web.koho.ca Open in urlscan Pro
104.18.6.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://web.koho.ca/login
Submission: On October 29 via manual (October 29th 2024, 11:40:00 pm UTC) from CA — Scanned from CA

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 30 domains to perform 84 HTTP transactions. The main IP is 104.18.6.38, located in and belongs to CLOUDFLARENET, US. The main domain is web.koho.ca.
TLS certificate: Issued by WE1 on September 20th 2024. Valid for: 3 months.

This is the only time web.koho.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	104.18.6.38 104.18.6.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.139.47.3 108.139.47.3	16509 (AMAZON-02) (AMAZON-02)
1	3.171.85.8 3.171.85.8	16509 (AMAZON-02) (AMAZON-02)
5	23.48.224.103 23.48.224.103	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.44.157 151.101.44.157	54113 (FASTLY) (FASTLY)
1	104.22.22.199 104.22.22.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	31.13.80.12 31.13.80.12	32934 (FACEBOOK) (FACEBOOK)
6	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
1	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	13.226.38.199 13.226.38.199	16509 (AMAZON-02) (AMAZON-02)
2	104.18.7.38 104.18.7.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.66.47.81 172.66.47.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	31.13.80.36 31.13.80.36	32934 (FACEBOOK) (FACEBOOK)
1	104.18.30.246 104.18.30.246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.40.232 142.251.40.232	15169 (GOOGLE) (GOOGLE)
1	108.139.29.45 108.139.29.45	16509 (AMAZON-02) (AMAZON-02)
4	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
1	54.187.48.130 54.187.48.130	16509 (AMAZON-02) (AMAZON-02)
1	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
2	142.250.80.110 142.250.80.110	15169 (GOOGLE) (GOOGLE)
2	142.251.32.99 142.251.32.99	15169 (GOOGLE) (GOOGLE)
1	142.251.40.132 142.251.40.132	15169 (GOOGLE) (GOOGLE)
4	3.225.166.233 3.225.166.233	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.34.10 13.226.34.10	16509 (AMAZON-02) (AMAZON-02)
2	108.139.47.46 108.139.47.46	16509 (AMAZON-02) (AMAZON-02)
2	18.214.43.45 18.214.43.45	14618 (AMAZON-AES) (AMAZON-AES)
84	35

13 104.18.6.38 (None, )

ASN13335 (CLOUDFLARENET, US)

web.koho.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-3.jfk50.r.cloudfront.net

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.171.85.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-85-8.iad89.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.48.224.103 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-103.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.44.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.22.199 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.switchgrowth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o36260.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.7.38 (None, )

ASN13335 (CLOUDFLARENET, US)

webgateway.koho.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.47.81 (United States)

ASN13335 (CLOUDFLARENET, US)

solve-widget.forethought.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.80.36 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.30.246 (None, )

ASN13335 (CLOUDFLARENET, US)

segment-proxy-api.kohoanalytics.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.232 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-45.jfk50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.48.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-48-130.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.132 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.225.166.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-166-233.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-10.ewr53.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-46.jfk50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.43.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-43-45.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	koho.ca web.koho.ca webgateway.koho.ca	2 MB
10	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 767 events.launchdarkly.com — Cisco Umbrella Rank: 884	29 KB
7	segment.com cdn.segment.com — Cisco Umbrella Rank: 1794	38 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	139 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	23 KB
3	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2183 api-iam.intercom.io — Cisco Umbrella Rank: 2649	6 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 147 www.google.com — Cisco Umbrella Rank: 3	64 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	318 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 1102	164 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 3146	286 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 12143	127 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	3 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2890 api.amplitude.com — Cisco Umbrella Rank: 2484	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	818 B
2	t.co t.co — Cisco Umbrella Rank: 859	811 B
2	forethought.ai solve-widget.forethought.ai — Cisco Umbrella Rank: 12577	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	81 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1063	13 KB
1	kohoanalytics.ca segment-proxy-api.kohoanalytics.ca	461 B
1	sentry.io o36260.ingest.sentry.io	300 B
1	reddit.com pixel-config.reddit.com Failed alb.reddit.com — Cisco Umbrella Rank: 1330	637 B
1	switchgrowth.com pixel.switchgrowth.com — Cisco Umbrella Rank: 248392	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	16 KB
1	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 7141	22 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14433	45 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 5850	15 KB
0	stackadapt.com Failed tags.srv.stackadapt.com Failed
0	licdn.com Failed snap.licdn.com Failed
0	Failed function sub() { [native code] }. Failed
84	30

	Domain	Requested by
13	web.koho.ca	web.koho.ca
7	cdn.segment.com	web.koho.ca
6	app.launchdarkly.com	web.koho.ca
5	analytics.tiktok.com	web.koho.ca analytics.tiktok.com
4	events.launchdarkly.com	web.koho.ca
4	www.google-analytics.com	cdn.segment.com www.google-analytics.com web.koho.ca
3	www.googletagmanager.com	cdn.segment.com www.google-analytics.com
3	js.stripe.com	web.koho.ca js.stripe.com
2	api-iam.intercom.io	js.intercomcdn.com
2	js.intercomcdn.com	widget.intercom.io
2	www.google.ca	web.koho.ca
2	analytics.google.com	web.koho.ca
2	www.facebook.com	web.koho.ca
2	analytics.twitter.com	web.koho.ca
2	t.co	web.koho.ca
2	solve-widget.forethought.ai	web.koho.ca solve-widget.forethought.ai
2	webgateway.koho.ca	web.koho.ca
2	connect.facebook.net	web.koho.ca connect.facebook.net
2	www.redditstatic.com	web.koho.ca www.redditstatic.com
1	widget.intercom.io	web.koho.ca
1	www.google.com	web.koho.ca
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	web.koho.ca
1	api.amplitude.com	web.koho.ca
1	cdn.amplitude.com	cdn.segment.com
1	segment-proxy-api.kohoanalytics.ca	web.koho.ca
1	o36260.ingest.sentry.io	web.koho.ca
1	alb.reddit.com	web.koho.ca
1	pixel.switchgrowth.com	web.koho.ca
1	static.ads-twitter.com	web.koho.ca
1	pixel.byspotify.com	web.koho.ca
1	cdn.plaid.com	web.koho.ca
1	websdk.appsflyer.com	web.koho.ca
0	tags.srv.stackadapt.com Failed	web.koho.ca
0	snap.licdn.com Failed	cdn.segment.com
0	truncated Failed	web.koho.ca
0	pixel-config.reddit.com Failed	www.redditstatic.com
84	37

This site contains no links.

Subject Issuer	Validity	Valid
web.koho.ca WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.appsflyer.com Amazon RSA 2048 M03	`2024-02-04` - `2025-03-03`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-06` - `2025-04-03`	6 months	crt.sh
pixel.byspotify.com WR3	`2024-10-15` - `2025-01-13`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
switchgrowth.com WE1	`2024-09-21` - `2024-12-20`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-04-11`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-08` - `2024-11-06`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-08-29` - `2024-12-05`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
webgateway.koho.ca WE1	`2024-09-17` - `2024-12-16`	3 months	crt.sh
solve-widget.forethought.ai WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-07` - `2025-10-06`	a year	crt.sh
kohoanalytics.ca WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.ca WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-07-16` - `2025-08-14`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://web.koho.ca/login
Frame ID: B43224472B33EC59616DE3F32A1DB39F
Requests: 72 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-fa328d5b6b0d2e8f4c34ce3d3776b6e2.html
Frame ID: 0CDE72C80E14E394A668635CBC476BEA
Requests: 1 HTTP requests in this frame

Frame: https://solve-widget.forethought.ai/?v=2
Frame ID: C5D14542BC51BCBB1B35F88EDAE3C1D9
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 79A9E49ADA68413EEDF06AA3484F0D08
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: FF985F4A1445C7419690300824C3A27F
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: F1AB4A13B67953A4B121EBD617121B01
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f544652f.js
Frame ID: 88FE280998C74540D0A6A547696F1776
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 20ABE83A54B3589329286B9C5E743018
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KOHO

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

84
Requests

96 %
HTTPS

0 %
IPv6

30
Domains

37
Subdomains

35
IPs

3
Countries

2779 kB
Transfer

9605 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request login Show response
web.koho.ca/ 22 KB
7 KB 113ms
57ms Document
text/html 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5747bdb6c7fd5f3fa0b4894645ff88d493c56fceabbd9208ee4a8d5340a8f031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 108413
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=31536000
cf-cache-status: DYNAMIC
cf-ray: 8da701e84a6ea1ff-YYZ
content-encoding: br
content-type: text/html
date: Tue, 29 Oct 2024 23:39:53 GMT
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 b256496020005baa6cd524279a80a26c.cloudfront.net (CloudFront)
x-amz-cf-id: DAFeum1PjRoJ6IiukO15yq1geJpsIcdCBla7316T7PqNabiOewYX5w==
x-amz-cf-pop: YTO50-C3
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
websdk.appsflyer.com/ 51 KB
15 KB 122ms
38ms Script
application/javascript 108.139.47.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-3.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

x-amz-cf-pop: JFK50-P1
content-encoding: gzip
etag: W/"7ee104753099f9f00003724eb0a4c433"
age: 3175
via: 1.1 3d84bfab616d594edc9340870455ee6a.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: cY1eiQH-AwB121598cpi4bZeUhh1T2X2BULm33ptUe38h2sklN8WZQ==
date: Tue, 29 Oct 2024 22:46:59 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 01 Oct 2024 07:07:49 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 157 KB
45 KB 171ms
75ms Script
text/javascript 3.171.85.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.85.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-85-8.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6edcbcec7e500e8b3a989db7586b7ed3bf7d44bfac15f5530fa8129e5d555e65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: br
x-amz-version-id: g3aUuJgwEkPzmut16A84rOCKX2yzbe8t
etag: W/"40f50db9445d797957523aedac2f1c31"
age: 9424
x-cache: Hit from cloudfront
x-amz-cf-id: GAFwx-dLA1jW2Qn-9wQvV8OXKFQL-EsobO-WToBPJ19mfudVwEld9Q==
date: Tue, 29 Oct 2024 21:02:49 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 25 Oct 2024 22:14:35 GMT
x-amz-id-2: RLdPWCdmzA8IpLlLYQU9xQdUKwrLrEqY+tUgv4i7gwPRcfXZ8gFKRU9i7Rx3/TGsbMlXNLOLMuI=
x-amz-replication-status: COMPLETED
cache-control: no-cache,must-revalidate,max-age=0
via: 1.1 861616284e5d66ba1f9ca00d6183c6c6.cloudfront.net (CloudFront)
x-amz-request-id: 5JFD3PWEME5HV2QJ
x-amz-cf-pop: IAD89-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 350ms
171ms Script
application/javascript 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c4dea9a41e26e3643f719bb3c9b31c3dfa224c4c89f040ba932c9d1b4298f71f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
expires: Tue, 29 Oct 2024 23:39:53 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=36, origin; dur=10, inner; dur=7
x-cache: TCP_MISS from a23-195-36-80.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Tue, 29 Oct 2024 23:39:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: d6a1c640.2248f04d
x-tt-trace-host: 01e213d9d66dfcd94159f7a25cfceaca1bd52b90654db8ce7f6b4b3e73065d49b2609de3212886c2215cf894e3bce958668864be447791936db32a9bd83ea63c55e3c176fae9516090261b14a41ade444aa0779b1750055625b0628a2173881e854fa2d48e7fce88e94c664b18ac118ce7
x-origin-response-time: 10,23.48.100.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241029233953C9A8580C1CE65EC316FB-68D0F8B6AF2B8A60-00
content-length: 2247
x-parent-response-time: 38,23.195.36.80
x-tt-logid: 20241029233953C9A8580C1CE65EC316FB
server: nginx

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 103ms
56ms Script
application/javascript 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
etag: "5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12126
date: Tue, 29 Oct 2024 23:39:53 GMT
last-modified: Tue, 15 Oct 2024 19:34:59 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
server: snooserv
x-amz-server-side-encryption: AES256

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 22 KB
22 KB 80ms
21ms Script
text/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag: "4eddeec95afda969b3d1b2fb970c1eb1"
age: 3463
x-goog-stored-content-encoding: identity
expires: Tue, 29 Oct 2024 23:42:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22096
date: Tue, 29 Oct 2024 22:42:11 GMT
last-modified: Tue, 25 Jun 2024 13:55:33 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2XptFkbX6gXLVf4e08x8ay5lWvV2pWIQwi9RED-plbJGmwYpiu0S1sAhxzrqEPp-Cq-BiWqOor-Q
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1719323733334567
content-length: 22096
server: UploadServer

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 359ms
33ms Script
application/javascript 151.101.44.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.44.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Tue, 29 Oct 2024 23:39:54 GMT
x-tw-cdn: FT
last-modified: Mon, 28 Oct 2024 20:49:35 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kcgs7200053-IAD, cache-nyc-kteb1890047-NYC
x-amz-server-side-encryption: AES256

GET
H2 200 pixel.js Show response
pixel.switchgrowth.com/ 6 KB
3 KB 341ms
34ms Script
text/javascript 104.22.22.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.switchgrowth.com/pixel.js?id=AxuB4szNGyBhNlWZ

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.22.199 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

384cf98b7517bf2949addf76ad2091cdfbd33614c771610febb21bbb4fe4bfa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=14400
content-encoding: br
cf-cache-status: HIT
age: 3025
via: 1.1 google
cf-ray: 8da701ed5de7a235-YYZ
date: Tue, 29 Oct 2024 23:39:53 GMT
content-type: text/javascript
last-modified: Tue, 29 Oct 2024 21:24:12 GMT
vary: Accept-Encoding
x-cloud-trace-context: 976ae884c006c01a134a8dbd41fb7605

GET
H3 200 index.2.11.17.js Show response
web.koho.ca/ 5 MB
1 MB 44ms
43ms Script
text/javascript 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/index.2.11.17.js

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ec4d2eb5d5d5b538d5bdd7c427b6eb399cd0d63ad7b875fcee786a98d381f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer: https://web.koho.ca/login

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"8f8be39b2dcefbd5b43d002bef84b17a"
age: 108415
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FNMj0pcZuQWtjbHDqNovODSbv14YgYGsRJatEuza1SH24wvX7IrcsA==
date: Tue, 29 Oct 2024 23:39:53 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 b256496020005baa6cd524279a80a26c.cloudfront.net (CloudFront)
cf-ray: 8da701ed9858a1ff-YYZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H3 200 index.2.11.17.css
web.koho.ca/ 513 KB
47 KB 183ms
181ms Stylesheet
text/css 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/index.2.11.17.css

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa856dd24ab4db96151f3518ad7244a47397a884476836e969dc2eb1380cbabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/login

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"72b3d1aec2287b01fcf02010214f9de9"
age: 108414
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: VRLbzHZdeenrfcMTMVQ9Nx2VYAvfRiYUCyEmbrc-5NMxBbIWZn6FuQ==
date: Tue, 29 Oct 2024 23:39:53 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 30071d5b2a8335b74b7184581194943e.cloudfront.net (CloudFront)
cf-ray: 8da701ed9859a1ff-YYZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H3 200 registerSW.js Show response
web.koho.ca/ 146 B
522 B 184ms
183ms Script
text/javascript 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/registerSW.js

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fc2d2325282f8ceb8c6100733e41a97216e1ab93f351a3e1eace25c4099231f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/login

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"38013143dc2183340ede8bc1c5124507"
age: 108414
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: zExzt-CKW7bkRTnHDYWowS-jBBeAL2u-lAbNVQiek_pUhaakrZT6gA==
date: Tue, 29 Oct 2024 23:39:53 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 a711a67257cff56fb6ecb34471f70906.cloudfront.net (CloudFront)
cf-ray: 8da701ed985aa1ff-YYZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET config
pixel-config.reddit.com/pixels/t2_e4ba8g8u/ 0
0

GET
H2 200 t2_e4ba8g8u_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 68ms
28ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_e4ba8g8u_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

cache-control: max-age=300
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 98
date: Tue, 29 Oct 2024 23:39:53 GMT
content-type: application/json
vary: Accept-Encoding,Origin
server: snooserv

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 77ms
21ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1730245193877&id=t2_e4ba8g8u&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=eab696fc-491c-4098-849d-5510e2bc76dd&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after: 0
cross-origin-resource-policy: cross-origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
content-length: 42
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: image/gif
server: Varnish

GET
H2 200 main.MTJhNGMzN2YwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
95 KB 61ms
60ms Script
application/javascript 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

x-cache: TCP_MEM_HIT from a23-195-36-80.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-241024123504DD097CEE253770951E26-66FE87BF34358344-00
content-length: 96992
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241024123504DD097CEE253770951E26
server: nginx
x-akamai-request-id: 2248fa1c
x-tt-trace-host: 0125eae58a3dc181e55d246f51e78c4bf1d7236417c4989f27d5c72391ecf5b2b83792d27511d995895d2149ac1c76cf7cb531cff3b47856b5d25ff48d0e7720892c11e5332dbbeab7d27dc0ba9e8365f277248b0e8795213ba17ee5a72efab998

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 75ms
41ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-fLWCP686' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-fLWCP686' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4397, tp=8, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: UdC3xQ7oFhrQ5MJJEorH3XlGHMamf3+WG+BoH1LjlFSCS9SRj87s+k7EcjwtsTaFrDKAFHPpB01xCb1HJkW30w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59722
x-xss-protection: 0
origin-agent-cluster: ?1

GET truncated
/ 0
0

GET
H3 200 599633800219052 Show response
connect.facebook.net/signals/config/ 95 KB
23 KB 237ms
237ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/599633800219052?v=2.9.174&r=stable&domain=web.koho.ca&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

b35de447b7da2ee266910d4b31dba06a1ad2d80451ae2ec15ff274b3db769052

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-OhrBt7U2' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-OhrBt7U2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=6, c=70, mss=1232, tbw=74834, tp=69, tpl=6, uplat=218, ullat=0
pragma: public
x-fb-debug: cO2ZRyJkNk+vknF+5TyDxUumUmEwhLxBR5A/6CkjoBRmf+S70GCReEsH/9YHu5pH4NbVPyPKung2FDKsWtd96Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

OPTIONS
H2 200 5eeb94841ab9a70a809cdc75
app.launchdarkly.com/sdk/goals/ Frame 0
0 69ms
22ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5eeb94841ab9a70a809cdc75

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://web.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 29 Oct 2024 23:39:54 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 6
x-served-by: cache-yyz4560-YYZ
x-timer: S1730245195.580643,VS0,VE0

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMTk3MWI1YzAtOTY0Zi0xMWVmLWI1MjYtMTUxNjgxNDNmMDc2In0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ Frame 0
0 66ms
21ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMTk3MWI1YzAtOTY0Zi0xMWVmLWI1MjYtMTUxNjgxNDNmMDc2In0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://web.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 29 Oct 2024 23:39:54 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 13
x-served-by: cache-yyz4560-YYZ
x-timer: S1730245195.580523,VS0,VE0

GET
H2 200 v3 Show response
js.stripe.com/ 674 KB
164 KB 81ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d5629a5b40d0b810c9c93eab6e02abfa6f405e374541bde05be5cd296e7ff922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

x-request-id: 855a3b97-b633-4fa2-80e9-ed948fb15f15
content-encoding: br
etag: "ac1f2dd8c2598b95726729a0e0e48968"
age: 4
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 29 Oct 2024 23:39:54 GMT
last-modified: Tue, 29 Oct 2024 22:32:33 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-yyz4566-YYZ
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 167126
server: Fastly

POST
H2 200 / Show response
o36260.ingest.sentry.io/api/3725458/envelope/ 2 B
300 B 151ms
81ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o36260.ingest.sentry.io/api/3725458/envelope/?sentry_key=b6af6813dda749a3836c9191fe2b4be2&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.119.2

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/ 5 KB
2 KB 130ms
33ms Fetch
application/json 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/settings
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78a1d6aef842a4167a919fa6280d76b849b09dcc329bc0f9701f219546afc818

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: c72q6ZJ.lgl_nmZV20ludSXo0VksuS4H
etag: W/"93366b6090cc2e9b3a7b8588a57d00c7"
age: 6932
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: GVbJ069PR_ouPWvGyDscd7GJrcW_q2X-J-UpHQj3qV83EvvQRyJkzA==
date: Tue, 29 Oct 2024 21:44:43 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 25 Jul 2024 22:16:43 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 ea5efad48fd2ca3e2050f885ef5ad57c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 5eeb94841ab9a70a809cdc75 Show response
app.launchdarkly.com/sdk/goals/ 2 B
179 B 21ms
20ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5eeb94841ab9a70a809cdc75

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
Referer: https://web.koho.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.4

Response headers

content-md5: d751713988987e9331980363e24189ce
access-control-max-age: 300
content-encoding: gzip
etag: "d751713988987e9331980363e24189ce"
age: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: HIT
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/json
x-served-by: cache-yyz4560-YYZ
x-cache-hits: 2
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: max-age=0
x-timer: S1730245195.604887,VS0,VE0
ld-region: us-east-1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26

GET
H2 400 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMTk3MWI1YzAtOTY0Zi0xMWVmLWI1MjYtMTUxNjgxNDNmMDc2In0 Show response
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ 56 B
149 B 49ms
47ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMTk3MWI1YzAtOTY0Zi0xMWVmLWI1MjYtMTUxNjgxNDNmMDc2In0

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8239ec3813476a434d3031db13d826e1d645b9402954a82053f509dc0bb2655a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
Referer: https://web.koho.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.4

Response headers

access-control-max-age: 300
content-encoding: gzip
age: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: MISS
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/json
vary: Accept-Encoding
x-served-by: cache-yyz4560-YYZ
x-cache-hits: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security: max-age=31536000; includeSubDomains
x-timer: S1730245195.604707,VS0,VE27
ld-region: us-east-1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71

GET
H3 200 basis-grotesque-medium.2.11.17.woff2
web.koho.ca/ 27 KB
28 KB 43ms
41ms Font
font/woff2 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/basis-grotesque-medium.2.11.17.woff2

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016f61f01838ce5e1d9564ffe5a84616a3c4f66048f99f1e89f410a9dc2cad9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer: https://web.koho.ca/index.2.11.17.css

Response headers

cf-cache-status: DYNAMIC
etag: "d37b904ee00f12ca729be334e9eeb28a"
age: 108414
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: G8_hZBCD9iERiY-9r8NsfrhODLedSByyaG0dCE5su2tOmMnefV1hQw==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 30071d5b2a8335b74b7184581194943e.cloudfront.net (CloudFront)
cf-ray: 8da701f1fcc7a1ff-YYZ
accept-ranges: bytes
content-length: 28148
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H3 200 basis-grotesque-bold.2.11.17.woff2
web.koho.ca/ 27 KB
28 KB 40ms
39ms Font
font/woff2 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/basis-grotesque-bold.2.11.17.woff2

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer: https://web.koho.ca/index.2.11.17.css

Response headers

cf-cache-status: DYNAMIC
etag: "17627e07a001f770a3f441710f74f61c"
age: 108414
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: aM-CBZ_L_958gZhvE4xLhg4gyIDLPiu4ENoiUb0LszBsgr1lbCipVw==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 a711a67257cff56fb6ecb34471f70906.cloudfront.net (CloudFront)
cf-ray: 8da701f1fcc8a1ff-YYZ
accept-ranges: bytes
content-length: 27812
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H3 200 basis-grotesque-regular-pro.2.11.17.woff2
web.koho.ca/ 49 KB
49 KB 50ms
49ms Font
font/woff2 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/basis-grotesque-regular-pro.2.11.17.woff2

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer: https://web.koho.ca/index.2.11.17.css

Response headers

cf-cache-status: DYNAMIC
etag: "c294fc5a277925342bcdbda0ebe58f61"
age: 108414
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: PN1wBDdVY6FrdWGU38oCrb_Iu-ZXovfT4FJn686RLLe1iVHM5vjk_Q==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 b256496020005baa6cd524279a80a26c.cloudfront.net (CloudFront)
cf-ray: 8da701f1fccaa1ff-YYZ
accept-ranges: bytes
content-length: 50128
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 54ms
54ms Script
application/javascript 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

x-cache: TCP_MEM_HIT from a23-195-36-80.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-2409051350109D1EB1A207A6EB7E8F35-2923001A1D5DAC70-00
content-length: 39317
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202409051350109D1EB1A207A6EB7E8F35
server: nginx
x-akamai-request-id: 22490803
x-tt-trace-host: 01a96a7034fbdb4b487f0fb9f0a4e0d589a774ca5cee50fd04f32d65b6eed6c4fb45e4de98ac8e8ae1d703aa4f33bdaada32eda2d595d5c7670c605b0cf32c815671deff95616c31f058c576264ea30f15ab03fba24a6191e30b514d39e9b2b795

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
876 B 142ms
141ms Ping
text/plain 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://web.koho.ca/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 29 Oct 2024 23:39:54 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=57, origin; dur=44, inner; dur=40
x-cache: TCP_MISS from a23-195-36-80.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Tue, 29 Oct 2024 23:39:54 GMT
x-akamai-request-id: d6a22da1.22490804
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01e213d9d66dfcd94159f7a25cfceaca1bd52b90654db8ce7f6b4b3e73065d49b2609de3212886c2215cf894e3bce958661fc87cdd76a35ff50efe9291ad8729b7e98ab1f04751de3e6e721353a4b0ce990d1aeec9f5d3adec414c3a3af156509c8f562c92767b040cf6f979ec0b5b2146
x-origin-response-time: 45,23.48.100.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410292339546E5DCF6553178AB62940-4FAF48266F5A41B6-00
content-length: 0
x-parent-response-time: 88,23.195.36.80
x-tt-logid: 202410292339546E5DCF6553178AB62940
server: nginx

OPTIONS
H3 204 hash
webgateway.koho.ca/1.0/users/users/anonymous-a/flags/ Frame 0
0 172ms
99ms Preflight 104.18.7.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webgateway.koho.ca/1.0/users/users/anonymous-a/flags/hash

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.7.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
Access-Control-Request-Method: GET
Origin: https://web.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,CONNECT
access-control-allow-origin: https://web.koho.ca
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8da701f38953ac26-YYZ
date: Tue, 29 Oct 2024 23:39:54 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H3 200 embed.js Show response
solve-widget.forethought.ai/ 41 KB
12 KB 88ms
34ms Script
application/javascript 172.66.47.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://solve-widget.forethought.ai/embed.js

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cb2f7da8af9f4f404aaa3381d520c8fcaa7a309714353a60c144f0481e83a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: br
etag: W/"4cbd83a5b3f2990cc4442543b4d8ff75"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPFhSoKzl2C2LUxFWkfhHGeQm0nggeYgmXMTNGCQlwDW60WZWUpqygK7zx6boD5Ky6M19nf3vw9Wh4ZrvSrDctY%2BJgHqt0CJ8JywBV3iNTVkPhQI9DRQbAFSvVgwGW8xTaL9EjGeWJErekJNSQc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19126&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4100&recv_bytes=4235&delivery_rate=162380&cwnd=12000&unsent_bytes=0&cid=c385fb6dd8a00e24&ts=39&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8da701f35fc2ab45-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H3 200 hash Show response
webgateway.koho.ca/1.0/users/users/anonymous-a/flags/ 88 B
410 B 127ms
124ms XHR
application/json 104.18.7.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webgateway.koho.ca/1.0/users/users/anonymous-a/flags/hash

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.7.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b37b182ad4668933acde8ceb2e302e1184e9e81d0f9d50e604c3c999947c2d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-koho-app-version: 2.11.13
X-Organization: koho
x-koho-device-platform: web
x-device-id: 275f3478-daa5-4580-9405-fee49eb43a94
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-correlation-id: 5885e633-54e9-409c-8d09-f857b37eb152
cf-cache-status: DYNAMIC
content-encoding: br
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8da701f44b2a3a02-YYZ
x-causation-id: 5885e633-54e9-409c-8d09-f857b37eb152
x-organization: koho
access-control-allow-origin: https://web.koho.ca
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: application/json; charset=UTF-8
vary: Origin
server: cloudflare

GET
H3 200 jokker-bold.2.11.17.woff2
web.koho.ca/ 45 KB
45 KB 46ms
46ms Font
font/woff2 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/jokker-bold.2.11.17.woff2

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

366cb86476f137950f4dfcaf28eca163e1d9973fdb7ea160d7af2c00599a386c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer: https://web.koho.ca/index.2.11.17.css

Response headers

cf-cache-status: DYNAMIC
etag: "9cd901311fd09e56ae61b7a853b69300"
age: 108414
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: sbDj5dzks0ivd3zoZ5Z3aqR_85on5aaxRhMW70b4qi4sSKhzquk2Pw==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 30071d5b2a8335b74b7184581194943e.cloudfront.net (CloudFront)
cf-ray: 8da701f33e1ba1ff-YYZ
accept-ranges: bytes
content-length: 45572
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H3 200 basel-grotesk-bold.2.11.17.woff2
web.koho.ca/ 93 KB
93 KB 47ms
46ms Font
font/woff2 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/basel-grotesk-bold.2.11.17.woff2

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47c7e3e605b64ba77f691904be3540de1dd5879d4410fa46353305149b4f0876

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer: https://web.koho.ca/index.2.11.17.css

Response headers

cf-cache-status: DYNAMIC
etag: "cf56caa15c4d7dc3dad71586d0fb9423"
age: 108413
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: vGIAXNqpaZKMM30EARkHHbHSjul83YoByAAwQtO6b40w-75kqaospQ==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: font/woff2
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 a711a67257cff56fb6ecb34471f70906.cloudfront.net (CloudFront)
cf-ray: 8da701f33e1ea1ff-YYZ
accept-ranges: bytes
content-length: 95204
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H2 200 controller-with-preconnect-fa328d5b6b0d2e8f4c34ce3d3776b6e2.html
js.stripe.com/v3/ Frame 0CDE 0
0 62ms
22ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-fa328d5b6b0d2e8f4c34ce3d3776b6e2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.koho.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 403
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 23:39:54 GMT
etag: "fa328d5b6b0d2e8f4c34ce3d3776b6e2"
last-modified: Tue, 29 Oct 2024 21:54:20 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: f6320fc0-3011-408c-93d4-b44924c0e7d6
x-served-by: cache-yyz4536-YYZ

GET
H2 200 adsct
t.co/1/i/ 43 B
628 B 120ms
72ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=f6d80dfc-401e-4e90-99ca-86f44268f3c8&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fcb467e3-de7a-4be6-911d-a962e3f26f34&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Flogin&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.31

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=0
x-transaction-id: ce072dc062b5d162
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 456b03ebf9a3db007e18d50731c344bb71f0fb1f73abd3e62dde75295bc6a764
cf-cache-status: DYNAMIC
cf-ray: 8da701f3d8faac15-YYZ
x-response-time: 5
content-length: 43
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 620ms
61ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=f6d80dfc-401e-4e90-99ca-86f44268f3c8&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fcb467e3-de7a-4be6-911d-a962e3f26f34&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Flogin&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.31

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 08baa0b3c6a7b116
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 9e11d7ea228cced7b38492a927d952ca75797d6faf16a9a7667f684b2054edbb
x-response-time: 5
content-length: 43
date: Tue, 29 Oct 2024 23:39:55 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 74ms
22ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=599633800219052&ev=PageView&dl=https%3A%2F%2Fweb.koho.ca&rl=&if=false&ts=1730245194802&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4124&fbp=fb.1.1730245194799.546428180587325931&pm=1&hrl=c09000&ler=empty&cdl=API_unavailable&it=1730245194183&coo=false&cs_cc=1&ccs=2036907989775049%2C2042001562539962&cas=7748182168559485%2C2280451298676074%2C2493627267356471%2C1925947637510218%2C2143156675783035%2C1375186855900984&rqm=GET

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1316, tbw=2903, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 126ms
75ms Image
image/png 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=599633800219052&ev=PageView&dl=https%3A%2F%2Fweb.koho.ca&rl=&if=false&ts=1730245194802&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4124&fbp=fb.1.1730245194799.546428180587325931&pm=1&hrl=c09000&ler=empty&cdl=API_unavailable&it=1730245194183&coo=false&cs_cc=1&ccs=2036907989775049%2C2042001562539962&cas=7748182168559485%2C2280451298676074%2C2493627267356471%2C1925947637510218%2C2143156675783035%2C1375186855900984&rqm=FGET

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431346523011730769"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431346523011730769"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa37b2200c77884f5","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["3200228373369739","1933916576659401","1843724245738692"]},"debug_reporting":true,"debug_key":"2705679115540735765"}
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Kn3aUn2vq6s/sNR69U7uAL+76Lqo9UFE4b9qCkD1cWYGwiclYyjEOOn5fvE+d0T/fcnRSE+4mdFJqyNLJCz7zw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431346523011730769", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1316, tbw=3221, tp=-1, tpl=-1, uplat=51, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
716 B 151ms
149ms Ping
text/plain 23.48.224.103
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.103 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-103.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://web.koho.ca/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Tue, 29 Oct 2024 23:39:54 GMT
server-timing: inner; dur=63, cdn-cache; desc=MISS, edge; dur=11, origin; dur=72
x-cache: TCP_MISS from a23-195-36-80.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Tue, 29 Oct 2024 23:39:54 GMT
x-akamai-request-id: 22490eea
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01e213d9d66dfcd94159f7a25cfceaca1bca4af89210199fb72d7295ee11f90df0c886771738ea4f0cd337d490881fe642f4be432dc6ff45b78de0f2aac66040d1ee184f27261207ff24d5b8e8837a2f5314f37a2f111fa04f5c3040345a90b1b1
x-origin-response-time: 73,23.195.36.80
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410292339542A10C9EE892F72B67988-3D46DD876E74B2CB-00
content-length: 0
x-tt-logid: 202410292339542A10C9EE892F72B67988
server: nginx

GET
H3 200 index.2.11.174.js Show response
web.koho.ca/ 8 KB
3 KB 46ms
44ms Script
text/javascript 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/index.2.11.174.js

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53dc32e6e95669eb140f9fa93f9d787af28fd80a8f5e55f6dd3bc2c398fa7599

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"ae5ef3e7bac5fa7acb2517b8d7946fba"
age: 108413
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: pATOi_PfieY99fsJSdzkT3WE2hsSm-xc2dXdTyf7XAHNo8hqY8CVyA==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 b256496020005baa6cd524279a80a26c.cloudfront.net (CloudFront)
cf-ray: 8da701f3cebfa1ff-YYZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H3 200 is-plan-event-enabled.2.11.17.js Show response
web.koho.ca/ 196 B
557 B 47ms
46ms Script
text/javascript 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/is-plan-event-enabled.2.11.17.js

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ba5f3edb2c2e41a487f3791abd280e5f8bd70490535bf54d72dd503038223c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"6b92d2824c457cbb780e697b7c210622"
age: 108413
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: jqhZCCMGzQXIOYGlp00Geqd60bEI4VYt1A_fw2M-9gNPFdo88CWpqA==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 30071d5b2a8335b74b7184581194943e.cloudfront.net (CloudFront)
cf-ray: 8da701f3cec1a1ff-YYZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H3 200 /
solve-widget.forethought.ai/ Frame C5D1 0
0 86ms
61ms Document
text/html 172.66.47.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://solve-widget.forethought.ai/?v=2

Requested by

Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.koho.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-transform
cf-ray: 8da701f40a08ac2a-YYZ
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 23:39:54 GMT
etag: "1578c5df910f60cc46acc5b162a4294a"
link: <https://solve-api.forethought.ai/>; rel="preconnect", <https://static.cloudflareinsights.com>; rel="preconnect", <https://cloudflareinsights.com>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YbcaeodNe9YlSKkHXR25ApTUbbnFK3f6GS4FaM85Wcha1W1%2BzqCkkZHCFzqUgYvx3bn87TFo2fpgI4V%2FhjIF1R%2BAOC8U66XXLSKZ%2Bm2U59oa88l8aMgqP%2B9jDJzJw1YgM%2B2qEpQNxIjgoRrtNR0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=22348&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4358&recv_bytes=4456&delivery_rate=26693&cwnd=12000&unsent_bytes=0&cid=9264d19305ff5e28&ts=66&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 index.2.11.176.js Show response
web.koho.ca/ 1 KB
1005 B 47ms
47ms Script
text/javascript 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/index.2.11.176.js

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df5a1b4095e3d61b99418bd59a1f45fd9ce8203153bc967496a8e1603f583fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://web.koho.ca
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"60a298050a30bb0858fefe24d5d1ced3"
age: 108413
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: JCGD7pM_GHcdnObnak5gXyJ2ty1Hj0bKMWLn2j_Z8SpdHsA_v6BLsA==
date: Tue, 29 Oct 2024 23:39:54 GMT
content-type: text/javascript
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 a711a67257cff56fb6ecb34471f70906.cloudfront.net (CloudFront)
cf-ray: 8da701f41efba1ff-YYZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H2 200 amplitude.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/ 9 KB
4 KB 101ms
32ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc4ae72d43593c2fc59ead95f45eb0c3b02cd465fd427b3fff5224e476d26259

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "41d391d5b119fb8c4fe6edd0c6fc1d21"
x-amz-version-id: dPEAOL7ExjtccGMMvRthKStk2d2FNhP0
age: 491351
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: tfsqr5Zz_q2U9F062v9LgHikqT0WTlBluxPFAqeZVJorzxCbzfjQOA==
date: Thu, 24 Oct 2024 07:10:45 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:20:16 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3181
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 105ms
37ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "6a3ed21f9b6777c0c37e6e248ea22387"
x-amz-version-id: EFE9lusc4JimpUbDBPawD3guBabh51Lw
age: 9117042
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 2KikdtkkDpIyqLdyKW-5R1x7Ta4lX9ZV39CqylA6Ala1GNzI-uU1kw==
date: Tue, 16 Jul 2024 11:09:14 GMT
content-type: application/javascript
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4743
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/ 4 KB
2 KB 101ms
33ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f81fd8f16f2252dd378308c71da6fd438e247d2c6180e2bd08a9d561ef7b8a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "d151cb0874ed5e13006e5f38364ec01e"
x-amz-version-id: wry_apqdd2NUiPtQjgnoSNAJnT.F8VpX
age: 15878326
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: DSrigqduTbMKHVivLRTYhiqrLawCcJr-4rGyiFhddjzuCS7jDjRl3Q==
date: Mon, 29 Apr 2024 05:01:10 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:42:47 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1655
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 101ms
33ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "a2b1aa1a0e402b1f891c929f94449d47"
x-amz-version-id: 2QnOYwF5YFKn4huywZP2TBu6SmwTBwS6
age: 7397990
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: txopydtdEI8j6vOUKi9tykF66vnXWP95N8C1_L339pMvaHN6Gb-gxg==
date: Mon, 05 Aug 2024 08:40:06 GMT
content-type: application/javascript
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1343
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 103ms
36ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36f9bf7f4514edb409609f496bb668dcf33cbaa9f6a3219663f631014c726a97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "e3b346a4f0b35b7ff884730f4c61cd2e"
x-amz-version-id: 4544XQIIliknDYyrlwjp.x__lsO5lWly
age: 463572
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: dfWChTO8U1eSdZXVHtl8iIit5RQcNZpo-SDmVnPlWSzq663TvjXXVQ==
date: Thu, 24 Oct 2024 14:53:44 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:20:16 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1062
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 p Show response
segment-proxy-api.kohoanalytics.ca/v1/ 21 B
461 B 631ms
320ms Fetch
application/json 104.18.30.246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://segment-proxy-api.kohoanalytics.ca/v1/p

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.30.246 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://web.koho.ca/

Response headers

x-amzn-remapped-content-length: 21
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-amzn-requestid: 1a6054f1-f64b-4b7e-9865-eedd6e07ac40
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: application/json
vary: Origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000
x-amz-apigw-id: Ab7L2FLTPHcEZHQ=
x-amzn-remapped-date: Tue, 29 Oct 2024 23:39:55 GMT
x-amzn-trace-id: Root=1-6721724b-55f79da265021bc33ce99f97;Sampled=1;Lineage=1:ef50223c:0
access-control-allow-credentials: true
cf-ray: 8da701f67bd554bb-YYZ
access-control-allow-origin: *
content-length: 21
server: cloudflare

GET
H2 200 eyJrZXkiOiJhbm9ueW1vdXMtYSIsImFub255bW91cyI6dHJ1ZX0 Show response
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ 180 KB
28 KB 21ms
21ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJrZXkiOiJhbm9ueW1vdXMtYSIsImFub255bW91cyI6dHJ1ZX0?h=bc219d25ac7dd13b1e490fd15caf113581e2ab6926a664723b44a248f3256793

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d6abc34344f59cd24c5f2aec7189e9809b5a4df5e225b8cbf371c5bcfc90c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
Referer: https://web.koho.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.4

Response headers

access-control-max-age: 300
content-encoding: gzip
etag: "2819d_7KI3CaBfTAdQ8d2g4VykzQ==b"
age: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: HIT
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: application/json
x-served-by: cache-yyz4560-YYZ
x-cache-hits: 2
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Authorization
cache-control: max-age=0
x-timer: S1730245195.054518,VS0,VE0
ld-region: us-east-1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28769

OPTIONS
H2 200 eyJrZXkiOiJhbm9ueW1vdXMtYSIsImFub255bW91cyI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ Frame 0
0 19ms
19ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJrZXkiOiJhbm9ueW1vdXMtYSIsImFub255bW91cyI6dHJ1ZX0?h=bc219d25ac7dd13b1e490fd15caf113581e2ab6926a664723b44a248f3256793

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://web.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Tue, 29 Oct 2024 23:39:55 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 14
x-served-by: cache-yyz4560-YYZ
x-timer: S1730245195.034188,VS0,VE0

GET
H2 200 commons.a61d7bea37d2de5d4b69.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 70 KB
22 KB 39ms
38ms Script
application/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "c467a63b2e7c3a99be423ace649014d8"
x-amz-version-id: aAixXKmCEkR1rfYrRzV2.EPYhnGmH0W2
age: 2861598
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: L6Ee8h-YEcpdwxVrOBDP4AP-mt8c9fmJvSLpw54c3QNIw5qKiWjyJA==
date: Thu, 26 Sep 2024 20:46:38 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 06:57:13 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21911
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 315 KB
106 KB 171ms
90ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f18276f9378ef332277bbb2d235d34d9f9c61152f6d9f080e58d1f3ed74fe8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 29 Oct 2024 23:39:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 21:20:29 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108005
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
99 KB 112ms
49ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-902961551

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c3cd81f012f67d166c9c8fba799c1d2bdebfdceb304712f434b0fc6341dde4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 23:39:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 21:20:29 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100893
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 118ms
37ms Script
application/javascript 108.139.29.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-45.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: gzip
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
age: 34496
x-cache: Hit from cloudfront
x-amz-cf-id: PATt4DODHComhXVZ3Kqc4ls1irOaBXhi53wGC2w2cF5d7HO23_kZgw==
date: Tue, 29 Oct 2024 14:05:00 GMT
content-type: application/javascript
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
cache-control: max-age=31536000
via: 1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17889
x-amz-cf-pop: JFK50-P2
server: AmazonS3

GET insight.min.js
snap.licdn.com/li.lms-analytics/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 109ms
32ms Script
text/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: gzip
age: 771
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 01:27:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:27:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
995 B 33ms
32ms Script
text/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: br
age: 1951
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 00:07:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:07:24 GMT
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 697
x-xss-protection: 0
server: sffe

POST
H2 200 / Show response
api.amplitude.com/ 7 B
137 B 295ms
104ms XHR
text/html 54.187.48.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.187.48.130 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-48-130.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=15768000
access-control-allow-origin: *
content-length: 7
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: text/html;charset=utf-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
369 B 49ms
48ms XHR
text/plain 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1806812175&t=pageview&_s=1&dl=https%3A%2F%2Fweb.koho.ca%2Flogin&dp=%2Flogin&ul=en-ca&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACgCIAB~&jid=486096358&gjid=1537748848&cid=597691044.1730245195&tid=UA-41908934-3&_gid=1336539537.1730245195&_slc=1&z=1773995603

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

7ac87dd9f74a67f144a3913ab313da479b90f31059c3d486b48e300ef72ea13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://web.koho.ca/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:39:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://web.koho.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
643 B 136ms
45ms XHR
text/plain 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41908934-3&cid=597691044.1730245195&jid=486096358&gjid=1537748848&_gid=1336539537.1730245195&_u=aGBAgEAjAAAAAGgCIAD~&z=1058257648

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://web.koho.ca/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:39:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://web.koho.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
406 B 35ms
35ms Image
image/gif 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1806812175&t=event&ni=1&_s=2&dl=https%3A%2F%2Fweb.koho.ca%2Flogin&dp=%2Flogin&ul=en-ca&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Login%20Page&ev=0&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=597691044.1730245195&tid=UA-41908934-3&_gid=1336539537.1730245195&z=1522758249

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

age: 6752
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 21:47:23 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 344 KB
113 KB 64ms
63ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FKN7NNETLF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e79cf6425d73bbbd905a4aa634c3f73b9dafd9c04086921959cf2b8169132e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 29 Oct 2024 23:39:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 115137
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/ 5 KB
2 KB 132ms
66ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1730245195362&cv=11&fst=1730245195362&bg=ffffff&guid=ON&async=1&gtm=45be4as0v892118992za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fweb.koho.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=KOHO&npa=0&pscdl=noapi&auid=1410606406.1730245195&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

672177727ee5eae6973f57df342c33e854e673f5eecdbdf02aa0f63c1db02265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2279
date: Tue, 29 Oct 2024 23:39:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET events.js
tags.srv.stackadapt.com/ 0
0

GET
H2 200 adsct
t.co/1/i/ 43 B
183 B 75ms
75ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=078e9246-da90-4207-b58c-e8ff9435ae1a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fcb467e3-de7a-4be6-911d-a962e3f26f34&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Flogin&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.31

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 0a06d65ce5f8f527
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7b9f3820cc8984c1e95f2974aba40c1afd91d38e5f911666aa90ea02caee100a
cf-cache-status: DYNAMIC
cf-ray: 8da701f7bd5aac15-YYZ
x-response-time: 5
content-length: 43
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
93 B 66ms
65ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=078e9246-da90-4207-b58c-e8ff9435ae1a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fcb467e3-de7a-4be6-911d-a962e3f26f34&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Flogin&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.31

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: db85790f874cbc4e
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 9e11d7ea228cced7b38492a927d952ca75797d6faf16a9a7667f684b2054edbb
x-response-time: 7
content-length: 43
date: Tue, 29 Oct 2024 23:39:55 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
DATA 200
OK truncated
/ Frame 79A9 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 79A9 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FF98 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FF98 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 204 collect
analytics.google.com/g/ 0
0 133ms
55ms Fetch
text/plain 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FKN7NNETLF&gtm=45je4as0v894288470z8812560807za200&_p=1730245195087&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=597691044.1730245195&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1730245195&sct=1&seg=0&dl=https%3A%2F%2Fweb.koho.ca%2Flogin&dt=KOHO&en=page_view&_fv=1&_ss=1&tfd=2620
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://web.koho.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 145ms
103ms Image
image/gif 142.251.32.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FKN7NNETLF&cid=597691044.1730245195&gtm=45je4as0v894288470z8812560807za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101925629&tag_exp=101533421~101823848~101925629&z=1949738545

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 29 Oct 2024 23:39:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/902961551/ 42 B
64 B 121ms
52ms Image
image/gif 142.251.40.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/902961551/?random=1730245195362&cv=11&fst=1730242800000&bg=ffffff&guid=ON&async=1&gtm=45be4as0v892118992za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fweb.koho.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=KOHO&npa=0&pscdl=noapi&auid=1410606406.1730245195&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dajoiyoa3J9V16IB5XD1rbEX36MwScg&random=2566373178&rmt_tld=0&ipr=y

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 29 Oct 2024 23:39:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/902961551/ 42 B
64 B 66ms
58ms Image
image/gif 142.251.32.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/902961551/?random=1730245195362&cv=11&fst=1730242800000&bg=ffffff&guid=ON&async=1&gtm=45be4as0v892118992za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fweb.koho.ca%2Flogin&hn=www.googleadservices.com&frm=0&tiba=KOHO&npa=0&pscdl=noapi&auid=1410606406.1730245195&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dajoiyoa3J9V16IB5XD1rbEX36MwScg&random=2566373178&rmt_tld=1&ipr=y

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 29 Oct 2024 23:39:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame F1AB 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F1AB 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

OPTIONS
H2 204 5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/diagnostic/ Frame 0
0 164ms
83ms Preflight 3.225.166.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5eeb94841ab9a70a809cdc75

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-166-233.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://web.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 29 Oct 2024 23:39:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 xiu5e01e Show response
widget.intercom.io/widget/ 7 KB
3 KB 212ms
131ms Script
application/javascript 13.226.34.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/xiu5e01e
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-10.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f338fc81c3d624d385dbe0a8701654fea90d07b52d140e175867fb1ca158e55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

content-encoding: gzip
x-amz-version-id: yqbBT7qaDqDlUgjcki6Ar.fiazRXvaFQ
etag: "ba58172cb961412639636cb5d821d5ff"
age: 468
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: qvgcDrv-pPlc6yWhmhId1-AM0K79vWvj-A0nTgjAgemEQsphvA94Zg==
date: Tue, 29 Oct 2024 23:32:19 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding, Origin
last-modified: Tue, 29 Oct 2024 15:37:05 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 ea5efad48fd2ca3e2050f885ef5ad57c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2668
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 202 5eeb94841ab9a70a809cdc75 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 40ms
39ms XHR
application/json 3.225.166.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5eeb94841ab9a70a809cdc75

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-166-233.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
Referer: https://web.koho.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.4
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Tue, 29 Oct 2024 23:39:56 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

GET
H3 200 favicon.ico
web.koho.ca/ 597 B
1 KB 38ms
38ms Other
image/x-icon 104.18.6.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web.koho.ca/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08fdb9f448abb925e6b2fef20317ff664a153e888dedb1028457e48f59cc92e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/login

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"938872fc0d56b0353fc2f5669cb3c534"
age: 108415
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bgUNEqOngN6l0ocyFwqjfuoOY3J8TcwaE2EbkGTjN6QnRLgMsGvTmg==
date: Tue, 29 Oct 2024 23:39:55 GMT
content-type: image/x-icon
last-modified: Mon, 28 Oct 2024 17:32:48 GMT
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: same-origin
via: 1.1 30071d5b2a8335b74b7184581194943e.cloudfront.net (CloudFront)
cf-ray: 8da701faae00a1ff-YYZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: YTO50-C3
server: cloudflare

GET
H2 200 frame-modern.f544652f.js Show response
js.intercomcdn.com/ Frame 88FE 469 KB
142 KB 122ms
39ms Script
application/javascript 108.139.47.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.f544652f.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xiu5e01e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-46.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2a1af507290eae7ed64d035407b6bb3689f00b4e8272d77dbcfd921f99ffcf27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "ee3046e347c4c70afb2d8409393b2469"
x-amz-version-id: AKTnBDHXJcKikkNyb8YlEu.ehHmYjxWP
age: 169
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: R7l9W9dhoaqO_Z1hebELDgqJ9LzU-ILDr3As1HlnTulIih7njQQ07g==
date: Tue, 29 Oct 2024 23:37:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 29 Oct 2024 15:34:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 144403
x-amz-cf-pop: JFK50-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-modern.435c096a.js Show response
js.intercomcdn.com/ Frame 88FE 456 KB
145 KB 198ms
115ms Script
application/javascript 108.139.47.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.435c096a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xiu5e01e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.47.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-46.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b3c078eddf56a0a09195705c79fd5c4f3aab7a5375e91f2ce575d8fea3faa39f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "df62d46597276d0ed64615874ec410e0"
x-amz-version-id: OJpQ_U7zVjiWhVK.SbwGQc5fuhrc2Tzz
age: 5037
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NTIVZE8vFYPTVk-_phNYta_Dhn3XiLJ52a0JE4J9TpJqyev4R6pfCg==
date: Tue, 29 Oct 2024 22:16:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 29 Oct 2024 15:34:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 147349
x-amz-cf-pop: JFK50-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 launcher_settings Show response
api-iam.intercom.io/messenger/web/ Frame 88FE 241 B
899 B 709ms
89ms XHR
application/json 18.214.43.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/launcher_settings

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f544652f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.43.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-43-45.compute-1.amazonaws.com

Software

nginx /

Resource Hash

eea452344daf3e3eddf30e915bfe3a01df960c7982ac8bd8adadd42ffe998197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 00080d0b8mho07kkp830
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"eea452344daf3e3eddf30e915bfe3a01"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Tue, 29 Oct 2024 23:39:57 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.047567
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://web.koho.ca
x-xss-protection: 1; mode=block
x-intercom-version: f68c0fe05147cecf86119984990e1faa9c2b72b0
x-ami-version: ami-0a3ded630387c80e2
server: nginx

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 88FE 4 KB
2 KB 920ms
303ms XHR
application/json 18.214.43.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f544652f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.43.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-43-45.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5bcca973a9b6abce7bc8896f3ba3cc0e9a58bf954145d75691e7bb7de0099587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 000gus8bn6ij9s45jbtg
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"5bcca973a9b6abce7bc8896f3ba3cc0e"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Tue, 29 Oct 2024 23:39:57 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.243848
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://web.koho.ca
x-xss-protection: 1; mode=block
x-intercom-version: f68c0fe05147cecf86119984990e1faa9c2b72b0
x-ami-version: ami-0a3ded630387c80e2
server: nginx

OPTIONS
H2 204 5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/bulk/ Frame 0
0 37ms
37ms Preflight 3.225.166.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5eeb94841ab9a70a809cdc75

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-166-233.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://web.koho.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Tue, 29 Oct 2024 23:39:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 5eeb94841ab9a70a809cdc75 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 319ms
317ms XHR
application/json 3.225.166.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5eeb94841ab9a70a809cdc75

Requested by

Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.225.166.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-166-233.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
X-LaunchDarkly-Event-Schema: 4
Referer: https://web.koho.ca/
X-LaunchDarkly-Payload-ID: 1b794590-964f-11ef-b526-15168143f076
X-LaunchDarkly-User-Agent: JSClient/3.1.4
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Tue, 29 Oct 2024 23:39:58 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 20AB 0
0 21ms
20ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://web.koho.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2389387
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 29 Oct 2024 23:39:59 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 01 Oct 2024 20:06:01 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 37245
x-content-type-options: nosniff
x-request-id: 60847af0-a158-443a-bfb7-ec7a96f3813e
x-served-by: cache-yyz4543-YYZ

POST
H2 204 collect
analytics.google.com/g/ 0
0 49ms
48ms Fetch
text/plain 142.250.80.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FKN7NNETLF&gtm=45je4as0v894288470za200&_p=1730245195087&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=597691044.1730245195&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EEAI&_s=2&sid=1730245195&sct=1&seg=0&dl=https%3A%2F%2Fweb.koho.ca%2Flogin&dt=KOHO&en=scroll&epn.percent_scrolled=90&_et=52&tfd=7677
Requested by: Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://web.koho.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://web.koho.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 23:40:00 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel-config.reddit.com
URL: https://pixel-config.reddit.com/pixels/t2_e4ba8g8u/config

Domain: truncated
URL: data:truncated

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Domain: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 09:59:01	Name: _ttp Value: 2o8JIzHUbpSa20AO94u60jAPHGw
.koho.ca/	1970-01-21 02:47:01	Name: _rdt_uuid Value: 1730245193873.eab696fc-491c-4098-849d-5510e2bc76dd
web.koho.ca/	1970-01-21 09:23:01	Name: __spdt Value: e865cc96ca68441faa6a26d9c3787d51
.koho.ca/	1970-01-21 00:47:29	Name: _switch_session_id Value: 1ebdaeb9-f3fb-45ff-8969-0b748823b1f2
.koho.ca/	1970-01-21 09:59:01	Name: _tt_enable_cookie Value: 1
.koho.ca/	1970-01-21 09:59:01	Name: _ttp Value: EUaH0z68CVrhPVYYYOgtULbLjhG
.koho.ca/	1970-01-21 02:47:01	Name: _fbp Value: fb.1.1730245194799.546428180587325931
.t.co/	1970-01-21 10:13:25	Name: muc_ads Value: f6dc6305-360f-4915-83e3-5ce5c5ae4c6f
.t.co/	1970-01-21 00:37:26	Name: __cf_bm Value: m2QwPN3hZwSpSh8XnyEE3Y1any8igYCNTD_R7s4M1fs-1730245194-1.0.1.1-rZdVQscdqBmI4Tj7nGJxKcueMyqqXsn8mH9AcalvEIwI_UNbkIdDGfgTsYm7.PN9SMZCKKeMf60Tzwln1Nkybw
.koho.ca/	1970-01-21 09:23:01	Name: ajs_anonymous_id Value: 5c9799f7-8aac-443b-bbb4-4cb4ac72038f
.koho.ca/	1970-01-21 00:38:51	Name: _gid Value: GA1.2.1336539537.1730245195
.koho.ca/	1969-12-31 23:59:59	Name: amplitude_idundefinedkoho.ca Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.koho.ca/	1970-01-21 10:13:25	Name: amplitude_id_10563d121b16631a278c49bd4b44caaekoho.ca Value: eyJkZXZpY2VJZCI6IjljNzM4ZTYyLWY4N2YtNGEzOC1iODdkLTgzYzgxYmQ1NDA1N1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTczMDI0NTE5NTI2MSwibGFzdEV2ZW50VGltZSI6MTczMDI0NTE5NTI2NSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.koho.ca/	1970-01-21 00:37:25	Name: _gat Value: 1
.koho.ca/	1970-01-21 02:47:01	Name: _gcl_au Value: 1.1.1410606406.1730245195
.twitter.com/	1970-01-21 10:13:25	Name: guest_id_marketing Value: v1%3A173024519538254658
.twitter.com/	1970-01-21 10:13:25	Name: guest_id_ads Value: v1%3A173024519538254658
.twitter.com/	1970-01-21 10:13:25	Name: personalization_id Value: "v1_B60I+2uexX+F6CBnjI+1cQ=="
.twitter.com/	1970-01-21 10:13:25	Name: guest_id Value: v1%3A173024519538254658
.doubleclick.net/	1970-01-21 00:37:26	Name: test_cookie Value: CheckForPermission
.koho.ca/	1970-01-21 10:13:25	Name: _ga Value: GA1.1.597691044.1730245195
.koho.ca/	1970-01-21 10:13:25	Name: _ga_FKN7NNETLF Value: GS1.1.1730245195.1.0.1730245195.60.0.0
.koho.ca/	1970-01-21 07:06:15	Name: intercom-id-xiu5e01e Value: f6b3677c-3200-4272-add9-b5b15fd19170
.koho.ca/	1970-01-21 00:47:29	Name: intercom-session-xiu5e01e Value:
.koho.ca/	1970-01-21 07:06:15	Name: intercom-device-id-xiu5e01e Value: ab1f2d90-4ce5-4c0b-96c0-7cd5016a1d6d

37 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://web.koho.ca/login Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://web.koho.ca/login(Line 344) Message: Refused to set the document's base URI to 'https://web.koho.ca/' because it violates the following Content Security Policy directive: "base-uri 'none'".
security	error	URL: https://www.redditstatic.com/ads/pixel.js Message: Refused to connect to 'https://pixel-config.reddit.com/pixels/t2_e4ba8g8u/config' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: https://.convertexperiments.com https://.cv.gpsrv.com https://.equalweb.com/ https://.ingest.sentry.io https://.koho.ca https://.kohoanalytics.ca https://.launchdarkly.com https://.onfido.com https://.onfido.com https://.pd.gpsrv.com https://.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://evnt.byspotify.com/ https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pixel.byspotify.com/ https://pixel.switchgrowth.com/ https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://www.woopra.com ws://localhost:/sockjs-node wss://.onfido.com wss://localhost:/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
security	error	URL: https://web.koho.ca/login(Line 368) Message: Refused to load the font 'data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3...OnYercZg2YVmLN/d/gczfEimrE/fs/bOuq29Zmn8tloORaXgZgGa78yO9/cnXm2BpaGvq25Dv9S4E9+5SIc9PqupJKhYFSSl47+Qcr1mYNAAAAeNptw0cKwkAAAMDZJA8Q7OUJvkLsPfZ6zFVERPy8qHh2YER+3i/BP83vIBLLySsoKimrqKqpa2hp6+jq6RsYGhmbmJqZSy0sraxtbO3sHRydnEMU4uR6yx7JJXveP7WrDycAAAAAAAH//wACeNpjYGRgYOABYhkgZgJCZgZNBkYGLQZtIJsFLMYAAAw3ALgAeNolizEKgDAQBCchRbC2sFER0YD6qVQiBCv/H9ezGI6Z5XBAw8CBK/m5iQQVauVbXLnOrMZv2oLdKFa8Pjuru2hJzGabmOSLzNMzvutpB3N42mNgZGBg4GKQYzBhYMxJLMlj4GBgAYow/P/PAJJhLM6sSoWKfWCAAwDAjgbRAAB42mNgYGBkAIIbCZo5IPrmUn0hGA0AO8EFTQAA' because it violates the following Content Security Policy directive: "font-src 'self' https://braze-images.com https://cdn.appsflyer.com https://cdn.braze.com https://fonts.gstatic.com https://fonts.intercomcdn.com https://js.intercomcdn.com https://maxcdn.bootstrapcdn.com https://res.cloudinary.com/argyle-media https://sdk.onfido.com https://use.fontawesome.com".
security	error	URL: https://pixel.byspotify.com/ping.min.js Message: Refused to connect to 'https://pixels.spotify.com/v1/ingest' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: https://.convertexperiments.com https://.cv.gpsrv.com https://.equalweb.com/ https://.ingest.sentry.io https://.koho.ca https://.kohoanalytics.ca https://.launchdarkly.com https://.onfido.com https://.onfido.com https://.pd.gpsrv.com https://.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://evnt.byspotify.com/ https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pixel.byspotify.com/ https://pixel.switchgrowth.com/ https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://www.woopra.com ws://localhost:/sockjs-node wss://.onfido.com wss://localhost:/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
javascript	error	URL: https://pixel.byspotify.com/ping.min.js Message: Refused to connect to 'https://pixels.spotify.com/v1/ingest' because it violates the document's Content Security Policy.
security	error	URL: https://web.koho.ca/index.2.11.17.js(Line 117) Message: Refused to connect to 'https://checkip.amazonaws.com/' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: https://.convertexperiments.com https://.cv.gpsrv.com https://.equalweb.com/ https://.ingest.sentry.io https://.koho.ca https://.kohoanalytics.ca https://.launchdarkly.com https://.onfido.com https://.onfido.com https://.pd.gpsrv.com https://.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://evnt.byspotify.com/ https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pixel.byspotify.com/ https://pixel.switchgrowth.com/ https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://www.woopra.com ws://localhost:/sockjs-node wss://.onfido.com wss://localhost:/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
javascript	error	URL: https://web.koho.ca/index.2.11.17.js(Line 117) Message: Refused to connect to 'https://checkip.amazonaws.com/' because it violates the document's Content Security Policy.
network	error	URL: https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiMTk3MWI1YzAtOTY0Zi0xMWVmLWI1MjYtMTUxNjgxNDNmMDc2In0 Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://js.stripe.com/v3 Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://solve-widget.forethought.ai/embed.js Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz Message: Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.cloudfront.net/ https://.convertexperiments.com https://.equalweb.com/ https://.kohoanalytics.ca https://*.sardine.ai/ https://ajax.cloudflare.com https://analytics.tiktok.com/i18n/pixel/ https://analytics.twitter.com/ https://api-iam.intercom.io https://app.intercom.io https://assets.koho.ca https://assets.onfido.com https://cdn.amplitude.com https://cdn.plaid.com https://cdn.segment.com https://cdn.veritonic.com/ https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/599633800219052 https://connect.facebook.net/signals/plugins/identity.js https://evnt.byspotify.com/ https://googleads.g.doubleclick.net https://h.online-metrix.net/ https://js.appboycdn.com https://js.intercomcdn.com https://js.stripe.com https://optimize.google.com https://pixel.byspotify.com/ https://pixel.switchgrowth.com/ https://plugin.argyle.com https://sdk.onfido.com https://sentry.io https://solve-widget.forethought.ai https://static.ads-twitter.com/ https://static.cloudflareinsights.com https://tag.rmp.rakuten.com/122943.ct.js https://websdk.appsflyer.com https://widget.intercom.io https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.google-analytics.com/gtm/js https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://www.redditstatic.com/ https://www.woopra.com https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js https://assets.adobedtm.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 150) Message: Refused to connect to 'https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fweb.koho.ca%2Flogin&scrsrc=www.googletagmanager.com&frm=0&rnd=1594895934.1730245195&auid=1410606406.1730245195&npa=0&gtm=45be4as0v892118992za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&tft=1730245195369&tfd=2431&apve=1' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: https://.convertexperiments.com https://.cv.gpsrv.com https://.equalweb.com/ https://.ingest.sentry.io https://.koho.ca https://.kohoanalytics.ca https://.launchdarkly.com https://.onfido.com https://.onfido.com https://.pd.gpsrv.com https://.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://evnt.byspotify.com/ https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pixel.byspotify.com/ https://pixel.switchgrowth.com/ https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://www.woopra.com ws://localhost:/sockjs-node wss://.onfido.com wss://localhost:/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 146) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 146) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 146) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 459) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://www.googletagmanager.com/ Message: Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' data: blob: https://accounts.accessibe.com/ https://bid.g.doubleclick.net https://cdn.plaid.com https://h.online-metrix.net/ https://hooks.stripe.com https://intercom-sheets.com https://js.stripe.com https://koho-api.private.fin.ag/ https://koho-iframe.private.fin.ag/v2/ https://kohodev-iframe.private.fin.ag/v2/ https://optimize.google.com https://solve-widget.forethought.ai https://web.koho.ca https://web.sandbox-koho.ca https://www.facebook.com/ https://www.google.com https://sdk.onfido.com https://*.sardine.ai/".
security	error	Message: Refused to load the script 'https://tags.srv.stackadapt.com/events.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.cloudfront.net/ https://.convertexperiments.com https://.equalweb.com/ https://.kohoanalytics.ca https://*.sardine.ai/ https://ajax.cloudflare.com https://analytics.tiktok.com/i18n/pixel/ https://analytics.twitter.com/ https://api-iam.intercom.io https://app.intercom.io https://assets.koho.ca https://assets.onfido.com https://cdn.amplitude.com https://cdn.plaid.com https://cdn.segment.com https://cdn.veritonic.com/ https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/599633800219052 https://connect.facebook.net/signals/plugins/identity.js https://evnt.byspotify.com/ https://googleads.g.doubleclick.net https://h.online-metrix.net/ https://js.appboycdn.com https://js.intercomcdn.com https://js.stripe.com https://optimize.google.com https://pixel.byspotify.com/ https://pixel.switchgrowth.com/ https://plugin.argyle.com https://sdk.onfido.com https://sentry.io https://solve-widget.forethought.ai https://static.ads-twitter.com/ https://static.cloudflareinsights.com https://tag.rmp.rakuten.com/122943.ct.js https://websdk.appsflyer.com https://widget.intercom.io https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.google-analytics.com/gtm/js https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com https://www.redditstatic.com/ https://www.woopra.com https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js https://assets.adobedtm.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/ Message: Refused to frame 'https://www.googletagmanager.com/' because it violates the following Content Security Policy directive: "frame-src 'self' data: blob: https://accounts.accessibe.com/ https://bid.g.doubleclick.net https://cdn.plaid.com https://h.online-metrix.net/ https://hooks.stripe.com https://intercom-sheets.com https://js.stripe.com https://koho-api.private.fin.ag/ https://koho-iframe.private.fin.ag/v2/ https://kohodev-iframe.private.fin.ag/v2/ https://optimize.google.com https://solve-widget.forethought.ai https://web.koho.ca https://web.sandbox-koho.ca https://www.facebook.com/ https://www.google.com https://sdk.onfido.com https://*.sardine.ai/".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-FKN7NNETLF&cx=c&_slc=1(Line 246) Message: Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FKN7NNETLF&cid=597691044.1730245195&gtm=45je4as0v894288470z8812560807za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101925629' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: https://.convertexperiments.com https://.cv.gpsrv.com https://.equalweb.com/ https://.ingest.sentry.io https://.koho.ca https://.kohoanalytics.ca https://.launchdarkly.com https://.onfido.com https://.onfido.com https://.pd.gpsrv.com https://.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://evnt.byspotify.com/ https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pixel.byspotify.com/ https://pixel.switchgrowth.com/ https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://www.woopra.com ws://localhost:/sockjs-node wss://.onfido.com wss://localhost:/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-FKN7NNETLF&cx=c&_slc=1(Line 242) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://www.googletagmanager.com/ Message: Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' data: blob: https://accounts.accessibe.com/ https://bid.g.doubleclick.net https://cdn.plaid.com https://h.online-metrix.net/ https://hooks.stripe.com https://intercom-sheets.com https://js.stripe.com https://koho-api.private.fin.ag/ https://koho-iframe.private.fin.ag/v2/ https://kohodev-iframe.private.fin.ag/v2/ https://optimize.google.com https://solve-widget.forethought.ai https://web.koho.ca https://web.sandbox-koho.ca https://www.facebook.com/ https://www.google.com https://sdk.onfido.com https://*.sardine.ai/".
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	error	URL: https://widget.intercom.io/widget/xiu5e01e Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	error	URL: https://widget.intercom.io/widget/xiu5e01e Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	error	URL: https://js.stripe.com/v3 Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://www.canadapost=postescanada.ca/cpc/assets/cpc/js/analytics.js'. It will be ignored.
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').
security	warning	URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551(Line 460) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.googletagmanager.com') does not match the recipient window's origin ('null').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api-iam.intercom.io
api.amplitude.com
app.launchdarkly.com
cdn.amplitude.com
cdn.plaid.com
cdn.segment.com
connect.facebook.net
events.launchdarkly.com
googleads.g.doubleclick.net
js.intercomcdn.com
js.stripe.com
o36260.ingest.sentry.io
pixel-config.reddit.com
pixel.byspotify.com
pixel.switchgrowth.com
segment-proxy-api.kohoanalytics.ca
snap.licdn.com
solve-widget.forethought.ai
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
truncated
web.koho.ca
webgateway.koho.ca
websdk.appsflyer.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.redditstatic.com
pixel-config.reddit.com
snap.licdn.com
tags.srv.stackadapt.com
truncated
104.18.30.246
104.18.6.38
104.18.7.38
104.22.22.199
104.244.42.195
108.139.29.45
108.139.47.3
108.139.47.46
13.226.34.10
13.226.38.199
142.250.80.110
142.251.32.99
142.251.40.132
142.251.40.232
142.251.41.14
142.251.41.2
151.101.192.176
151.101.193.140
151.101.2.217
151.101.44.157
151.101.64.176
151.101.65.140
162.159.140.229
172.253.122.156
172.66.47.81
18.214.43.45
23.48.224.103
3.171.85.8
3.225.166.233
31.13.80.12
31.13.80.36
34.117.162.98
34.120.195.249
54.187.48.130
016f61f01838ce5e1d9564ffe5a84616a3c4f66048f99f1e89f410a9dc2cad9e
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
08fdb9f448abb925e6b2fef20317ff664a153e888dedb1028457e48f59cc92e8
0ba6b163f965f258c24888cf11c6dfe0d044de0800284da2e78a3faf7bd12925
0cb2f7da8af9f4f404aaa3381d520c8fcaa7a309714353a60c144f0481e83a53
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5
1d6abc34344f59cd24c5f2aec7189e9809b5a4df5e225b8cbf371c5bcfc90c20
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
28ec4d2eb5d5d5b538d5bdd7c427b6eb399cd0d63ad7b875fcee786a98d381f1
2a1af507290eae7ed64d035407b6bb3689f00b4e8272d77dbcfd921f99ffcf27
366cb86476f137950f4dfcaf28eca163e1d9973fdb7ea160d7af2c00599a386c
36f9bf7f4514edb409609f496bb668dcf33cbaa9f6a3219663f631014c726a97
384cf98b7517bf2949addf76ad2091cdfbd33614c771610febb21bbb4fe4bfa5
3fc2d2325282f8ceb8c6100733e41a97216e1ab93f351a3e1eace25c4099231f
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47c7e3e605b64ba77f691904be3540de1dd5879d4410fa46353305149b4f0876
4f338fc81c3d624d385dbe0a8701654fea90d07b52d140e175867fb1ca158e55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53dc32e6e95669eb140f9fa93f9d787af28fd80a8f5e55f6dd3bc2c398fa7599
5747bdb6c7fd5f3fa0b4894645ff88d493c56fceabbd9208ee4a8d5340a8f031
5bcca973a9b6abce7bc8896f3ba3cc0e9a58bf954145d75691e7bb7de0099587
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
672177727ee5eae6973f57df342c33e854e673f5eecdbdf02aa0f63c1db02265
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba5f3edb2c2e41a487f3791abd280e5f8bd70490535bf54d72dd503038223c7
6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1
6edcbcec7e500e8b3a989db7586b7ed3bf7d44bfac15f5530fa8129e5d555e65
78a1d6aef842a4167a919fa6280d76b849b09dcc329bc0f9701f219546afc818
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7ac87dd9f74a67f144a3913ab313da479b90f31059c3d486b48e300ef72ea13f
8239ec3813476a434d3031db13d826e1d645b9402954a82053f509dc0bb2655a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c
9f81fd8f16f2252dd378308c71da6fd438e247d2c6180e2bd08a9d561ef7b8a3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa856dd24ab4db96151f3518ad7244a47397a884476836e969dc2eb1380cbabd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b35de447b7da2ee266910d4b31dba06a1ad2d80451ae2ec15ff274b3db769052
b37b182ad4668933acde8ceb2e302e1184e9e81d0f9d50e604c3c999947c2d2b
b3c078eddf56a0a09195705c79fd5c4f3aab7a5375e91f2ce575d8fea3faa39f
bc4ae72d43593c2fc59ead95f45eb0c3b02cd465fd427b3fff5224e476d26259
c3cd81f012f67d166c9c8fba799c1d2bdebfdceb304712f434b0fc6341dde4b5
c4dea9a41e26e3643f719bb3c9b31c3dfa224c4c89f040ba932c9d1b4298f71f
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d5629a5b40d0b810c9c93eab6e02abfa6f405e374541bde05be5cd296e7ff922
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5a1b4095e3d61b99418bd59a1f45fd9ce8203153bc967496a8e1603f583fb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e79cf6425d73bbbd905a4aa634c3f73b9dafd9c04086921959cf2b8169132e8b
eea452344daf3e3eddf30e915bfe3a01df960c7982ac8bd8adadd42ffe998197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18276f9378ef332277bbb2d235d34d9f9c61152f6d9f080e58d1f3ed74fe8e9

web.koho.ca Open in urlscan Pro 104.18.6.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

96 %HTTPS

0 %IPv6

30 Domains

37 Subdomains

35 IPs

3 Countries

2779 kBTransfer

9605 kBSize

25 Cookies

0 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

web.koho.ca Open in urlscan Pro
104.18.6.38 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

96 %
HTTPS

0 %
IPv6

30
Domains

37
Subdomains

35
IPs

3
Countries

2779 kB
Transfer

9605 kB
Size

25
Cookies

84 HTTP transactions
7 data transactions