4510da584f9902f4
age: 130377
x-varnish-age: 5140
x-b3-parentspanid: 54776ee25dc4a074
vha6-origin: image-varnish-ssd-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1132
last-modified: Fri, 07 Jan 2022 16:51:52 GMT
vary: origin, accept
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-spanid: cd68a491a0e86bbf
x-b3-sampled: 0
accept-ranges: bytes

GET
H2 200 223-38e684bbb33db392ccbd.js Show response
www.koho.ca/ 3 KB
2 KB 24ms
24ms Script
application/javascript 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/223-38e684bbb33db392ccbd.js

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/webpack-runtime-f91e6a6e7db0c069e3d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

435e9127e8412ceb75ad339ef303410dcfcf95d3e3aa3011a2be08216701e2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PJ67D0S4F8355HSB5WMW
date: Fri, 14 Oct 2022 19:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 5534
content-length: 1457
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "07a166bb239d72d4a12c9f2b6a839aaa-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 1002 B
917 B 90ms
34ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:500

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0248544196a8f48fdaba451672a8e114a1c948ff9656df301707582434e5fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 20:59:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 20:59:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
51 KB 122ms
44ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06d1118d63eccd7bbe4a551c152e815314e81d3c6657d3dbf4b0e00bb302e232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52403
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 18:31:20 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Oct 2022 20:59:16 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 2797 266 B
504 B 109ms
36ms Document
text/html 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-KGDFZD8

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:59:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/ 100 KB
27 KB 397ms
304ms Script
text/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ca73edd5fb77cd4a62448de95818c511f406b518e3b8a57a28c285c58e02343

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: OekKak3oQ_9ZN8WLnawFYb.JoCoNpuLz
content-encoding: br
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
date: Fri, 14 Oct 2022 20:59:17 GMT
x-amz-cf-pop: JFK51-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 14 Oct 2022 17:27:09 GMT
server: AmazonS3
etag: W/"70a74d012ceb9b40c0027deb31af50ad"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: aTGSSrr1_P-jq-KsflmPWi88yHjMSl8vQtCLL_5yQxN6m-pSC8JvXA==

GET
H2 200 122943.ct.js Show response
tag.rmp.rakuten.com/ 36 KB
12 KB 132ms
86ms Script
text/javascript 34.102.147.248
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rmp.rakuten.com/122943.ct.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: a0b8967998aaf92335edfee08051de5434fb97d5d2a4c2b9e2bfb7e716eaa819

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 14 Oct 2022 20:59:16 GMT
x-cache: miss
x-samesite: secure
content-type: text/javascript
cache-control: max-age=86400
x-dyn: 0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 105ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 14 Oct 2022 20:59:16 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC4B6E6777404D2A903ADE1B0E8202B6 Ref B: YTO01EDGE0816 Ref C: 2022-10-14T20:59:16Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 300ms
39ms Script
application/javascript 23.200.1.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.1.44 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-1-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 81c33e2c9550e3b23c65cadd6e1e162850162c2f388f78e788451f61b634f5ed

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: a4ffe23
date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-48-151-44.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=17
content-length: 1196
pragma: no-cache
server: nginx
x-tt-logid: 20221014205916383DCF14ECD5D01D745A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.48.151.44
x-tt-trace-host: 016038ba7083e269e6caaded1f0b4c816b45a03a052dae65be68fb2aa607ca6682b8cd0256aea7dcdfdb103cc6b55c5405cae9702c74fd1dee56a18a3baa011c35ede9ef91478a04f220f0cf739020c442
expires: Fri, 14 Oct 2022 20:59:16 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 81ms
11ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "95212d33cfff78ad59f5af5b20c48c53"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H2 200 scevent.min.js Show response
sc-static.net/ 25 KB
9 KB 112ms
40ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.koho.ca
URL: https://www.koho.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: GKmTq8PchdfOvH0dZz9fvvF5ple84Ov2J97BT1EWH1LLM-SrrIFTeg==

GET
H2 200 hotjar-3039946.js Show response
static.hotjar.com/c/ 4 KB
2 KB 117ms
29ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3039946.js?sv=6

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

1f241c96f83b075ee2e506480c4392d301090e39752d0c5801101647782aa5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 20:59:16 GMT
via: 1.1 7225c7fb64d09bab64bc17e314ef26a2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 13
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/0e36d941a08283b6fa3afb47f4dafbae
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: jv3pd1ypJpscDTSrR1XJPh47WytTCmcOI720KS1lYPMn5T8n1b8jTg==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame C33A
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...

1 KB
2 KB

57ms
48ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=330599697544675900&dcc=t

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

759695fa736708895314fb2adedcfcfe5f610471a2532cf082418c805ae94d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1170
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 14 Oct 2022 20:59:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 2NK8Z54TBB7S7BQR1ETA

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 14 Oct 2022 20:59:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=330599697544675900&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: R7N4K7QNRV9YE1V2XC7C

GET
H2 200 5f05eea3fa48230af9ecce82 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 15ms
14ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f05eea3fa48230af9ecce82

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/2.28.0
accept-language: en-CA,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.23.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Oct 2022 20:59:16 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-yul12823-YUL
x-timer: S1665781156.193160,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 8

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...

43 B
855 B

31ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&dcc=t

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZFFXG0GW53B88QHGS88W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z9AHS82JASHZNHWMK3PM
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 202 5f05eea3fa48230af9ecce82 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 28ms
26ms XHR
application/json 107.23.224.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f05eea3fa48230af9ecce82

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.224.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-224-148.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/2.28.0
accept-language: en-CA,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.23.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjEwNTk4YWYwLTRjMDMtMTFlZC1iMWM4LTgzNDdmMmI5ZmQ0ZCJ9 Show response
app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/ 82 KB
13 KB 38ms
37ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjEwNTk4YWYwLTRjMDMtMTFlZC1iMWM4LTgzNDdmMmI5ZmQ0ZCJ9

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ce09a4b3959cfa036425c44b0ad439477f941b582cdeb98e82e4ae2b83c040a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Wrapper: react-client-sdk/2.28.0
accept-language: en-CA,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.23.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Oct 2022 20:59:16 GMT
age: 0
x-cache: MISS
content-length: 13182
x-served-by: cache-yul12823-YUL
x-timer: S1665781156.193273,VS0,VE26
etag: "8448db"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding, Authorization
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

OPTIONS
H2 200 5f05eea3fa48230af9ecce82
app.launchdarkly.com/sdk/goals/ Frame 0
0 54ms
10ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f05eea3fa48230af9ecce82

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://www.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 14 Oct 2022 20:59:16 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-served-by: cache-yul12823-YUL
x-timer: S1665781156.178190,VS0,VE0

OPTIONS
H2 204 5f05eea3fa48230af9ecce82
events.launchdarkly.com/events/diagnostic/ Frame 0
0 98ms
24ms Preflight 107.23.224.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f05eea3fa48230af9ecce82

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.224.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-224-148.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://www.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjEwNTk4YWYwLTRjMDMtMTFlZC1iMWM4LTgzNDdmMmI5ZmQ0ZCJ9
app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/ Frame 0
0 51ms
11ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f05eea3fa48230af9ecce82/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjEwNTk4YWYwLTRjMDMtMTFlZC1iMWM4LTgzNDdmMmI5ZmQ0ZCJ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://www.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 14 Oct 2022 20:59:16 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 8
x-served-by: cache-yul12823-YUL
x-timer: S1665781156.178204,VS0,VE0

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 72ms
21ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.koho.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 05:12:06 GMT
x-content-type-options: nosniff
age: 143230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 05:12:06 GMT

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjEwNTk4YWYwLTRjMDMtMTFlZC1iMWM4LTgzNDdmMmI5ZmQ0ZCJ9
clientstream.launchdarkly.com/eval/5f05eea3fa48230af9ecce82/ 82 KB
0 94ms
43ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5f05eea3fa48230af9ecce82/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjEwNTk4YWYwLTRjMDMtMTFlZC1iMWM4LTgzNDdmMmI5ZmQ0ZCJ9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame F859 6 KB
7 KB 30ms
29ms Document
text/html 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=330599697544675900&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

0da6c36fdb22deee0feddb82b8be77a5079f39f25186ef7d245fa5b7d3cebb5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Def53c2f3-6899-965d-785a-d67ef58e72bc%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DEF53C2F3-6899-965D-785A-D67EF58E72BC&cb=330599697544675900&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6275
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 14 Oct 2022 20:59:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: Y93FPVAYESQ2B3ZRQTJS

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
515 B 92ms
55ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=18f977ac-724c-4b10-a145-d6c3aa30a9c6

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

53a90be17c8ccbbcac38315e37155c0e0e26820a03058fb231bb48b63c2cf150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.koho.ca
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
165 B 95ms
58ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=18f977ac-724c-4b10-a145-d6c3aa30a9c6&tld=ca

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

48e8b5489088931970427de70d47ce9cfa6fe46cd58e9d5ae8d9c6fa00cdfe9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.koho.ca
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 modules.bcd9ade6b0bb9bdd0789.js Show response
script.hotjar.com/ 254 KB
65 KB 80ms
22ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bcd9ade6b0bb9bdd0789.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3039946.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

e65151d8b191ecdee650118921d3b09ec652545f0c3c1836b0d690a327385da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 12:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 289870
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66262
last-modified: Tue, 11 Oct 2022 12:27:49 GMT
etag: "c874db56accb04836744269ac062cb73"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OknGKxw1HfkH7HYIhTyqzAXb2Q3bBwB5iHtrxc0gD7Qldm4kIgTbOQ==

GET p
consent.linksynergy.com/consent/v3/ 0
0

GET
H2 200 56368685.js Show response
bat.bing.com/p/action/ 3 KB
2 KB 74ms
73ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56368685.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b231e8d536950af425bf9ed649d82cdc2fd6d3da6b8884217be41870126d607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 14 Oct 2022 20:59:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E7F7F2605F1646D2AFFAB9904BB73B12 Ref B: YTO01EDGE0816 Ref C: 2022-10-14T20:59:16Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 1424

GET
H2 204 0
bat.bing.com/action/ 0
176 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56368685&Ver=2&mid=c1d44540-08d1-4117-9d86-b967944563a6&sid=107b39404c0311ed9e2821f9bb8dc334&vid=107b4f304c0311edb74543a9abf95cb4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&kw=Prepaid%20Mastercard,%20Prepaid%20Credit%20Card,%20Cash%20Back,%20Digital%20Bank,%20Digital%20Bank%20Canada,%20Online%20Banking,%20Banking%20App,%20KOHO&p=https%3A%2F%2Fwww.koho.ca%2F&r=&lt=874&evt=pageLoad&sv=1&rn=606090

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 14 Oct 2022 20:59:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C645246173824697945F55AC190283AF Ref B: YTO01EDGE0816 Ref C: 2022-10-14T20:59:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 78ms
33ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1665781156355&id=t2_e4ba8g8u&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=183f2cf2-09e4-4651-8916-dcfe5d94f7b6&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame C495 672 B
852 B 90ms
66ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=4514f12f-fb6c-49fc-8bce-fc3c08d2a580&u_sclid=cddc66f5-99d4-4338-8b49-d993c2755fd3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Fri, 14 Oct 2022 20:59:16 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 10

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=eB6o9KmPRDKWTZt-gSvwPw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DeB6o9KmPRDKWTZt-gSvwPw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eB6o9KmPRDKWTZt-gSvwPw

43 B
479 B

64ms
29ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eB6o9KmPRDKWTZt-gSvwPw

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ASXJJD0J2PZ90MC67JZ6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
AN-X-Request-Uuid: 54f0ce26-f02c-4cfd-b3f6-05345947de2d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eB6o9KmPRDKWTZt-gSvwPw
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=213230604304012414965&ex=neustar.biz

43 B
479 B

38ms
28ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=213230604304012414965&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0R0GEKBA2ZJDV5VXJG4Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:16 GMT
via: 1.1 b4d936db4a90ac6e06d19d66ebba832e.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=213230604304012414965&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 2x2NPadJ9P3w3b659kQm_SNqkgRMypSzG-Ne8qzWD4eXRVndKm4CyA==
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=1yrQ2DFqQA6cQxR4MQa2Eg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=1yrQ2DFqQA6cQxR4MQa2Eg&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y0nNpMtw.cJAHpmtHsuFvQAA

43 B
479 B

34ms
33ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y0nNpMtw.cJAHpmtHsuFvQAA

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8YN4M3N3922CWM3R00HG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y0nNpMtw.cJAHpmtHsuFvQAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=437c19d6dc3a978a9d550881cc276ea3

43 B
479 B

68ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=437c19d6dc3a978a9d550881cc276ea3

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4YAXVBE0GKBDPVEGZPKV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=437c19d6dc3a978a9d550881cc276ea3
Date: Fri, 14 Oct 2022 20:59:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

35ms
34ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FZ3MSXY4PNCB9B2WYWXJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Fri, 14 Oct 2022 20:59:16 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kp87basCRLup_T2cStSaMw
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kp87basCRLup_T2cStSaMw&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kp87basCRLup_T2cStSaMw

43 B
479 B

34ms
33ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kp87basCRLup_T2cStSaMw

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NQN7SY14JG8MFMK2A8PG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kp87basCRLup_T2cStSaMw
date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=b307f18e-c5de-4dfc-911b-4cc219e76128

43 B
479 B

49ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=b307f18e-c5de-4dfc-911b-4cc219e76128

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EYYC2Z237PFKVF646S6E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=b307f18e-c5de-4dfc-911b-4cc219e76128
Date: Fri, 14 Oct 2022 20:59:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=acef63acbcc64123b39d5767b2df9167

43 B
479 B

31ms
29ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=acef63acbcc64123b39d5767b2df9167

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HWQBYEQEYBKRHTPEPBV6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=acef63acbcc64123b39d5767b2df9167
date: Fri, 14 Oct 2022 20:59:16 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-tuiO861E2pHmK44_1SI0WelpxxQdim1u6NLV~A&status=NOT_FOUND&ex=gemini

43 B
479 B

43ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-tuiO861E2pHmK44_1SI0WelpxxQdim1u6NLV~A&status=NOT_FOUND&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9SW1JWC9YKJQEFSW7JNF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0103.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?id=y-tuiO861E2pHmK44_1SI0WelpxxQdim1u6NLV~A&status=NOT_FOUND&ex=gemini
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=cabb9519-3b6c-4339-77da-d9363703ab9e

43 B
479 B

62ms
34ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=cabb9519-3b6c-4339-77da-d9363703ab9e

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JG9QQK81N7AVKRGZ1536
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 20:59:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=cabb9519-3b6c-4339-77da-d9363703ab9e
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 75a33ce429e4a1ff-YYZ
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=3053b86159ef2f60dd1a47a17ce3401f&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
479 B

32ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3053b86159ef2f60dd1a47a17ce3401f&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QNJT1BB670NRFA7TJBG9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3053b86159ef2f60dd1a47a17ce3401f&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1665781157026068-257

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

29ms
28ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J1H6215TKDDW2YCBTH80
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 7082f41e4415fb7199f3ca9b16b5849a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=TDM8NKRVVWEMHHWMDGCC:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: TDM8NKRVVWEMHHWMDGCC
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: rycfFIYwGPq9UCGxu5YskEABS5zmuMEympbUPF2WyiBhp7N424Q6eQ==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F859 0
337 B 87ms
24ms Image
text/plain 34.199.90.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=oKSheMpvTLyk1TQ_XKVoJQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.90.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-90-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n008-ash-prod.krxd.net
date: Fri, 14 Oct 2022 20:59:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1665781156
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

match
match.360yield.com/ul_cb/ Frame F859
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com

43 B
198 B

28ms
27ms

Image
image/gif

34.195.71.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Protocol: H2
Server: 34.195.71.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-71-40.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Oct 2022 20:59:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
date: Fri, 14 Oct 2022 20:59:16 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame F859 0
263 B 122ms
26ms Image
text/plain 3.232.47.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.47.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-47-238.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame F859 0
94 B 87ms
41ms Image
text/plain 35.190.126.92
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=VOXdMCpfRr6rDjsJRMhmaw&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.126.92 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.126.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10234c71ef45ebd60

43 B
479 B

30ms
29ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10234c71ef45ebd60

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DDP17TQP71B1FH0T0JE8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10234c71ef45ebd60
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Y9UDYEEyTAGOkoPEG2PYZw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y9UDYEEyTAGOkoPEG2PYZw

43 B
479 B

30ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y9UDYEEyTAGOkoPEG2PYZw

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8BMGZD13HEHMRND57FZX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Y9UDYEEyTAGOkoPEG2PYZw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame F859 43 B
646 B 343ms
20ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=XP3cI5wuSju5JOkg4IS77w
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1665781157021088-287

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=jq5gSTaPQBeTG5fGJP3YDA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=jq5gSTaPQBeTG5fGJP3YDA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=78842219956032804033537639651165603233

43 B
479 B

33ms
32ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=78842219956032804033537639651165603233

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X219Q1YAEDBKC31W3ZJR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-va6-2-v043-0f1e70222.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 2+b4x4quQG0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=78842219956032804033537639651165603233
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=qlBqp3cER8SSePCPGv23qQ
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829189854625425&gdpr=&gdpr_consent=

43 B
479 B

32ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829189854625425&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BH4W45T4BQGN0QJ4JR3P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:16 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829189854625425&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

43 B
479 B

33ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FAWT5BNJC6DKTJQ7W03S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 14 Oct 2022 20:59:16 GMT
Server: nginx/1.19.2
X-Powered-By: Express
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Content-Type: image/gif; charset=utf-8
Location: https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=
Referer: px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2535973557128297510

43 B
479 B

32ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2535973557128297510

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PNMSJKZCVPP89JPJXNTE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2535973557128297510
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=10dec076-4c03-11ed-a645-1c8a12470303
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=10dec01a-4c03-11ed-a645-1c8a12470303

43 B
479 B

43ms
32ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=10dec01a-4c03-11ed-a645-1c8a12470303

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J522BS9PK78QG29CE2QR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 14 Oct 2022 20:59:17 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=10dec01a-4c03-11ed-a645-1c8a12470303
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 222
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22a6307655-77a5-4f7a-b211-2bb5f88955fe%22,%22Time%22:%2220221014T205916.999602%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a6307655-77a5-4f7a-b211-2bb5f88955fe

43 B
479 B

30ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a6307655-77a5-4f7a-b211-2bb5f88955fe

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NBQRPKWDM499EGS1XXSP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=a6307655-77a5-4f7a-b211-2bb5f88955fe
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc=
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEKw_EcE3_CCaG7axMUcVFwU&google_cver=1

43 B
479 B

30ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEKw_EcE3_CCaG7axMUcVFwU&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D70TPFPNYPSRR33WKN0Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEKw_EcE3_CCaG7axMUcVFwU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame F859 20 B
20 B 89ms
25ms Image
text/plain 23.21.59.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.59.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-59-154.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: usermatch-a006-ash-prod.krxd.net
date: Fri, 14 Oct 2022 20:59:16 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=528b4ccef505f25cf45af00707c9d7b7

43 B
479 B

30ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=528b4ccef505f25cf45af00707c9d7b7

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FXTTG5SRDF9D6JCSH0QW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=528b4ccef505f25cf45af00707c9d7b7
date: Fri, 14 Oct 2022 20:59:17 GMT
via: 1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
content-length: 0
x-amz-cf-id: NJhoJBMclozYDTdqgDe4TdExzWEitClVfrBG7_g2y5n106ER71eoDg==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=5f463e5c-a66d-c91a-370a-696dc00d4f12

43 B
479 B

33ms
32ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=5f463e5c-a66d-c91a-370a-696dc00d4f12

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QRWPVRKVH9KS3Q0NZVSX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 20:59:17 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=5f463e5c-a66d-c91a-370a-696dc00d4f12
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=Khv6lJtEs7owTNqZZ67riDc4c5c4ZgIC

43 B
479 B

32ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=Khv6lJtEs7owTNqZZ67riDc4c5c4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Q29DGR7FG3CA3RC4PJNA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5qaFgHqvKMe4Qj%2Bmb86I1JVVICna6J4th66JLKBE7pRIj9avgh%2Fa7TjKjhqiM5L%2BUsBkpKPXaTcafZbxhdcM8xv60sIArTdgzJxPQ%2FbGrCNd7iWHFOBVQp3zOpcsaqx4I9024ZLfoQzEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=Khv6lJtEs7owTNqZZ67riDc4c5c4ZgIC
cache-control: no-cache
cf-ray: 75a33ce73c4453e9-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame F859
Redirect Chain

https://eb2.3lift.com/xuid?mid=8341&xuid=VG5rICh_QGumkDSxqVjCaQ&dongle=az46
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=VG5rICh_QGumkDSxqVjCaQ&dongle=az46&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

26ms
26ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=VG5rICh_QGumkDSxqVjCaQ&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=oKSheMpvTLyk1TQ_XKVoJQ&dmt=3&ex-pl-n-g-hmt=-Cs4vu7UTkmcL_su8mpS-A&ep=mfS4I4Lxm4iN8M-0MyueFfKWvv8KYhYlUSlJM-BUHK6nxPqdoERhL0RvOyr4VhYCiBYktGZx5eBXOIhyQRqjIfb0a_XB9AWfBrO-HvOIUaZue3gWL8_ZMdBBYKprsePQ-QqBfC7bDIx653h1BZWMQjZFfy9E9J5b1ZzAb1edYtWIk0JGh1DdgGDXidwAqOrfpo7Am5hEG2XDbvBYJAp1Q3aeQlcnMhPJBWOFPVHyetP9sexsYyYmaP7Ou_7UsDcfqU_m-5Vf055CbX9gxQz_ZMIZ3Gi9CFRLorY1Agc4eBwKxJFxPlPw78ATbuNTPaMWzmNCXyP3cI1gngmJkG8mw2V_iFhEePWgrVqZPDalYfHDw6vhY_ejWNGmOP4AgWP1xkptVrSmh2KJMaULj6mmYIpXON00eEEAZusA4Wfd_ACUw9knO5BaH_t01OaE9YmkNc0y0ULlZpIQxJvFWhxAX6D-uAe0N5ggByFjlil0jD_8NV3fVVyBQe344vMjV-qlSHWzO8ggjt5Jh-cS6N0reJo6FuBqTVhpUWqrCA0Iz8g
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 14 Oct 2022 20:59:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=8341&xuid=VG5rICh_QGumkDSxqVjCaQ&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 14 Oct 2022 20:59:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=11208201A28E8C93

43 B
479 B

31ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=11208201A28E8C93

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H20TF5ZGE98D5N0NVVSK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Frontend-ID: 1
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=11208201A28E8C93
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=4921778707525838525&ex=appnexus.com

43 B
479 B

32ms
32ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=4921778707525838525&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RV00QYSJT04X7GTH5EF2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
AN-X-Request-Uuid: 6c72c73d-97a9-4045-8d05-5920ca4b2c5b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://s.amazon-adsystem.com/ecm3?id=4921778707525838525&ex=appnexus.com
Connection: keep-alive
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=VdWxfEb4Tqe2IG3fctlg_Q&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=VdWxfEb4Tqe2IG3fctlg_Q

43 B
479 B

29ms
29ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=VdWxfEb4Tqe2IG3fctlg_Q

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W0AG92FFFBW490MGJEDF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=VdWxfEb4Tqe2IG3fctlg_Q
date: Fri, 14 Oct 2022 20:59:17 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=wu85R940YsCg4lBKJ9VOwsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

31ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=wu85R940YsCg4lBKJ9VOwsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 16GSN14PM04QMJV7Q8N5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=wu85R940YsCg4lBKJ9VOwsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=-Cs4vu7UTkmcL_su8mpS-A&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

29ms
28ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T61H51S3G9ECRNMG1W17
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=8888&j=0
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=132da92736a76fffe9b245de24d68f9b

43 B
479 B

30ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=132da92736a76fffe9b245de24d68f9b

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2EVRQWN2KDKE23F3GPQP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 14 Oct 2022 20:59:17 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=132da92736a76fffe9b245de24d68f9b
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED68A5CD4963D91A1CBF024FB812

43 B
479 B

31ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED68A5CD4963D91A1CBF024FB812

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0ZHYFVKERAQ2RTQAPQQ5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 14 Oct 2022 20:59:17 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED68A5CD4963D91A1CBF024FB812
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Fri, 14 Oct 2022 20:59:16 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=34e77068c4f40369c37f996ce96203a4b95ed30221048a7ab1e91e1dd0efed8b

43 B
479 B

32ms
31ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=34e77068c4f40369c37f996ce96203a4b95ed30221048a7ab1e91e1dd0efed8b

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1NJK2J1AJFE1T4WB0SWQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=34e77068c4f40369c37f996ce96203a4b95ed30221048a7ab1e91e1dd0efed8b
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=F044BFCB-7DFC-4C02-BD1F-17C74E35BECA

43 B
479 B

31ms
30ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=F044BFCB-7DFC-4C02-BD1F-17C74E35BECA

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8WKM2156BHFZM0FDPE39
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=F044BFCB-7DFC-4C02-BD1F-17C74E35BECA
date: Fri, 14 Oct 2022 20:59:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F859
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7ab79ff7-06fc-4479-b023-fc230c2fd4f7-tucta435325

43 B
479 B

32ms
32ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7ab79ff7-06fc-4479-b023-fc230c2fd4f7-tucta435325

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Oct 2022 20:59:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N6KZ0MHK5X1SMGFZ8A9Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7ab79ff7-06fc-4479-b023-fc230c2fd4f7-tucta435325
date: Fri, 14 Oct 2022 20:59:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18172

POST
H3 200 p
tr.snapchat.com/ 68 B
90 B 78ms
63ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryUuZg2x3Akufpyd91

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.koho.ca
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 04E0 2 KB
1 KB 97ms
20ms Document
text/html 108.138.128.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3039946.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-128-58.jfk50.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 905468
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:28:08 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 c7947fe0c635bc68b2cbc2a30738872c.cloudfront.net (CloudFront)
x-amz-cf-id: eyAxR0EERgOnKywchVjvCJJSZcxvCBaQX0X-GHT_2YKFmXgqB2X8Zg==
x-amz-cf-pop: JFK50-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 main.Mi4wLjAuNTZfMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
95 KB 21ms
20ms Script
application/javascript 23.200.1.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.1.44 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-1-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: a4ffe5d
date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202210111333585FE6B749C4A5BE2FB1C7
vary: Accept-Encoding
x-cache: TCP_HIT from a23-48-151-44.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ba78786b4196111b5e636cfd36359edfc4190a77409611ec12d77b8297dfb74b4836c3d65104ab3e168ead2c7f155df1270d22e53a1714d4af9e99fa0e369d153d41f62c772c97533a5ad531790570ac
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 96589

GET 56368685
www.clarity.ms/tag/uet/ 0
0

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/ 4 KB
2 KB 59ms
19ms XHR
application/json 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51af55d2ec05e16b796cc035914305dd36b38625bdf63d5818fedcd91b8b8e28

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: x9yjTYg2f69IlfhgIVZnX02mSR4gc9hG
content-encoding: gzip
via: 1.1 4cb1c715abfea3c2d99c87070fbe2f26.cloudfront.net (CloudFront)
date: Fri, 14 Oct 2022 18:09:51 GMT
x-amz-cf-pop: JFK51-C1
age: 10289
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 18 May 2022 20:11:35 GMT
server: AmazonS3
etag: W/"29bec499507d54a99a552b85fafc9917"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: LkL_BcjJeKzLMNy866-tOQxJaTlhYtdo1NrV0mheBX25mF3C3DUAxw==

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame C495 25 KB
9 KB 32ms
20ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=4514f12f-fb6c-49fc-8bce-fc3c08d2a580&u_sclid=cddc66f5-99d4-4338-8b49-d993c2755fd3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:32:23 GMT
content-encoding: gzip
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 12413
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: DntYYh3-ubDWahNHm_w6cA4SiBSjm5ooxhcbZl5k9kfiO6NmONeltQ==

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 68ms
67ms Ping
application/octet-stream 23.200.1.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.1.44 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-1-44.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 25f0fd90.a4ffe96
date: Fri, 14 Oct 2022 20:59:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-48-151-44.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
x-parent-response-time: 43,23.48.151.44
server-timing: cdn-cache; desc=MISS, edge; dur=16, origin; dur=31, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221014205916399EAE7160F2331E1DF0
x-cache-remote: TCP_MISS from a23-220-104-77.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.220.104.77
x-tt-trace-host: 016038ba7083e269e6caaded1f0b4c816b5b23746bd812e8dc4fe9519f7116f147405d7f94c927378daef9d4dca0f0a82ce9fc26509f287f91e48dae2ea436665826c9a5718b99048234070199f4e43a24dc06f0a24fae84c9d237561f4250a7d2
expires: Fri, 14 Oct 2022 20:59:16 GMT

GET
H2 200 ajs-destination.bundle.69f445038fee7a77bb89.js Show response
cdn.segment.com/analytics-next/bundles/ 8 KB
3 KB 21ms
20ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.69f445038fee7a77bb89.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:52:38 GMT
x-amz-version-id: R9iis8zxPUzbYG2v9lARGoizVOYozofb
content-encoding: br
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 93999
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 13 Oct 2022 18:09:00 GMT
server: AmazonS3
etag: W/"a92b4438941110932485ba4d769e9fcf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: AiEJ4OzGYbJv1TXibKHjb-5VXspEMkaMEcyX4YuN8Q3XUGJKLNyRmg==

GET
H2 204 3039946 Show response
vc.hotjar.io/sessions/ 0
258 B 155ms
85ms XHR
text/plain 18.164.96.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3039946?s=0.25&r=0.2176809441033618
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bcd9ade6b0bb9bdd0789.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-54.jfk50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
via: 1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: mGJkrE4kVkDb-GMzipnYrnUVRnTq5YMRpJ6v6iHl07IieBZJ07oDzQ==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 19ms
18ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 10:29:44 GMT
x-amz-version-id: .2F30zWCOyrC1vrGDesyD3Q_04LRDBZp
content-encoding: br
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3407373
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 03 Sep 2022 04:34:27 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: sCCfkW5LPOMJx1yiYjmtg_ir6yk1Y24IPgRvzXIqLa-pzypGEORIBw==

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 2FFF
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1665781156677&u_scsid=7fb0ffc6-cd1a-481c-a2fa-42b6a7e3a5b5&u_sclid=795a3563-0bfa-420f-aeb9-0527cc4e674a
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665531000096%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665531000096%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1665531000096&pnid=140&pcid=dfcff16c-4f9c-4669-9a59-0a3624974b72

0
18 B

69ms
69ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1665531000096&pnid=140&pcid=dfcff16c-4f9c-4669-9a59-0a3624974b72

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Fri, 14 Oct 2022 20:59:16 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 14 Oct 2022 20:59:16 GMT
location: https://tr.snapchat.com/cm/p?rand=1665531000096&pnid=140&pcid=dfcff16c-4f9c-4669-9a59-0a3624974b72
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 24ms
18ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:30:17 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-version-id: i7V8adpJC0v_FV6MGqES_PT759Yi.CDp
x-amz-cf-pop: JFK51-C1
age: 1380539
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Mon, 19 Sep 2022 21:38:20 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: hCyKxlHt_xpvB8TsSgBUocuXWp_8KN0p6kEyjzjO5oyAnWW0ro1ujA==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/ 10 KB
4 KB 24ms
19ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.4/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 782a8288e0ccc0edfc1a2d83961a8d6ee5a908246c25aa01c5eae7a681584495

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 14:38:53 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-version-id: 0cPL06fABp2vPTb8R0TlBWvf9RLK9Dmo
x-amz-cf-pop: JFK51-C1
age: 1318824
x-cache: Hit from cloudfront
content-length: 3269
last-modified: Mon, 19 Sep 2022 21:38:20 GMT
server: AmazonS3
etag: "a6a51bf375940b6b8b8dc17bad7c100d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: YbScF-MfimEGEf4Ok65OUR9AqQ42xSPyNgdAdCtT8VyD9GQpKbdzsg==

GET
H2 200 amplitude.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/ 9 KB
4 KB 26ms
20ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 12:49:46 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-version-id: gJlYJ9dgH2NvmWazB0ilSMUAxCclDsWw
x-amz-cf-pop: JFK51-C1
age: 1238971
x-cache: Hit from cloudfront
content-length: 3181
last-modified: Mon, 19 Sep 2022 21:38:19 GMT
server: AmazonS3
etag: "949376aa55c1e7a26572d64a97dbe296"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: bz0liZkDAnvWy736n3qxoen2L3ERSYwcWn9SnMKlR9R5zfm996LNpA==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/ 4 KB
2 KB 26ms
22ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/google-adwords-new.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb3b64d44021d764fb620e90c54d8190e488a830fb02b38775463650dd282cb7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 10:01:07 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-version-id: DhnVJeCSYtBSBZzW.QXJxjhST6dNXS.l
x-amz-cf-pop: JFK51-C1
age: 1767490
x-cache: Hit from cloudfront
content-length: 1636
last-modified: Mon, 19 Sep 2022 21:38:20 GMT
server: AmazonS3
etag: "620564b85ad2c80b8d7935669871043c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: E85PcCquJS2eUebTThWShMOwURaL61p901s7S1g9k1H6RBNX_lAq3A==

GET
H2 200 twitter-ads.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/ 5 KB
2 KB 27ms
23ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b463c4dd20b3cbc19ec6283dd35a50a10d926c6efe5e0b054fdc5e3b959b6f19

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:54:07 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-version-id: TdQWdPtD85M71EWyqfo1KOrYVRR5fwK_
x-amz-cf-pop: JFK51-C1
age: 1811109
x-cache: Hit from cloudfront
content-length: 1969
last-modified: Mon, 19 Sep 2022 21:38:21 GMT
server: AmazonS3
etag: "c8cbba72a05e723659d348e2dd175bb0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: WJBNNaxHkEj5eSSm05p3ybWvoRh6of7OUVsG1iBxDXqwKCGmmsloWg==

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 28ms
24ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:54:08 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-version-id: r2nyTxWTpEuqi72HdPhvMC3J5yBNohDD
x-amz-cf-pop: JFK51-C1
age: 1811109
x-cache: Hit from cloudfront
content-length: 1061
last-modified: Mon, 19 Sep 2022 21:38:20 GMT
server: AmazonS3
etag: "9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: z5ME3tqpYdeOU1ps9eMlNc_ZpDNFsv5pbdXymmSBLtHByjdbh3-4VA==

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 21ms
21ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 02:10:32 GMT
content-encoding: gzip
via: 1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-version-id: Z.cz1sApkVz0CAwS1aXBsP5bZXvNz24o
x-amz-cf-pop: JFK51-C1
age: 1709325
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 19 Sep 2022 21:38:18 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: uJco1bHvj6t3ol_hKKi6w6Yrte76fihtvvAR2EO60gCx8g3-FMwEUg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 95ms
23ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 14:35:09 GMT
etag: "d4de8398858246712016031c834bb061+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kiad7000130-IAD

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 88ms
23ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=64463
accept-ranges: bytes
content-length: 3063

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
62 KB 91ms
48ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-902961551

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c13d974f211b6f918a4f3f515f58aaba26d5b92956a5dc36e0e070b40c37909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63523
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 18:31:20 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Oct 2022 20:59:16 GMT

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 77ms
21ms Script
application/javascript 18.164.115.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.115.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-115-222.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 11:41:29 GMT
content-encoding: gzip
via: 1.1 0252b483f7b420504a413a83f987b080.cloudfront.net (CloudFront)
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
x-amz-cf-pop: JFK50-P6
age: 3057468
x-cache: Hit from cloudfront
content-length: 17889
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OkKjua5McniUDT2bXRRQr-gDzB0RiUulWxDxJjhT6Nl66MZleOY-Rw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 86ms
22ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Oct 2022 20:59:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26852
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: B1oXIppQcbAOaUeiciLlobqYtZFVsNqJkaSulAlkU1bv8wpiKtOYbka7Tobg0ebbonzYPDgi5iiiUO3FqGNKuQ==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
19ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 20:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1458
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 14 Oct 2022 22:34:58 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 268ms
86ms Fetch
application/json 54.213.236.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/dX8H5eIUi0aUI3uVmUMjLy0pP8ANim5E/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.213.236.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-213-236-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.koho.ca
date: Fri, 14 Oct 2022 20:59:17 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 258ms
87ms XHR
text/html 44.239.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.41.64 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-41-64.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 14 Oct 2022 20:59:17 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-6349cda5-41a24f2e32330e43000baacb
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 74ms
32ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1321581697&t=pageview&_s=1&dl=https%3A%2F%2Fwww.koho.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgCIAB~&jid=1645082833&gjid=21811803&cid=1152368584.1665781157&tid=UA-41908934-3&_gid=1250479397.1665781157&_r=1&_slc=1&z=13134799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.koho.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

li_sync
www.linkedin.com/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1665781157010&url=https%3A%2F%2Fwww.koho.ca%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1665781157010&url=https%3A%2F%2Fwww.koho.ca%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1665781157010%26url%3Dhttps%253A%252F%252Fwww.koho.ca%252F%26coo...

0
0

GET
H2 200 adsct
t.co/i/ 43 B
376 B 131ms
40ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=92e7e708-05fe-4ef1-ad23-1575e4428f91&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=62ac8fec-e370-444e-84ed-688f231a380f&tw_document_href=https%3A%2F%2Fwww.koho.ca%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvggn&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: d5bbe0ef82d22f6c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 39643ad90a86fdaf7fb737b944e85cc987563cf0e781256d82d4596d23354fc0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 156ms
45ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=92e7e708-05fe-4ef1-ad23-1575e4428f91&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=62ac8fec-e370-444e-84ed-688f231a380f&tw_document_href=https%3A%2F%2Fwww.koho.ca%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvggn&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 6
date: Fri, 14 Oct 2022 20:59:16 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 281689fe20e08b8b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 476f17234b0fcdf63698d2d4119fd904bffc1a0b74ceaca210e34ec431113a0e
content-length: 43

GET
H3 200 599633800219052 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 43ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/599633800219052?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a9e7b40607770f5a56e4eae6fb4b433a9c08aaecd4750a15eba83245ec6be7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 20:59:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85895
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Rbg3IxtZ4hEN3va/MzpxIGUiQLMKZ7fp6BK6NVBGkxueEYdiUBuI+OBMcfAtmV2lH6CcXpsMG9RiTiTwmOL7pQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 112ms
51ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

195f3c8ce18239cd241304be4a02c70892564caf8a139f6035b853fe212bab3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 20:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15196
x-xss-protection: 0
server: cafe
etag: 7222976147654879957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 20:59:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 99ms
33ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41908934-3&cid=1152368584.1665781157&jid=1645082833&gjid=21811803&_gid=1250479397.1665781157&_u=aEBAAEAAAAAAACgCIAB~&z=1052161723

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Oct 2022 20:59:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.koho.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 74ms
19ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=599633800219052&ev=PageView&dl=https%3A%2F%2Fwww.koho.ca%2F&rl=&if=false&ts=1665781157139&sw=1600&sh=1200&v=2.9.84&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1665781157138.1711958954&it=1665781157033&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Oct 2022 20:59:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 90ms
39ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-41908934-3&cid=1152368584.1665781157&jid=1645082833&_u=aEBAAEAAAAAAACgCIAB~&z=1621050558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 98ms
46ms Image
image/gif 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-41908934-3&cid=1152368584.1665781157&jid=1645082833&_u=aEBAAEAAAAAAACgCIAB~&z=1621050558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/ 2 KB
2 KB 158ms
110ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1665781157182&cv=9&fst=1665781157182&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=494191039.1665781157&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966b65d9c7ab985d55f30d0044de81e6d31958e83d979278c929f71445b574a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/902961551/ 42 B
64 B 85ms
41ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/902961551/?random=1665781157182&cv=9&fst=1665777600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&async=1&fmt=3&is_vtc=1&random=421869966&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/902961551/ 42 B
64 B 82ms
42ms Image
image/gif 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/902961551/?random=1665781157182&cv=9&fst=1665777600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&async=1&fmt=3&is_vtc=1&random=421869966&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/ 2 KB
1 KB 123ms
80ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1665781157659&cv=9&fst=1665781157659&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&auid=494191039.1665781157&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c606452306a8051621fc7c34e643e75f5d704c6b9965047208f3473475421ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0380 0
18 B 43ms
19ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:59:17 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 /
www.google.com/pagead/1p-user-list/902961551/ 42 B
64 B 41ms
40ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/902961551/?random=1665781157659&cv=9&fst=1665777600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&async=1&fmt=3&is_vtc=1&random=1231581959&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/902961551/ 42 B
64 B 39ms
38ms Image
image/gif 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/902961551/?random=1665781157659&cv=9&fst=1665777600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fwww.koho.ca%2F&tiba=KOHO%3A%20Reloadable%20Prepaid%20Mastercard%20%7C%20No%20Fees%20%26%20Instant%20Cash%20Back%20on%20Everything&async=1&fmt=3&is_vtc=1&random=1231581959&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 20:59:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 5f05eea3fa48230af9ecce82 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 73ms
72ms XHR
application/json 107.23.224.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f05eea3fa48230af9ecce82

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.224.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-224-148.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 118ab7f0-4c03-11ed-b1c8-8347f2b9fd4d
X-LaunchDarkly-Event-Schema: 3
accept-language: en-CA,en;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.23.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json
Referer
X-LaunchDarkly-Wrapper: react-client-sdk/2.28.0

Response headers

date: Fri, 14 Oct 2022 20:59:18 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5f05eea3fa48230af9ecce82
events.launchdarkly.com/events/bulk/ Frame 0
0 25ms
24ms Preflight 107.23.224.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f05eea3fa48230af9ecce82

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.224.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-224-148.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://www.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 14 Oct 2022 20:59:18 GMT
strict-transport-security: max-age=31536000

GET
H2 200 page-data.json
www.koho.ca/page-data/fr/ 0
3 KB 25ms
25ms Other
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/fr/page-data.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.koho.ca/
Origin: https://www.koho.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PN9MH0DX0KKX7RK446NH
date: Fri, 14 Oct 2022 19:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 4775
content-length: 3067
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "0985ee11a2ad31a6fe45a1398562041b-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 page-data.json Show response
www.koho.ca/page-data/fr/ 19 KB
3 KB 24ms
24ms XHR
application/json 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/page-data/fr/page-data.json

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

321dda5896445a14441d829322d15718919bb2ad499fdadc8bda53b418b9dfa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PNAKV5A8WB7832NZRAJR
date: Fri, 14 Oct 2022 19:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 4775
content-length: 3067
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "0985ee11a2ad31a6fe45a1398562041b-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 component---src-templates-pages-home-tsx-6c2deab0fee477a57637.js
www.koho.ca/ 0
1 KB 33ms
25ms Other
application/javascript 2600:1f18:2489:8202:3e66:ff9e:de27:befe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.koho.ca/component---src-templates-pages-home-tsx-6c2deab0fee477a57637.js

Requested by

Host: www.koho.ca
URL: https://www.koho.ca/app-d298ac539b8b79daa3c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1f18:2489:8202:3e66:ff9e:de27:befe Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Netlify /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.koho.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nf-request-id: 01GFC4PNBX9EX0GX2TV0KHGN4V
date: Fri, 14 Oct 2022 19:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
age: 5761
content-length: 1085
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
etag: "cb4e41d5c4086f2bdf0013e73e5e154f-ssl-df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: consent.linksynergy.com
URL: https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.koho.ca&sought=false&tp=gdpr&attr_sid=122943&purposes=&vendors=&ext_id=637a549e-792c-4a5c-a3a2-20336d0a0bf7

Domain: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56368685

Domain: www.linkedin.com
URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1665781157010%26url%3Dhttps%253A%252F%252Fwww.koho.ca%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:44:27	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.bing.com/	1970-01-20 16:04:37	Name: MUID Value: 2E13015C8F5A68D206E513618E706988
.bat.bing.com/	1970-01-20 06:53:05	Name: MR Value: 0
.amazon-adsystem.com/	1970-01-20 12:57:25	Name: ad-id Value: A6bcCsY5rUtJsbs5x31eF2o
.amazon-adsystem.com/	1970-01-20 16:19:01	Name: ad-privacy Value: 0
.koho.ca/	1970-01-20 06:44:27	Name: _uetsid Value: 107b39404c0311ed9e2821f9bb8dc334
.koho.ca/	1970-01-20 16:04:37	Name: _uetvid Value: 107b4f304c0311edb74543a9abf95cb4
.koho.ca/	1970-01-20 08:52:37	Name: _rdt_uuid Value: 1665781156353.183f2cf2-09e4-4651-8916-dcfe5d94f7b6
.koho.ca/	1970-01-20 16:12:47	Name: _scid Value: e093a96d-e625-4fc0-be24-77d0bc04efd4
.adnxs.com/	1970-01-20 08:52:37	Name: uuid2 Value: 4921778707525838525
.agkn.com/	1970-01-20 15:28:37	Name: ab Value: 0001%3AVFd4cgUDhlcfgday5RkRc9xX45bPmAun
.casalemedia.com/	1970-01-20 15:28:37	Name: CMID Value: Y0nNpMtw.cJAHpmtHsuFvQAA
.casalemedia.com/	1970-01-20 08:52:37	Name: CMPS Value: 1008
.casalemedia.com/	1970-01-20 08:52:37	Name: CMPRO Value: 1008
.tremorhub.com/	1970-01-20 15:28:58	Name: tvid Value: 98f521f544cd4e3699c86fe63eb9c996
.tremorhub.com/	1970-01-20 16:19:01	Name: tv_UIAM Value: acef63acbcc64123b39d5767b2df9167
.yahoo.com/	1970-01-20 15:28:58	Name: A3 Value: d=AQABBKTNSWMCEKWBd6tGwhZnwFdYKp2VXJoFEgEBAQEfS2NTYwAAAAAA_eMAAA&S=AQAAAgHFczn5CgLHLEB-m2w4qX0
.bidswitch.net/	1970-01-20 15:28:37	Name: tuuid Value: 0e34dcfa-a47c-4f34-86bc-d547d70af91b
.bidswitch.net/	1970-01-20 15:28:37	Name: c Value: 1665781156
.bidswitch.net/	1970-01-20 15:28:37	Name: tuuid_lu Value: 1665781156
.myvisualiq.net/	1970-01-20 16:19:01	Name: tuuid Value: b307f18e-c5de-4dfc-911b-4cc219e76128
.myvisualiq.net/	1970-01-20 16:19:01	Name: c Value: 1665781156
.myvisualiq.net/	1970-01-20 16:19:01	Name: tuuid_lu Value: 1665781156
.analytics.yahoo.com/	1970-01-20 15:28:37	Name: IDSYNC Value: 195g~27pw
.adnxs.com/	1970-01-20 08:52:37	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2E>2lYWrz!]tbPl1M]o$IyEVU[Y<SAmcdZHIx?EKFh^]Q2M[^Af@=GcqrFtF@g$c#BI7y)N[UD!!*tR)a[Rj
.koho.ca/	1970-01-20 16:04:37	Name: _tt_enable_cookie Value: 1
.koho.ca/	1970-01-20 16:04:37	Name: _ttp Value: eb7d852c-2145-4959-bca0-e5b18af4d267
.zeotap.com/	1970-01-20 15:28:37	Name: zc Value: cabb9519-3b6c-4339-77da-d9363703ab9e
.koho.ca/	1970-01-20 15:28:37	Name: _hjSessionUser_3039946 Value: eyJpZCI6ImIwMGM2Njc3LTFmNTktNWU5MC05ZDI0LWU5ZDA5MGVmMGUyOCIsImNyZWF0ZWQiOjE2NjU3ODExNTY0ODcsImV4aXN0aW5nIjpmYWxzZX0=
.koho.ca/	1970-01-20 06:43:02	Name: _hjFirstSeen Value: 1
www.koho.ca/	1970-01-20 06:43:01	Name: _hjIncludedInSessionSample Value: 0
.koho.ca/	1970-01-20 06:43:02	Name: _hjSession_3039946 Value: eyJpZCI6ImNhNTRlMjdiLTZmYzctNDdlMi1hZDkxLWIwOWZkYmUwZGNkMiIsImNyZWF0ZWQiOjE2NjU3ODExNTY2NjIsImluU2FtcGxlIjpmYWxzZX0=
.koho.ca/	1970-01-20 06:43:02	Name: _hjAbsoluteSessionInProgress Value: 1
.krxd.net/	1970-01-20 11:02:13	Name: _kuid_ Value: PI1s7x6e
.snapchat.com/	1970-01-20 16:04:37	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQQALb6TZtSafI8M0z97q+Bwk+lrPbMos2Jt89V0DCJ61IvwIoKqKwjvoP0YcCqEAAAAA=
.360yield.com/	1970-01-20 08:52:37	Name: tuuid Value: 40dca910-10db-4101-a594-f13bdb9e1566
.360yield.com/	1970-01-20 08:52:37	Name: tuuid_lu Value: 1665781156
ads.samba.tv/	1970-01-20 16:13:15	Name: sambapxid Value: 10234c71ef45ebd60
.mookie1.com/	1970-01-20 16:11:49	Name: id Value: 10596829189854625425
.mookie1.com/	1970-01-20 16:11:49	Name: mdata Value: 1\|10596829189854625425\|1665781156795
.mookie1.com/	1970-01-20 16:11:49	Name: ov Value: 1f3130c4be0b19a1801fbc100b1d7bc2
.koho.ca/	1970-01-20 15:28:37	Name: ajs_anonymous_id Value: a03d0d3b-c28a-4edf-a308-d95b2c26928d
.tapad.com/	1970-01-20 08:09:25	Name: TapAd_TS Value: 1665781156820
.tapad.com/	1970-01-20 08:09:25	Name: TapAd_DID Value: dfcff16c-4f9c-4669-9a59-0a3624974b72
.surveywall-api.survata.com/	1970-01-20 11:05:05	Name: svResp Value: 3b419ce8-9f0f-1013-6e4d-5033c2bae9db
.demdex.net/	1970-01-20 11:02:13	Name: demdex Value: 78842219956032804033537639651165603233
.adform.net/	1970-01-20 07:27:39	Name: C Value: 1
.adform.net/	1970-01-20 08:09:25	Name: uid Value: 2535973557128297510
.dpm.demdex.net/	1970-01-20 11:02:13	Name: dpm Value: 78842219956032804033537639651165603233
.tapad.com/	1970-01-20 08:09:25	Name: TapAd_3WAY_SYNCS Value:
.koho.ca/	1969-12-31 23:59:59	Name: amplitude_idundefinedkoho.ca Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.koho.ca/	1970-01-20 16:19:01	Name: amplitude_id_10563d121b16631a278c49bd4b44caaekoho.ca Value: eyJkZXZpY2VJZCI6IjNjMjBjYWQwLTA0YTctNDRhOC05OTYxLWQxMjBiMTRiNTNlMVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY2NTc4MTE1Njk0OCwibGFzdEV2ZW50VGltZSI6MTY2NTc4MTE1Njk1NCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.rubiconproject.com/	1970-01-20 15:28:37	Name: khaos Value: L98Z3AS1-1Z-6JV6
.openx.net/	1970-01-20 15:28:37	Name: i Value: d43c7d78-1340-4d17-add2-2312cc19b70f\|1665781156
.scorecardresearch.com/	1970-01-20 16:19:01	Name: UID Value: 1395f43acb449b3386a44b31665781156
.koho.ca/	1970-01-20 16:19:01	Name: _ga Value: GA1.2.1152368584.1665781157
.koho.ca/	1970-01-20 06:44:27	Name: _gid Value: GA1.2.1250479397.1665781157
.koho.ca/	1970-01-20 06:43:01	Name: _gat Value: 1
.spotxchange.com/	1970-01-20 07:23:20	Name: audience Value: 10dec01a-4c03-11ed-a645-1c8a12470303
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1665781156_1
.serving-sys.com/	1970-01-20 08:52:37	Name: u2 Value: a6307655-77a5-4f7a-b211-2bb5f88955fe4Jf090
.3lift.com/	1970-01-20 08:52:37	Name: tluid Value: 2932499974315700684916
.doubleclick.net/	1970-01-20 16:19:01	Name: IDE Value: AHWqTUkgyZsbK1obUOr0g81IiK3P0dB9526wATnsMle48fF3Z_4NSGzkEPvygVpbDwQ
.koho.ca/	1970-01-20 08:52:37	Name: _gcl_au Value: 1.1.494191039.1665781157
.casalemedia.com/	1970-01-20 08:52:37	Name: CMTS Value: 195
.ads.stickyadstv.com/	1970-01-20 07:26:13	Name: UID Value: c8e1d0e54d9d3f73236884ba4836e36
.ads.stickyadstv.com/	1970-01-20 07:03:10	Name: uid-bp-30833 Value: XP3cI5wuSju5JOkg4IS77w
.linkedin.com/	1970-01-20 08:52:37	Name: li_sugr Value: 1d708e98-29b7-4e53-a123-f1310a500d52
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:28:37	Name: bcookie Value: "v=2&8325b5c1-4958-4b25-8c48-50679fbc1870"
.linkedin.com/	1970-01-20 06:44:27	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2735:u=1:x=1:i=1665781157:t=1665867557:v=2:sig=AQFHqSRI0LL1P4wNNCD_aPe1aMmZPYzE"
.koho.ca/	1970-01-20 08:52:37	Name: _fbp Value: fb.1.1665781157138.1711958954
.semasio.net/	1970-01-20 15:28:37	Name: SEUNCY Value: 11208201A28E8C93
.t.co/	1970-01-20 16:19:01	Name: muc_ads Value: af313a2b-0e8d-40b6-aa88-83f10630c651
.linkedin.com/	1970-01-20 07:26:13	Name: UserMatchHistory Value: AQIzLKOkje8jBQAAAYPYS00az2pnFAulbNWFossauVqv0E19T9uj1NEGgrjgIB66UlT47G2hrvGdUA
.linkedin.com/	1970-01-20 07:26:13	Name: AnalyticsSyncHistory Value: AQJ9czn3bQZUfwAAAYPYS00aPHWUfjozFTau-4Zu0sNYmQlUYZBS2-4Hmjd3XklUiR43kOayRQtepSBTwfZC8A
.ispot.tv/	1970-01-20 16:19:01	Name: pt Value: v2:34e77068c4f40369c37f996ce96203a4b95ed30221048a7ab1e91e1dd0efed8b\|ac946b9b95e2159ed18db3b3d964be9f8bacd6dacd5fabac741f40339837fbc7
.twitter.com/	1970-01-20 16:19:01	Name: personalization_id Value: "v1_6qRckdldmoJPD22Ff1ybKQ=="
.ninthdecimal.com/	1970-01-20 11:02:13	Name: ndat Value: aO2WYGNJzaW/HBrZErhPAg==
.pubmatic.com/	1970-01-20 08:52:37	Name: KRTBCOOKIE_290 Value: 23261-VdWxfEb4Tqe2IG3fctlg_Q&KRTB&23219-VdWxfEb4Tqe2IG3fctlg_Q
.pubmatic.com/	1970-01-20 07:26:13	Name: PugT Value: 1665781157
.pubmatic.com/	1970-01-20 06:44:27	Name: KTPCACOOKIE Value: YES
.taboola.com/	1970-01-20 15:28:37	Name: t_gid Value: 7ab79ff7-06fc-4479-b023-fc230c2fd4f7-tucta435325
.pubmatic.com/	1970-01-20 08:52:37	Name: KADUSERCOOKIE Value: F044BFCB-7DFC-4C02-BD1F-17C74E35BECA
.exelator.com/	1970-01-20 09:35:49	Name: EE Value: "132da92736a76fffe9b245de24d68f9b"
.rubiconproject.com/	1970-01-20 15:28:37	Name: audit Value: 1\|oavJB54HDedfZfePcngIhsx6GCQ46TYirSQDRoUloToeECEUBMheiqDOWope40t5gNRbq07STFFBK03vAHceEMPlmrk2+MbIp/rlumRoxMG339BSQ4SIRzkneLBIhmQgPWjIgYEpfUZWtEDobQg2QjZHOUmArsgEJuonZguwn/cQEWgnboXQOA==
.exelator.com/	1970-01-20 09:35:49	Name: ud Value: "eJxrXxzq6XKLQcHQ2Cgl0dLI3Ngs0dwsLS0t1TLJyMQ0JdXIJMXMIs0yaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6ImfHxUUpaQyLSopPBR98owYAs%252FUqpQ%253D%253D"

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.koho.ca/ Message: Refused to load the image 'https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.koho.ca&sought=false&tp=gdpr&attr_sid=122943&purposes=&vendors=&ext_id=637a549e-792c-4a5c-a3a2-20336d0a0bf7' because it violates the following Content Security Policy directive: "img-src 'self' data: https://cdn.sanity.io/ https://s.amazon-adsystem.com/ https://alb.reddit.com/ https://bat.bing.com/ http://www.google-analytics.com/ http://t.co/ https://px.ads.linkedin.com/ https://www.google.ca/ https://www.google.com/ https://www.facebook.com/tr/ https://www.googletagmanager.com/ https://i.vimeocdn.com/ https://web1.acsbapp.com/ https://static.intercomassets.com/ https://js.intercomcdn.com/ https://gifs.intercomcdn.com/ https://acsbapp.com/ https://downloads.intercomcdn.com/ https://p.adsymptotic.com/ https://analytics.twitter.com/".
security	error	URL: https://bat.bing.com/p/action/56368685.js(Line 23) Message: Refused to load the script 'https://www.clarity.ms/tag/uet/56368685' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://www.googletagmanager.com/ https://cdn.segment.com/ http://tag.rmp.rakuten.com/ http://bat.bing.com/ https://analytics.tiktok.com/ https://www.redditstatic.com/ https://sc-static.net/ https://acsbapp.com/ http://connect.facebook.net/ https://cdn.amplitude.com/ http://static.ads-twitter.com/ https://snap.licdn.com/ https://www.googleadservices.com/ https://analytics.twitter.com/ https://googleads.g.doubleclick.net/ https://player.vimeo.com/ https://widget.intercom.io/ https://js.intercomcdn.com/ http://www.google-analytics.com/ https://netlify-cdp-loader.netlify.app/ https://web1.acsbapp.com/apps/app/dist/js/app.js https://redditstatic.s3.amazonaws.com/ https://script.hotjar.com/ https://static.hotjar.com/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://www.koho.ca/ Message: Refused to load the image 'https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1665781157010%26url%3Dhttps%253A%252F%252Fwww.koho.ca%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue' because it violates the following Content Security Policy directive: "img-src 'self' data: https://cdn.sanity.io/ https://s.amazon-adsystem.com/ https://alb.reddit.com/ https://bat.bing.com/ http://www.google-analytics.com/ http://t.co/ https://px.ads.linkedin.com/ https://www.google.ca/ https://www.google.com/ https://www.facebook.com/tr/ https://www.googletagmanager.com/ https://i.vimeocdn.com/ https://web1.acsbapp.com/ https://static.intercomassets.com/ https://js.intercomcdn.com/ https://gifs.intercomcdn.com/ https://acsbapp.com/ https://downloads.intercomcdn.com/ https://p.adsymptotic.com/ https://analytics.twitter.com/".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 49) Message: Refused to connect to 'https://google.com/pagead/form-data/902961551?em=tv.1&gtm=2oaaa0&auid=494191039.1665781157' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.koho.ca/ https://.launchdarkly.com/ https://tr.snapchat.com/ https://cdn.acsbapp.com/ http://api.amplitude.com/ https://www.google-analytics.com/ https://analytics.tiktok.com/ https://stats.g.doubleclick.net/ https://api.lever.co/ https://.algolia.net/ https://vimeo.com/ https://.ingest.sentry.io/ https://api-iam.intercom.io/ https://bat.bing.com/ https://api.segment.io/ wss://nexus-websocket-a.intercom.io/ https://web1.acsbapp.com/ https://uploads.intercomcdn.com/ https://adservice.google.com/ https://www.google.com/ https://cdn.segment.com/ wss://.hotjar.com/ https://.hotjar.com/ https://.hotjar.io/".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.tiktok.com
analytics.twitter.com
api.amplitude.com
api.segment.io
app.launchdarkly.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.amplitude.com
cdn.sanity.io
cdn.segment.com
clientstream.launchdarkly.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consent.linksynergy.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
koho.ca
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
mwzeom.zeotap.com
odr.mookie1.com
pi.ispot.tv
pixel.rubiconproject.com
pixel.tapad.com
public-prod-dspcookiematching.dmxleo.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
tag.rmp.rakuten.com
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
vars.hotjar.com
vc.hotjar.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.koho.ca
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
consent.linksynergy.com
www.clarity.ms
www.linkedin.com
104.18.18.126
104.198.14.52
104.237.150.96
104.244.42.195
104.244.42.69
104.36.115.109
104.36.115.113
107.178.246.49
107.23.224.148
108.138.106.124
108.138.113.246
108.138.128.58
13.225.214.50
13.225.223.151
13.35.98.188
141.226.224.48
142.250.80.98
142.251.32.98
146.75.28.157
151.101.193.140
151.101.194.132
151.101.66.217
18.164.115.222
18.164.96.54
18.164.96.83
18.164.96.87
184.50.205.90
185.167.164.42
192.35.249.120
192.40.39.223
23.200.1.44
23.21.59.154
2600:141b:13::17d7:82d0
2600:1f18:2489:8202:3e66:ff9e:de27:befe
2600:1f18:612b:4200:438d:f16b:f4fb:94af
2606:4700:10::6816:1857
2607:f8b0:4004:c09::9b
2607:f8b0:4006:807::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2003
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::396
3.232.47.238
34.102.147.248
34.195.71.40
34.199.90.210
34.206.33.80
34.230.221.167
35.190.126.92
35.190.43.134
35.190.70.79
35.190.90.30
35.211.178.172
35.244.159.8
44.239.41.64
50.16.197.56
50.57.31.206
52.0.12.161
52.203.222.38
52.205.220.58
52.223.22.214
52.45.33.138
52.46.130.91
52.70.74.183
54.213.236.150
63.251.28.233
68.67.160.184
69.173.151.100
76.13.32.147
76.223.31.44
014c10425bdc694a27eeddfa9785ebbfe4121aa49dd6d231d4ec9fce543a48fc
02767469affeeba7ad27cde647c85689a2ac053d0a56cb1ad2ca7d34f83acaa4
06d1118d63eccd7bbe4a551c152e815314e81d3c6657d3dbf4b0e00bb302e232
06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9
073531fb824eb3c2b5ac99af6d1ac66fe99ad5db60be98a05c1ccac912fe7793
082e2888ad00a274eee4a5597f1521af574c08c7c2ae895b806e589383b4392e
085dc1b122847ef8ffe6bf3ad9782ff84c64b867d075ebed6fec0bc416d4bd04
0a9e7b40607770f5a56e4eae6fb4b433a9c08aaecd4750a15eba83245ec6be7c
0da6c36fdb22deee0feddb82b8be77a5079f39f25186ef7d245fa5b7d3cebb5e
0ef104776d0c3fae6a35809c613601f4f177b629888f2a5a3565af143f709311
0feea6934dbc499045d5a4d5b454fe22f7eb77165b5593c3a2c5b5d1ea696917
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
195f3c8ce18239cd241304be4a02c70892564caf8a139f6035b853fe212bab3a
1bc20140a7ceb64c88553310aeedbe02b3931c3caeb08d7cf04be0692dd720e1
1bdadd45403a8fd27d42d0830e3aa22b169a5069528c32fccfc32d195a9ebf03
1e9a6f0854d2011cc8897b5325cdede357860226cd38a6750ea8f9cc2311730c
1ec9eebffd6aff3989e6b594a07692da14b005d37572f0ada714486684291b6c
1f241c96f83b075ee2e506480c4392d301090e39752d0c5801101647782aa5db
2048b2cc89fd6ed263c11b5f5fdca0b77d84d23028da8e55ebb06d61acea011e
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
321dda5896445a14441d829322d15718919bb2ad499fdadc8bda53b418b9dfa8
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
38f270d394ded540ab46852b1c8ab6d2026be44b9ab1c5c532fbb17e3dda16cb
3af56cba32c582f9141acca4672e3d0ccd13e121bd77c0fb7b6e7906a696bb51
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3f472713621e35dfa778bc1061a6a7fa591cbc2c41f3875222089044510d088f
403c06f11d3ad802990ee9771290f10257bd183c4b95b7d0cb3b19f5ba659f2f
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
435e9127e8412ceb75ad339ef303410dcfcf95d3e3aa3011a2be08216701e2c0
46aac19cba9f65ff099a72c654ce816d6703a2cb69b7a1e5415785f690ef3173
48e8b5489088931970427de70d47ce9cfa6fe46cd58e9d5ae8d9c6fa00cdfe9c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51af55d2ec05e16b796cc035914305dd36b38625bdf63d5818fedcd91b8b8e28
53a90be17c8ccbbcac38315e37155c0e0e26820a03058fb231bb48b63c2cf150
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5514a0f79e2d3218c0a879f9751aa04d16a108051c58b8d919f3e39abd6accf9
57d2068246a4469f7e2de2105c11a749a977a7f614f4bb6c068cc7b383a70e15
5b231e8d536950af425bf9ed649d82cdc2fd6d3da6b8884217be41870126d607
5f53bdf3c69a74da560f349ae399740f7b130114dcfa1af69bf0c784dd5a92f2
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac
68f9b9134bf198470bf6ea801ee4cda7d59cb38b36dc7c73f068a15733636b80
6c26a7981a041b26927f64feae226e366e392b1d323eb780b32cda1591539c62
6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1
759695fa736708895314fb2adedcfcfe5f610471a2532cf082418c805ae94d66
782a8288e0ccc0edfc1a2d83961a8d6ee5a908246c25aa01c5eae7a681584495
78d4ccdb0cd633adcd10c0bbb206d42a706aba3b7bf9ffc819c4fd97730900d2
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c13d974f211b6f918a4f3f515f58aaba26d5b92956a5dc36e0e070b40c37909
7ca73edd5fb77cd4a62448de95818c511f406b518e3b8a57a28c285c58e02343
81c33e2c9550e3b23c65cadd6e1e162850162c2f388f78e788451f61b634f5ed
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
86032966ccd07b8890de5d5529859ced87eed5a1d2b415d677fb7820c8438cdc
8644902a02ab16a5fd2f76491ee3cb562c8a83d25b58bd783a3749128ee0fb5f
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8a52c4e94c8518d7d5b6c5eb4b0c8094a1a88935f119d788f0ed5ddb851e063a
8ce09a4b3959cfa036425c44b0ad439477f941b582cdeb98e82e4ae2b83c040a
8d4b909667e2118731c5e16d44fd6b07331f53f5de1cbee889d2fb9a5cac4462
9280ea5e0bc23c6946ba24ca561d977abb8e1d7dc06d506bb82c78efd13ea731
966b65d9c7ab985d55f30d0044de81e6d31958e83d979278c929f71445b574a7
96aba7799fa320c7bf5a30a04f27337f2ed0e10c34410bec0eefdd40c728b0e0
96d6ec83a26fab1b84af476debce0f5f94834e82bf7ceda75fe41217840b4321
9c484539388d61dbc27a710080851e24ef685246d32995ebaa74bdb02cfefa5e
a0248544196a8f48fdaba451672a8e114a1c948ff9656df301707582434e5fd8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b8967998aaf92335edfee08051de5434fb97d5d2a4c2b9e2bfb7e716eaa819
a856c49200096e83ed1a3612d4b4fcb1961a1f66f1a5f78c19bb71e31b98d221
a99338d7faef9aa9d0d905c7e1c1dc6ec4d047d708343ebd24f2cd3dcc17198f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b463c4dd20b3cbc19ec6283dd35a50a10d926c6efe5e0b054fdc5e3b959b6f19
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b8b99a5a182ff02703181a37fa4627ed047ad957e5fb11bd9469659d53ad02c6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
c1edf37f3c5acba8fe3c79bc52b0fbad8d9024f030634becf35f202d56a6450c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c606452306a8051621fc7c34e643e75f5d704c6b9965047208f3473475421ab1
ca2bc8293d37d6f74e4ef0c556b5aaf0bbd5191d3e2afbb1dbd6ee287c3a8ea4
d1b2fb444bb90995f7bbbbed7ce40c54dd82eb6f1ce56634e886deac907a1645
d71fff72d0294c8d6312843a8a5df4ac9ff9d7ba87506dc80bf90eb9cc1a9d3c
d7ed0be9eee783947224c87deceaaa0bddc6c4acb97f47c69964464385293965
d92e58c143eba7fa4d03c53eb6d8fb61cd481bc9939e57ce39f1d7726a603147
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65151d8b191ecdee650118921d3b09ec652545f0c3c1836b0d690a327385da0
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2
eb3b64d44021d764fb620e90c54d8190e488a830fb02b38775463650dd282cb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f450ae1b6bc9280b67e90050b1ab4994300bf538c11e96cd7a867f325d3fc3eb
f71018fb803f43c1ce6866ceeeb7e2d57fc8da6af3db0a9500ba262c53171faa
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb
fece88327e8b655bd3f9a80f32c3cc2159392b4ed91cc5d0ae33baecebb9a13d

www.koho.ca Open in urlscan Pro 2600:1f18:2489:8202:3e66:ff9e:de27:befe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

75 %HTTPS

21 %IPv6

66 Domains

80 Subdomains

44 IPs

4 Countries

1350 kBTransfer

4045 kBSize

87 Cookies

16 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.koho.ca Open in urlscan Pro
2600:1f18:2489:8202:3e66:ff9e:de27:befe Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

75 %
HTTPS

21 %
IPv6

66
Domains

80
Subdomains

44
IPs

4
Countries

1350 kB
Transfer

4045 kB
Size

87
Cookies

162 HTTP transactions
14 data transactions