urlscan.io logo urlscan.io
SecurityTrails logo

web.koho.ca Open in urlscan Pro
104.18.6.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://inrd.ca/
Effective URL: https://web.koho.ca/referral/XEZL9272
Submission: On September 27 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 2 countries across 35 domains to perform 108 HTTP transactions. The main IP is 104.18.6.38, located in and belongs to CLOUDFLARENET, US. The main domain is web.koho.ca.
TLS certificate: Issued by WE1 on September 20th 2024. Valid for: 3 months.
This is the only time web.koho.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.210.96.121 32748 (STEADFAST)
18 104.18.6.38 13335 (CLOUDFLAR...)
1 108.139.47.42 16509 (AMAZON-02)
1 108.138.128.124 16509 (AMAZON-02)
5 23.206.172.45 20940 (AKAMAI-ASN1)
1 3.163.245.4 16509 (AMAZON-02)
7 34.236.100.83 14618 (AMAZON-AES)
2 151.101.193.140 54113 (FASTLY)
1 34.117.162.98 396982 (GOOGLE-CL...)
2 151.101.44.157 54113 (FASTLY)
2 4 98.82.157.231 14618 (AMAZON-AES)
2 31.13.71.7 32934 (FACEBOOK)
1 151.101.65.140 54113 (FASTLY)
2 162.159.140.229 13335 (CLOUDFLAR...)
2 104.244.42.131 13414 (TWITTER)
6 35.190.43.134 15169 (GOOGLE)
1 151.101.64.176 54113 (FASTLY)
1 34.120.195.249 396982 (GOOGLE-CL...)
7 13.249.86.140 16509 (AMAZON-02)
6 151.101.194.217 54113 (FASTLY)
1 172.66.44.175 13335 (CLOUDFLAR...)
2 157.240.241.35 32934 (FACEBOOK)
2 151.101.192.176 54113 (FASTLY)
1 172.66.47.81 13335 (CLOUDFLAR...)
1 35.155.246.37 16509 (AMAZON-02)
1 108.139.29.40 16509 (AMAZON-02)
1 23.57.90.111 20940 (AKAMAI-ASN1)
4 142.250.72.104 15169 (GOOGLE)
4 142.250.65.206 15169 (GOOGLE)
1 142.250.72.98 15169 (GOOGLE)
1 142.251.40.164 15169 (GOOGLE)
2 142.251.41.3 15169 (GOOGLE)
1 142.251.111.154 15169 (GOOGLE)
1 216.239.32.181 15169 (GOOGLE)
1 34.210.38.139 16509 (AMAZON-02)
2 13.107.42.14 8068 (MICROSOFT...)
1 13.249.91.102 16509 (AMAZON-02)
4 3.233.199.232 14618 (AMAZON-AES)
4 104.18.36.46 13335 (CLOUDFLAR...)
2 108.139.47.46 16509 (AMAZON-02)
1 3.228.87.93 14618 (AMAZON-AES)
108 41
1    162.210.96.121 (United States)

ASN32748 (STEADFAST, US)
inrd.ca
18    104.18.6.38 (None, )

ASN13335 (CLOUDFLARENET, US)
web.koho.ca
webgateway.koho.ca
1    108.139.47.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-42.jfk50.r.cloudfront.net
websdk.appsflyer.com
1    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
cdn.plaid.com
5    23.206.172.45 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-45.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)
sc-static.net
7    34.236.100.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-100-83.compute-1.amazonaws.com
tags.srv.stackadapt.com
2    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com
pixel.byspotify.com
2    151.101.44.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    98.82.157.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-231.compute-1.amazonaws.com
s.amazon-adsystem.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
6    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
1    151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o36260.ingest.sentry.io
7    13.249.86.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-86-140.jfk52.r.cloudfront.net
cdn.segment.com
6    151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
1    172.66.44.175 (United States)

ASN13335 (CLOUDFLARENET, US)
solve-widget.forethought.ai
2    157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com
www.facebook.com
2    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    172.66.47.81 (United States)

ASN13335 (CLOUDFLARENET, US)
solve-widget.forethought.ai
1    35.155.246.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-246-37.us-west-2.compute.amazonaws.com
api.segment.io
1    108.139.29.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-40.jfk50.r.cloudfront.net
cdn.amplitude.com
1    23.57.90.111 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-57-90-111.deploy.static.akamaitechnologies.com
snap.licdn.com
4    142.250.72.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f8.1e100.net
www.googletagmanager.com
4    142.250.65.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net
www.google-analytics.com
1    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.40.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net
www.google.com
2    142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net
www.google.ca
1    142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
stats.g.doubleclick.net
1    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    34.210.38.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-38-139.us-west-2.compute.amazonaws.com
api.amplitude.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.249.91.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-91-102.jfk52.r.cloudfront.net
widget.intercom.io
4    3.233.199.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-199-232.compute-1.amazonaws.com
events.launchdarkly.com
4    104.18.36.46 (None, )

ASN13335 (CLOUDFLARENET, US)
sdk.iad-03.braze.com
2    108.139.47.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-46.jfk50.r.cloudfront.net
js.intercomcdn.com
1    3.228.87.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-87-93.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
18 koho.ca
web.koho.ca
webgateway.koho.ca
1 MB
10 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 797
events.launchdarkly.com — Cisco Umbrella Rank: 947
28 KB
7 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2021
38 KB
7 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3026
10 KB
6 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 921
tr6.snapchat.com — Cisco Umbrella Rank: 1409
945 B
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 821
139 KB
4 braze.com
sdk.iad-03.braze.com — Cisco Umbrella Rank: 3466
15 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
23 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
415 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 360
3 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1391
160 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 3721
285 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2685
api-iam.intercom.io — Cisco Umbrella Rank: 3069
6 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 358
www.linkedin.com Failed
957 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 10961
127 B
2 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 158
64 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
3 KB
2 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3273
api.amplitude.com — Cisco Umbrella Rank: 2636
18 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
4 KB
2 forethought.ai
solve-widget.forethought.ai — Cisco Umbrella Rank: 13988
12 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1133
843 B
2 t.co
t.co — Cisco Umbrella Rank: 857
817 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
81 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 989
15 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1249
13 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 906
14 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1428
171 B
1 sentry.io
o36260.ingest.sentry.io
300 B
1 reddit.com
pixel-config.reddit.com Failed
alb.reddit.com — Cisco Umbrella Rank: 1488
637 B
1 byspotify.com
pixel.byspotify.com — Cisco Umbrella Rank: 7762
22 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1232
23 KB
1 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 17819
45 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 6237
14 KB
1 inrd.ca
inrd.ca
361 B
0 Failed
function sub() { [native code] }. Failed
108 35
Domain Requested by
14 web.koho.ca web.koho.ca
7 cdn.segment.com web.koho.ca
7 tags.srv.stackadapt.com web.koho.ca
tags.srv.stackadapt.com
6 app.launchdarkly.com web.koho.ca
5 tr.snapchat.com sc-static.net
5 analytics.tiktok.com web.koho.ca
analytics.tiktok.com
4 sdk.iad-03.braze.com web.koho.ca
4 events.launchdarkly.com web.koho.ca
4 www.google-analytics.com cdn.segment.com
www.google-analytics.com
web.koho.ca
4 www.googletagmanager.com cdn.segment.com
www.googletagmanager.com
www.google-analytics.com
4 webgateway.koho.ca web.koho.ca
4 s.amazon-adsystem.com 2 redirects web.koho.ca
3 js.stripe.com web.koho.ca
js.stripe.com
2 js.intercomcdn.com widget.intercom.io
2 px.ads.linkedin.com web.koho.ca
2 www.google.ca web.koho.ca
2 www.facebook.com web.koho.ca
2 solve-widget.forethought.ai web.koho.ca
solve-widget.forethought.ai
2 analytics.twitter.com web.koho.ca
2 t.co web.koho.ca
2 connect.facebook.net web.koho.ca
connect.facebook.net
2 static.ads-twitter.com web.koho.ca
www.googletagmanager.com
2 www.redditstatic.com web.koho.ca
www.redditstatic.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io web.koho.ca
1 api.amplitude.com web.koho.ca
1 analytics.google.com web.koho.ca
1 stats.g.doubleclick.net web.koho.ca
1 www.google.com web.koho.ca
1 googleads.g.doubleclick.net www.googletagmanager.com
1 snap.licdn.com cdn.segment.com
1 cdn.amplitude.com cdn.segment.com
1 api.segment.io web.koho.ca
1 tr6.snapchat.com sc-static.net
1 o36260.ingest.sentry.io web.koho.ca
1 alb.reddit.com web.koho.ca
1 pixel.byspotify.com web.koho.ca
1 sc-static.net web.koho.ca
1 cdn.plaid.com web.koho.ca
1 websdk.appsflyer.com web.koho.ca
1 inrd.ca 1 redirects
0 www.linkedin.com Failed web.koho.ca
0 pixel-config.reddit.com Failed www.redditstatic.com
0 truncated Failed web.koho.ca
108 44

This site contains links to these domains. Also see Links.

Domain
www.koho.ca
Subject Issuer Validity Valid
web.koho.ca
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.appsflyer.com
Amazon RSA 2048 M03		 2024-02-04 -
2025-03-03		 a year crt.sh
secure.plaid.com
DigiCert EV RSA CA G2		 2024-03-12 -
2025-03-11		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2024-08-09 -
2025-09-06		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
pixel.byspotify.com
WR3		 2024-08-19 -
2024-11-17		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
t.co
E6		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-07-22		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
webgateway.koho.ca
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
solve-widget.forethought.ai
WE1		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02		 2023-12-14 -
2025-01-12		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.ca
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-09-11 -
2025-03-11		 6 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M03		 2024-07-16 -
2025-08-14		 a year crt.sh
iad-03.braze.com
E6		 2024-08-07 -
2024-11-05		 3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 9 frames:

Primary Page: https://web.koho.ca/referral/XEZL9272
Frame ID: AD37AA8DA8440D2F7C6A84F3875C0538
Requests: 92 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=478246191498682900&dcc=t
Frame ID: 39275F37277ECAEE19EEA2272B92B79B
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=bb944a37-0fe4-494e-8e32-c0759582e7df&u_sclid=9f212170-2a17-4c93-b471-0b800f70566e
Frame ID: A479BD7A9E0066CE2C9205C0387B6755
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-df77cc2878ddd55b5724d8c7f2f618f6.html
Frame ID: F3BCFA5CF5FB48746CAECB0028598A36
Requests: 1 HTTP requests in this frame

Frame: https://solve-widget.forethought.ai/?v=2
Frame ID: E25A5ACC51F53570A70974A0FEB0F71C
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 616BC04A30A985C54483E34926186F10
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5F7C12627C175190AC63AA03816FA547
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 401AA3FB615FB90BFC090C5B6FF7BB8E
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.5298f2a3.js
Frame ID: 8C55656D4A11C465E8AEDB4E533BD4E4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

KOHO

Page URL History Show full URLs

  1. https://inrd.ca/ HTTP 301
    https://web.koho.ca/referral/XEZL9272 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

108
Requests

97 %
HTTPS

0 %
IPv6

35
Domains

44
Subdomains

41
IPs

2
Countries

2802 kB
Transfer

9715 kB
Size

103
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://inrd.ca/ HTTP 301
    https://web.koho.ca/referral/XEZL9272 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=478246191498682900 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=478246191498682900&dcc=t
Request Chain 12
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40 HTTP 302
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&dcc=t
Request Chain 95
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1727442965076&li_adsId=b65eeb4c-da11-4dca-93a6-9d2b501b372e&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1727442965076&li_adsId=b65eeb4c-da11-4dca-93a6-9d2b501b372e&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&cookiesTest=true HTTP 0
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1727442965076%26li_adsId%3Db65eeb4c-da11-4dca-93a6-9d2b501b372e%26url%3Dhttps%253A%252F%252Fweb.koho.ca%252Freferral%252FXEZL9272%26cookiesTest%3Dtrue%26liSync%3Dtrue

108 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XEZL9272
web.koho.ca/referral/
Redirect Chain
  • https://inrd.ca/
  • https://web.koho.ca/referral/XEZL9272
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256a94cf916aa2f37ab71305486a1c724bf44097a39f2d814fdf1fb80c80bc75
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
67179
cache-control
public, max-age=0, s-maxage=31536000
cf-cache-status
DYNAMIC
cf-ray
8c9bc3df78fcab27-YYZ
content-encoding
br
content-type
text/html
date
Fri, 27 Sep 2024 13:15:54 GMT
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
x-amz-cf-id
XdqXuc_UHBZwvwQ-OCfNIb-d_KUF40UxeQz-8QqtR9YOi3KdkNE7GQ==
x-amz-cf-pop
YTO50-C3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-length
245
content-type
text/html; charset=iso-8859-1
date
Fri, 27 Sep 2024 13:15:53 GMT
location
https://web.koho.ca/referral/XEZL9272
server
Apache
/
websdk.appsflyer.com/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-42.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

x-amz-cf-pop
JFK50-P1
content-encoding
br
etag
W/"ad6e8ace01357e7c84957fc6fc296d42"
age
2372
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
rjFcsc8_Cbp77frbg90FLjt0cPW6pE7l5AlI8_w91FqE2t8BuSn51Q==
date
Fri, 27 Sep 2024 12:36:23 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Wed, 14 Jun 2023 06:58:46 GMT
x-amz-server-side-encryption
AES256
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		157 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e68c3974a1631ba945970b3d8cb43af79fb61f8a56b107aab1d12245eb480907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
br
x-amz-version-id
Cwk6.NfpQDyD3li_I7KxaQjJ9H6HneOw
etag
W/"b5b267b960a345ae5eefb8f3d18f1f6d"
age
7868
x-cache
Hit from cloudfront
x-amz-cf-id
qVgklHJjNCJ-nwsgUHiftLulIL72TGZM_Bn3KVLMFTZTiK75zlYfNg==
date
Fri, 27 Sep 2024 11:04:47 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 26 Sep 2024 13:43:41 GMT
x-amz-id-2
m184Y4La4vJU1t661cmTheaZrMZ/2/zah2mqXaDpgZHw0fQRLJVARcM9VoTeU6agPUA6y8jzZLCIF7aqhXLAgBacUqSDYQqN80bDZdLx1Ew=
x-amz-replication-status
COMPLETED
cache-control
no-cache,must-revalidate,max-age=0
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
x-amz-request-id
M4EKN2WPT5JW42RB
x-amz-cf-pop
JFK50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.45 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-45.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8fad3705a1a472691773031852ccee4616ba18f8fa7107b389d6c0b0a3e49293

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-213.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
expires
Fri, 27 Sep 2024 13:15:54 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=95, origin; dur=20, inner; dur=4
x-cache
TCP_MISS from a23-58-89-83.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
11a41b87.b982ef
x-tt-trace-host
017323e79f3991bfcedb6591e129e382bd89ad1afd0f7955579ce82a4aaead82633dc372eb26659755e562524191bb7c638816cdb6874e779377a035a0fd1c076439b81814962e98f4a4548ed0a0ac55dd7faddae6c8048696d002d15cb1ecfd81e756cbe12e4d6ca99bf016a8ee8614f2
x-origin-response-time
20,23.220.104.213
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240927131554E38ACED9C51131C3D818-3D46DD873DA29B75-00
content-length
2248
x-parent-response-time
77,23.58.89.83
x-tt-logid
20240927131554E38ACED9C51131C3D818
server
nginx
scevent.min.js
sc-static.net/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bf4b1dd1103e7ade27a95fd976a984715c5e003947cc1e30a8e8971c2d154dbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
private, s-maxage=0, max-age=600
content-encoding
gzip
via
1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
23485
x-amz-cf-id
nA-SqDLauMQW_UWy9AImB4e9TZ7pzlLqqNk9ysvG-HIrMfMidmuZkA==
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
application/javascript;charset=utf-8
x-amz-cf-pop
YUL62-P2
server
CloudFront
access-control-allow-headers
Content-Type
events.js
tags.srv.stackadapt.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.100.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-100-83.compute-1.amazonaws.com
Software
/
Resource Hash
9edb0a531341c78bea7eb4cb08dba5ce699755fe765d725b5418643e1fafc822

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-allow-origin
*
cache-control
max-age=5
content-encoding
gzip
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
text/javascript
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"bed9b675380c07edc84c03d0f362b192"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12103
date
Fri, 27 Sep 2024 13:15:54 GMT
last-modified
Mon, 23 Sep 2024 17:14:22 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
ping.min.js
pixel.byspotify.com/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.byspotify.com/ping.min.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.162.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag
"4eddeec95afda969b3d1b2fb970c1eb1"
age
2141
x-goog-stored-content-encoding
identity
expires
Fri, 27 Sep 2024 13:40:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
22096
date
Fri, 27 Sep 2024 12:40:13 GMT
last-modified
Tue, 25 Jun 2024 13:55:33 GMT
content-type
text/javascript
x-guploader-uploadid
AD-8ljt6YAjIq2svZzqZICnsOw0V8iEuyq8uY_8roZ2p2Rt2cNs7YAjQl-mN3Dh3M1vt_A8jGtQ
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
x-goog-generation
1719323733334567
content-length
22096
server
UploadServer
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.44.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Fri, 27 Sep 2024 13:15:54 GMT
x-tw-cdn
FT
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000023-IAD, cache-nyc-kteb1890085-NYC
x-amz-server-side-encryption
AES256
index.2.11.3.js
web.koho.ca/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/index.2.11.3.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf7c2922e8fe04447a49e376348f014a1a7b6269b08cc7976f1547814be9af7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://web.koho.ca
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"3f57df2ba91b15840a1212ae1a68a35e"
age
67512
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
1SFK8xlv1SxTVfTPKycl_lWNRH6S3k_tF29nBhrFKnuv7Qh2iYJLRw==
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-ray
8c9bc3e22b5dab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
index.2.11.3.css
web.koho.ca/ 		177 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/index.2.11.3.css
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6d7e3db9f7ea0e1f5a2ac594e4b4c23d6169986daa121b3f10263f39053fd8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"31a3b0872da0a24dd5a3b75555f29ccc"
age
67512
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
l7-E_aywaEe-_wZzXb9u0ZRSU6dm0Za3Qwdi-z24A131PEtbs6uY9w==
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
cf-ray
8c9bc3e22b5bab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
registerSW.js
web.koho.ca/ 		146 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/registerSW.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc2d2325282f8ceb8c6100733e41a97216e1ab93f351a3e1eace25c4099231f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"38013143dc2183340ede8bc1c5124507"
age
67512
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
DOxK6INvJUBw96Iwb8Y2hPBqfCjrwAGCBZEp71rx0OpYwosbZ6jXng==
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
cf-ray
8c9bc3e22b5fab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
iu3
s.amazon-adsystem.com/ Frame 3927
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=478246191498682900&dcc=t
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.157.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-157-231.compute-1.amazonaws.com
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1872
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 27 Sep 2024 13:15:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
78DVZP4NM7WZKWFY19BS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 27 Sep 2024 13:15:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=478246191498682900&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R5TNYB08GTQ7ZA683WPJ
iui3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&dcc=t
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
HTTP/1.1
Server
98.82.157.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-157-231.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
3VCBVBMTQN0WAT3SZHFB
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Fri, 27 Sep 2024 13:15:54 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
G2N5P51CSQ9Y6S7STPZH
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Fri, 27 Sep 2024 13:15:54 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
cyRzAIPngSCDEIU6gI/WZS5nD2jz3gl8u0gPHgqK5O4zW9ZfTyiv1keTTlLdEcWI8XwUCau0b7FwUR2X0P0/Vg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59070
x-xss-protection
0
truncated
/ 		0
0
config
pixel-config.reddit.com/pixels/t2_e4ba8g8u/ 		0
0
t2_e4ba8g8u_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_e4ba8g8u_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
97
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1727442954840&id=t2_e4ba8g8u&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=9cc01a56-eb74-4db8-9b40-e5029da81514&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5afed25b&dpm=&dpcc=&dprc=
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
image/gif
server
Varnish
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.100.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-100-83.compute-1.amazonaws.com
Software
/
Resource Hash
e79246268023b3e5648e3d2095e65fbfbc769c325b010ab5643c0627925d140c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.100.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-100-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
image/jpeg
adsct
t.co/1/i/ 		43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0c048b9c-b402-4998-a2f0-04f8f075da7c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1ed7376c-6397-497e-98a2-7cc858c92f97&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.30
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=0
x-transaction-id
1cfd92bce805e012
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8d75b0f49a2874f87e976aa7615b8c4031f870ae1ff23af39ae893a0087e4d65
cf-cache-status
DYNAMIC
cf-ray
8c9bc3e5ee3f36ce-YYZ
x-response-time
79
content-length
43
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0c048b9c-b402-4998-a2f0-04f8f075da7c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1ed7376c-6397-497e-98a2-7cc858c92f97&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.30
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
c6b31bbaa8bb2529
cache-control
no-cache, no-store, max-age=0
x-connection-hash
479d760dbb4c9b8862645aefb889b43b0256dc0c0456d9a92a557e870dfe53fd
x-response-time
13
content-length
43
date
Fri, 27 Sep 2024 13:15:55 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
18f977ac-724c-4b10-a145-d6c3aa30a9c6.json
tr.snapchat.com/config/ca/ 		101 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/ca/18f977ac-724c-4b10-a145-d6c3aa30a9c6.json?v=3.31.3-2409262045
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
10c7a07a10b7be94124b2d321286ae12289cd0984db4bfe8be40618194104cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
39
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google, 1.1 google
access-control-allow-origin
https://web.koho.ca
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
application/json
server
API Gateway
i
tr.snapchat.com/cm/ Frame A479 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=bb944a37-0fe4-494e-8e32-c0759582e7df&u_sclid=9f212170-2a17-4c93-b471-0b800f70566e
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Fri, 27 Sep 2024 13:15:55 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
0
main.MWZkMThhNTg2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		341 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.45 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-45.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f00b02b25d3be98c97bac513dfa32828c1816692ab10a25a4ba31b3cc166251e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

x-cache
TCP_HIT from a23-58-89-83.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id
00-240926131353B70891B471B544595B85-3AB9DD8F771DC818-00
content-length
97231
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240926131353B70891B471B544595B85
server
nginx
x-akamai-request-id
b98498
x-tt-trace-host
01bf56f3e0e6083a0f197efc6196e45ffbed67691fcfbcc7a9b43f34bef6640f14541060ae3af4810768a2fd0667fb712190205e47eed3334548cfb15398fbbc044355255909e98e78b12fc525661a0c7d2e02c2d4384c91d71cbc0e52b3b304e6
599633800219052
connect.facebook.net/signals/config/ 		98 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/599633800219052?v=2.9.168&r=stable&domain=web.koho.ca&hme=3ba426d944c98eb3ce406a0f93fc097d0320a486b65b445a33b2eda3a5aa3429&ex_m=70%2C119%2C105%2C109%2C61%2C4%2C98%2C69%2C16%2C95%2C87%2C51%2C54%2C170%2C173%2C185%2C181%2C182%2C184%2C29%2C99%2C53%2C76%2C183%2C165%2C168%2C178%2C179%2C186%2C129%2C41%2C34%2C141%2C15%2C50%2C192%2C191%2C131%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C91%2C17%2C14%2C94%2C90%2C89%2C106%2C52%2C108%2C39%2C107%2C30%2C92%2C26%2C166%2C169%2C138%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C74%2C100%2C27%2C75%2C9%2C8%2C79%2C48%2C21%2C102%2C101%2C103%2C96%2C10%2C20%2C3%2C38%2C19%2C84%2C56%2C82%2C33%2C73%2C0%2C93%2C32%2C81%2C86%2C47%2C46%2C85%2C37%2C5%2C88%2C80%2C44%2C35%2C83%2C2%2C36%2C63%2C42%2C104%2C45%2C78%2C68%2C110%2C60%2C59%2C31%2C97%2C58%2C55%2C49%2C77%2C72%2C24%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
e38c65c61faacd1e56cf66e16d328e1cf2716c0a916bef0487a2ecac6c8102b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=1, c=68, mss=1232, tbw=68460, tp=64, tpl=1, uplat=1, ullat=-1
pragma
public
x-fb-debug
prraoMhwvF10BplNWdCqdryRWTSulRkl4JtZGtyQZHlERI131IlJMhYlXRu43Hh/lQ1eqS04xCOFVhnLds4TMA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
23607
x-xss-protection
0
v3
js.stripe.com/ 		658 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5d9eae9c05959fd61894aeb2d4c83ac44f7a7e080fd654d3c16527428028ba69
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

x-request-id
36579c6e-e971-49e8-82a0-0498c2720059
content-encoding
br
etag
"888b1ca251e52362cfdf028a22c15fe0"
age
7
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Fri, 27 Sep 2024 13:15:55 GMT
last-modified
Fri, 27 Sep 2024 01:36:37 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-yyz4525-YYZ
x-cache-hits
2
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
162966
server
Fastly
/
o36260.ingest.sentry.io/api/3725458/envelope/ 		2 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o36260.ingest.sentry.io/api/3725458/envelope/?sentry_key=b6af6813dda749a3836c9191fe2b4be2&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.50.0
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
settings
cdn.segment.com/v1/projects/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/settings
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78a1d6aef842a4167a919fa6280d76b849b09dcc329bc0f9701f219546afc818

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
c72q6ZJ.lgl_nmZV20ludSXo0VksuS4H
etag
W/"93366b6090cc2e9b3a7b8588a57d00c7"
age
2708
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
b_VXWpeVxZMImTiUVe5HbFGTq1Qwp2rScA4XTKQm_cyRoec3uz6E-w==
date
Fri, 27 Sep 2024 12:30:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 25 Jul 2024 22:16:43 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 ecc843250500aa5c06bbd62ad8a4abd6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
logo-background.2.11.3.svg
web.koho.ca/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.koho.ca/logo-background.2.11.3.svg
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937d0fc0c4c2a1b468fcee6070b979dc2cdd953342c60a6eedaa251b03e623c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"6a5a3fb3290ae4294d73fa5ba1e0d826"
age
67371
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
zoqx_-mjcZGiSTQa6qZmuAcOx10P7MykPmYp3gwXixYBv69G53nimw==
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
image/svg+xml
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
cf-ray
8c9bc3e8b9d2ab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
referral-users.2.11.3.webp
web.koho.ca/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.koho.ca/referral-users.2.11.3.webp
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fd4daaee6b801db3232129ecad281d07314f199a0fad28e3e79497ef5c6380
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

cf-cache-status
DYNAMIC
etag
"80cca11c5111af4e12fd262858a81f37"
age
67472
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
pIIxcaGIOlOJVkb2mQEHUB65Q1DfFd4CfC1v6y7mCOHxsl2SwQtodw==
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-ray
8c9bc3e8b9d3ab27-YYZ
accept-ranges
bytes
content-length
35726
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
card-checkout.2.11.3.webp
web.koho.ca/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.koho.ca/card-checkout.2.11.3.webp
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f19e96f1d5a642a7504d19fda7a11b5e7d1cf4458f68d9ededdcde106dea4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

cf-cache-status
DYNAMIC
etag
"4efd6499a91ac84d50d25448d16ec465"
age
67371
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
3BDHQOQ9nzNesHKkO7CJJdo7dl2_ackUPOqciBWyY8LfqiYUvBjNWA==
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
image/webp
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-ray
8c9bc3e8b9d5ab27-YYZ
accept-ranges
bytes
content-length
24336
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
5eeb94841ab9a70a809cdc75
app.launchdarkly.com/sdk/goals/ 		2 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5eeb94841ab9a70a809cdc75
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4

Response headers

content-md5
d751713988987e9331980363e24189ce
access-control-max-age
300
content-encoding
gzip
etag
"d751713988987e9331980363e24189ce"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Fri, 27 Sep 2024 13:16:02 GMT
content-type
application/json
x-served-by
cache-yyz4579-YYZ
x-cache-hits
7
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
cache-control
max-age=0
x-timer
S1727442963.950983,VS0,VE0
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
26
eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTBlN2IxZDAtN2NkMi0xMWVmLTgzMWQtOTFjNDg3M2NiODA5In0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ 		56 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTBlN2IxZDAtN2NkMi0xMWVmLTgzMWQtOTFjNDg3M2NiODA5In0
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8239ec3813476a434d3031db13d826e1d645b9402954a82053f509dc0bb2655a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4

Response headers

access-control-max-age
300
content-encoding
gzip
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
MISS
date
Fri, 27 Sep 2024 13:16:02 GMT
content-type
application/json
vary
Accept-Encoding
x-served-by
cache-yyz4579-YYZ
x-cache-hits
0
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security
max-age=31536000; includeSubDomains
x-timer
S1727442963.951012,VS0,VE25
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
71
basis-grotesque-medium.2.11.3.woff2
web.koho.ca/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/basis-grotesque-medium.2.11.3.woff2
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016f61f01838ce5e1d9564ffe5a84616a3c4f66048f99f1e89f410a9dc2cad9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://web.koho.ca
Referer
https://web.koho.ca/index.2.11.3.css

Response headers

cf-cache-status
DYNAMIC
etag
"d37b904ee00f12ca729be334e9eeb28a"
age
67511
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
206fqGx7FTUVzPgQLhXLNcR9D9CTAOCy1Sa0HWIkkNT6Ntk0cK2EVA==
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 6214a527498e2ef36dfa341608b180c0.cloudfront.net (CloudFront)
cf-ray
8c9bc3e8d9f7ab27-YYZ
accept-ranges
bytes
content-length
28148
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
basis-grotesque-bold.2.11.3.woff2
web.koho.ca/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/basis-grotesque-bold.2.11.3.woff2
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://web.koho.ca
Referer
https://web.koho.ca/index.2.11.3.css

Response headers

cf-cache-status
DYNAMIC
etag
"17627e07a001f770a3f441710f74f61c"
age
67510
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
BKICE6ZAQ-CkbbMFFnTmvhTfh94CpHPbVjJzQADrp707m2DHvmHnpg==
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
cf-ray
8c9bc3e8d9f8ab27-YYZ
accept-ranges
bytes
content-length
27812
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
basis-grotesque-regular-pro.2.11.3.woff2
web.koho.ca/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/basis-grotesque-regular-pro.2.11.3.woff2
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://web.koho.ca
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

cf-cache-status
DYNAMIC
etag
"c294fc5a277925342bcdbda0ebe58f61"
age
67511
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
MKa9ns_Ybg69bAKHG36mALdNoqdnpk0P1sIiAsok2eUI2h5KhzCH-w==
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
font/woff2
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-ray
8c9bc3e8d9f9ab27-YYZ
accept-ranges
bytes
content-length
50128
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
XEZL9272
webgateway.koho.ca/1.0/referrals/code/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/referrals/code/XEZL9272
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0fa26d13d2d772c0ba569ab58307bb5e704277ab5ea652a5a2eda76df29c225
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-koho-app-version
2.0.0
X-Organization
koho
x-koho-device-platform
web
x-device-id
84a2e47d-9955-4620-86ff-1509a8ab7c0e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-correlation-id
aa175f1e-1528-4f13-8859-c752fa1178f5
cf-cache-status
DYNAMIC
content-encoding
br
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8c9bc3edfd5638e2-YYZ
x-causation-id
aa175f1e-1528-4f13-8859-c752fa1178f5
x-organization
koho
access-control-allow-origin
https://web.koho.ca
date
Fri, 27 Sep 2024 13:15:57 GMT
content-type
application/json; charset=UTF-8
vary
Origin
server
cloudflare
embed.js
solve-widget.forethought.ai/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/embed.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9282844f53c3f4a67434fe4c5dc6588a3494640c0ceecd236e5a599e8adf348f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"8998381e84bb18ee25af81a1af695aaf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BESV3uiOO2BVqrLRHfPadgK9zMOK08JHHOQ5EbEJ3q%2B5Qx32nsdGXP4FryodVyJjlVx5iSBpYZYsfs%2FpxhH5%2FsvtoVBPIwsH4WFI6deA57lpDKC1eBQE2xPDpYC8WZ1WXOTTye3fpsWQSXm7Ar8%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8c9bc3ec6adf3702-YYZ
access-control-allow-methods
GET
access-control-allow-origin
*
date
Fri, 27 Sep 2024 13:15:56 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
hash
webgateway.koho.ca/1.0/users/users/anonymous-b/flags/ 		88 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/users/users/anonymous-b/flags/hash
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014a7b4417ad3e24d4e19865a4b4feb5bf04a5b0faf4a63b527a737956198d0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-koho-app-version
2.0.0
X-Organization
koho
x-koho-device-platform
web
x-device-id
84a2e47d-9955-4620-86ff-1509a8ab7c0e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-correlation-id
94780cd5-4b8b-4c6a-8329-5fe19d535e1f
cf-cache-status
DYNAMIC
content-encoding
br
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8c9bc3ee0d5c38e2-YYZ
x-causation-id
94780cd5-4b8b-4c6a-8329-5fe19d535e1f
x-organization
koho
access-control-allow-origin
https://web.koho.ca
date
Fri, 27 Sep 2024 13:15:56 GMT
content-type
application/json; charset=UTF-8
vary
Origin
server
cloudflare
p
tr.snapchat.com/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
via
1.1 google, 1.1 google
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin
https://web.koho.ca
content-length
0
date
Fri, 27 Sep 2024 13:15:59 GMT
server
API Gateway
5eeb94841ab9a70a809cdc75
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5eeb94841ab9a70a809cdc75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 27 Sep 2024 13:16:02 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-yyz4579-YYZ
x-timer
S1727442963.929112,VS0,VE0
eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTBlN2IxZDAtN2NkMi0xMWVmLTgzMWQtOTFjNDg3M2NiODA5In0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTBlN2IxZDAtN2NkMi0xMWVmLTgzMWQtOTFjNDg3M2NiODA5In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 27 Sep 2024 13:16:02 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
8
x-served-by
cache-yyz4579-YYZ
x-timer
S1727442963.929106,VS0,VE0
saq_pxl
tags.srv.stackadapt.com/ 		94 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=xCz9Z3EeOCh0gHnlFpjwwA&is_js=true&landing_url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&t=KOHO&tip=iwX6_WiniGZ_3APcM9mzRvPg_Uf9A9nBGGBzYiVK_a0&host=https%3A%2F%2Fweb.koho.ca&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgiuDatwYwAToEQN4Ii0IE2mOk4w.8F3LWZZnacZqq%252BQ3tzLfoEzX1YgGlfDF1XGUCMetlXQ&sa-user-id-v2=s%253AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%252BOQbX%252FmiKuRQGnYn8fWI9RU2Aa0y8w97%252FMX%252BLz8&sa-user-id=s%253A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%252FDcrjgLhCazRVtCqs
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.100.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-100-83.compute-1.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-allow-methods
GET
access-control-allow-origin
https://web.koho.ca
content-length
94
date
Fri, 27 Sep 2024 13:15:55 GMT
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
*
XEZL9272
webgateway.koho.ca/1.0/referrals/code/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/referrals/code/XEZL9272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,CONNECT
access-control-allow-origin
https://web.koho.ca
cf-cache-status
DYNAMIC
cf-ray
8c9bc3eb0bee39ff-YYZ
date
Fri, 27 Sep 2024 13:15:56 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
hash
webgateway.koho.ca/1.0/users/users/anonymous-b/flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/users/users/anonymous-b/flags/hash
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,CONNECT
access-control-allow-origin
https://web.koho.ca
cf-cache-status
DYNAMIC
cf-ray
8c9bc3eb0bef39ff-YYZ
date
Fri, 27 Sep 2024 13:15:56 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
p
tr6.snapchat.com/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://web.koho.ca/

Response headers

via
1.1 google, 1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 27 Sep 2024 13:15:57 GMT
x-envoy-upstream-service-time
0
server
API Gateway
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=599633800219052&ev=PageView&dl=https%3A%2F%2Fweb.koho.ca&rl=&if=false&ts=1727442955977&sw=1600&sh=1200&v=2.9.168&r=stable&ec=0&o=4124&fbp=fb.1.1727442955973.496620533325227674&pm=1&hrl=0f8020&ler=empty&cdl=API_unavailable&it=1727442954967&coo=false&cs_cc=1&ccs=2036907989775049%2C2042001562539962&cas=7748182168559485%2C2280451298676074%2C2493627267356471%2C1925947637510218%2C2143156675783035%2C1375186855900984&rqm=GET
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1316, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 27 Sep 2024 13:15:56 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=599633800219052&ev=PageView&dl=https%3A%2F%2Fweb.koho.ca&rl=&if=false&ts=1727442955977&sw=1600&sh=1200&v=2.9.168&r=stable&ec=0&o=4124&fbp=fb.1.1727442955973.496620533325227674&pm=1&hrl=0f8020&ler=empty&cdl=API_unavailable&it=1727442954967&coo=false&cs_cc=1&ccs=2036907989775049%2C2042001562539962&cas=7748182168559485%2C2280451298676074%2C2493627267356471%2C1925947637510218%2C2143156675783035%2C1375186855900984&rqm=FGET
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419311002004916226"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc4a229c1287fe534","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:3200228373369739","24:1933916576659401","24:1843724245738692","7830:3200228373369739","7830:1933916576659401","7830:1843724245738692","10853:3200228373369739","10853:1933916576659401","10853:1843724245738692","41:3200228373369739","41:1933916576659401","41:1843724245738692","8046:3200228373369739","8046:1933916576659401","8046:1843724245738692"]},"debug_reporting":true,"debug_key":"1654527288128891073"}
date
Fri, 27 Sep 2024 13:15:56 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
R4mPXF+TOkQzlhlMR7GLcJFH80VF0jzsjpmPApXgUvm6yTVAmPXb3SXW7uuJGr3SJ7IUK3JJCriZ7w9Osl+BMg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419311002004916226", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1316, tbw=3089, tp=-1, tpl=-1, uplat=30, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.45 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-45.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

x-cache
TCP_MEM_HIT from a23-58-89-83.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=9
x-tt-trace-id
00-2408300225272DCF0E49A25075B1263C-578A250FEB8B6FD1-00
content-length
39485
date
Fri, 27 Sep 2024 13:15:56 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202408300225272DCF0E49A25075B1263C
server
nginx
x-akamai-request-id
b988ce
x-tt-trace-host
01219296fdbd6215c6ae9d1a5d5202510208699a917ea6bcb6a4a8867b5d0e3a82d275eead75f3ccdd7d419bc9d104e23828796e3478be100caab845546542c62c26bc38f14dbbc3b17887aead0622e6b449c5088362f1c101f4660cd6821aad8b
pixel
analytics.tiktok.com/api/v2/ 		0
719 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.45 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-45.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://web.koho.ca/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Fri, 27 Sep 2024 13:15:56 GMT
server-timing
inner; dur=30, cdn-cache; desc=MISS, edge; dur=30, origin; dur=58
x-cache
TCP_MISS from a23-58-89-83.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date
Fri, 27 Sep 2024 13:15:56 GMT
x-akamai-request-id
b988cf
access-control-allow-headers
Authorization,*
x-tt-trace-host
017323e79f3991bfcedb6591e129e382bdcf7403c48b53493af4b053afb4f74b7af2373ede8ea6c2b380d673865d9fa69183859ff30b8988e184eb348708e930baa6dc16301d5357f9799a8378c122da19c5259cd014027753029013a9369d89c3
x-origin-response-time
58,23.58.89.83
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240927131556A3B4E56ECA63D3C656BC-3D46DD873DC55808-00
content-length
0
x-tt-logid
20240927131556A3B4E56ECA63D3C656BC
server
nginx
controller-with-preconnect-df77cc2878ddd55b5724d8c7f2f618f6.html
js.stripe.com/v3/ Frame F3BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-df77cc2878ddd55b5724d8c7f2f618f6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
403
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 27 Sep 2024 13:15:56 GMT
etag
"df77cc2878ddd55b5724d8c7f2f618f6"
last-modified
Fri, 27 Sep 2024 00:55:42 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-content-type-options
nosniff
x-request-id
5a181895-4da9-4088-8747-4fb500056a8c
x-served-by
cache-yyz4539-YYZ
p
tr.snapchat.com/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
via
1.1 google, 1.1 google
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin
https://web.koho.ca
content-length
0
date
Fri, 27 Sep 2024 13:15:59 GMT
server
API Gateway
/
solve-widget.forethought.ai/ Frame E25A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/?v=2
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-transform
cf-ray
8c9bc3ed0fbb39fb-YYZ
content-type
text/html; charset=utf-8
date
Fri, 27 Sep 2024 13:15:56 GMT
etag
"8a967caaf2975010ce59b5ef0c46be06"
link
<https://solve-api.forethought.ai/>; rel="preconnect", <https://static.cloudflareinsights.com>; rel="preconnect", <https://cloudflareinsights.com>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4RS3JOi5yPGD6TnC4TUeQEvmRXidj%2Bu7Ttw6YSLoyAZldegKQNbCUkQwAHLVFyNZRRQLJNZtzLFsmvTRh%2F3BDyh1PRkbOCACzLkjs4Cvrek1MgG24xQ3BsuPslEDczsMZMY82HnHWstYQyMD0E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-type-options
nosniff
act
analytics.tiktok.com/api/v2/pixel/ 		0
875 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.45 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-45.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://web.koho.ca/

Response headers

x-cache-remote
TCP_MISS from a23-48-100-139.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Fri, 27 Sep 2024 13:15:56 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=74, origin; dur=32, inner; dur=24
x-cache
TCP_MISS from a23-58-89-83.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date
Fri, 27 Sep 2024 13:15:56 GMT
x-akamai-request-id
5e8feff6.b989b7
access-control-allow-headers
Authorization,*
x-tt-trace-host
017323e79f3991bfcedb6591e129e382bd7c670d43f10160e5bb7bd3fc3e270d502346a7173e1b03aab27369d113ea8597e2d06b2d0806fabd7c2f047b8ea07ee9ca5763127c4db76d9100e32e7c0d76ef6077f867fb04a83a6c342343843bb4e7c7a34f458ab8cd3f76e257d932ef9777
x-origin-response-time
32,23.48.100.139
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2409271315561BC95743112DA1BA5A2F-3C8ACCE973EBEA58-00
content-length
0
x-parent-response-time
77,23.58.89.83
x-tt-logid
202409271315561BC95743112DA1BA5A2F
server
nginx
eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ 		173 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0?h=5e7a2804c17b3b552f3cc07ea2daf3ec7fb341ae133bccb4cfdd33f7839a9192
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
874d5b3423947103e7b7c3e7d7963d73e72842c338d761e83c110341ab52cdae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4

Response headers

access-control-max-age
300
content-encoding
gzip
etag
"2324d_7KI3CaBfTAdQ8d2g4VykzQ==b"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Fri, 27 Sep 2024 13:16:03 GMT
content-type
application/json
x-served-by
cache-yyz4579-YYZ
x-cache-hits
9
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Authorization
cache-control
max-age=0
x-timer
S1727442963.030232,VS0,VE0
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27145
eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0?h=5e7a2804c17b3b552f3cc07ea2daf3ec7fb341ae133bccb4cfdd33f7839a9192
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 27 Sep 2024 13:16:03 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
9
x-served-by
cache-yyz4579-YYZ
x-timer
S1727442963.010582,VS0,VE0
index.2.11.34.js
web.koho.ca/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/index.2.11.34.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4bcee6745559d231f57b159e1ed4af39942af2cbe662bdbd70fd641a514502
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://web.koho.ca
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"19210db5ddffa18bc2a8c8c31a712835"
age
67516
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
D6HFbHCQHAES0Jpqq7a8StZvnlCACnMRpACPXkAwALIlTRawVnz_AQ==
date
Fri, 27 Sep 2024 13:16:03 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-ray
8c9bc4170eb0ab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
is-plan-event-enabled.2.11.3.js
web.koho.ca/ 		196 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/is-plan-event-enabled.2.11.3.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba5f3edb2c2e41a487f3791abd280e5f8bd70490535bf54d72dd503038223c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://web.koho.ca
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"6b92d2824c457cbb780e697b7c210622"
age
67516
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
kwaqqfujHvuymoof2qU1IoddruXqq4NzYnh3kAQoiqd_KOwrLNbABg==
date
Fri, 27 Sep 2024 13:16:03 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 4d97f94583f1e10ee7186f0faa691d12.cloudfront.net (CloudFront)
cf-ray
8c9bc4170eb6ab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
index.2.11.36.js
web.koho.ca/ 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/index.2.11.36.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2029e595475d929c69a21ec4b8ad3a8486c8d2ef1c444bb178a7e892eddd3b13
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://web.koho.ca
Referer

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"beff5a8dfd5c611ba31a4f70f2ec9f87"
age
67515
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
UExAsYCmk8UQinppOvw2AGyquPyXdBtMlCHphxCKTGLJaNXVI0paug==
date
Fri, 27 Sep 2024 13:16:03 GMT
content-type
text/javascript
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-ray
8c9bc4176f1fab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
amplitude.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc4ae72d43593c2fc59ead95f45eb0c3b02cd465fd427b3fff5224e476d26259

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"41d391d5b119fb8c4fe6edd0c6fc1d21"
x-amz-version-id
dyghyhLa280ZTa2mcjG7x59Tbfjo1iLY
age
954836
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
YbVo7Iwr4M_btnHB0JCqVZ9VNuUQIAW5x0_M7DoXHl6awCRCPn9RFg==
date
Mon, 16 Sep 2024 12:02:08 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:57:14 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 6d409dafbe1b40e4e583b2c766e44510.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3181
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"6a3ed21f9b6777c0c37e6e248ea22387"
x-amz-version-id
RuSoXd63GDprOkfUx43E0yJR.wEvWAQk
age
96698
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
lyVuOEvGTOKm3BOzBFrrw0-h4QN00qGNAB-7C4xkubBsrGHlmHS8UQ==
date
Thu, 26 Sep 2024 10:24:26 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:57:15 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 6d409dafbe1b40e4e583b2c766e44510.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
4743
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
google-adwords-new.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f81fd8f16f2252dd378308c71da6fd438e247d2c6180e2bd08a9d561ef7b8a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"d151cb0874ed5e13006e5f38364ec01e"
x-amz-version-id
bp7FIk0PDVpWxkS.ft_VREe_7hxGWL_E
age
96698
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
VTUlE0IsznXIHu5U8Ml3JMr3afWiLnmifBgQsxfnfAWVq2lSgV8RaQ==
date
Thu, 26 Sep 2024 10:24:26 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:57:15 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 6d409dafbe1b40e4e583b2c766e44510.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1655
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
google-tag-manager.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"a2b1aa1a0e402b1f891c929f94449d47"
x-amz-version-id
bdsEH.0LgrjWd4kHDEZQV0GazYAEKsCs
age
241224
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
AyrWeQelHhf23JR9PfaeGrUDZPXmnV6jndHmwoZ1c6_HIj0gMnJV7g==
date
Tue, 24 Sep 2024 18:15:40 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:57:15 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 6d409dafbe1b40e4e583b2c766e44510.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1343
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
linkedin-insight-tag.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36f9bf7f4514edb409609f496bb668dcf33cbaa9f6a3219663f631014c726a97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"e3b346a4f0b35b7ff884730f4c61cd2e"
x-amz-version-id
T5IVjLRjwWYjl7caXpsSR1FZdPnMkHlJ
age
96698
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
leuNPT92yxwCnmZgZCRysj2PZThhgV6zDjL_wXzpm_8u_-SjNcNkwg==
date
Thu, 26 Sep 2024 10:24:26 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:57:15 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 6d409dafbe1b40e4e583b2c766e44510.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1062
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
p
api.segment.io/v1/ 		21 B
171 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-246-37.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://web.koho.ca
content-length
21
date
Fri, 27 Sep 2024 13:16:03 GMT
content-type
application/json
vary
Origin
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"c467a63b2e7c3a99be423ace649014d8"
x-amz-version-id
aAixXKmCEkR1rfYrRzV2.EPYhnGmH0W2
age
59366
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
k6-j9bWjRsHJJFeqA10RgPgZ79PdX0CgvV96nOFemBx2pIyhlWxBOA==
date
Thu, 26 Sep 2024 20:46:38 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:57:13 GMT
cache-control
public,max-age=31536000,immutable
via
1.1 6d409dafbe1b40e4e583b2c766e44510.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
21911
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
amplitude-5.2.2-min.gz.js
cdn.amplitude.com/libs/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
gzip
etag
"b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id
aZB1RIRJqET7nosqRtOBVideRuh0jIV6
age
592103
x-cache
Hit from cloudfront
x-amz-cf-id
Fy-w8NWzY_joi9cNDPFk837_5_YrK-UKsevNg-DBg79Tu3xsX-aHJA==
date
Fri, 20 Sep 2024 16:47:42 GMT
content-type
application/javascript
last-modified
Mon, 21 Oct 2019 15:45:34 GMT
cache-control
max-age=31536000
via
1.1 56e001f87fa53501872a21f09bb07046.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
17889
x-amz-cf-pop
JFK50-P2
server
AmazonS3
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.90.111 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-57-90-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
max-age=9276
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Fri, 27 Sep 2024 13:16:05 GMT
last-modified
Thu, 22 Aug 2024 11:06:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		302 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d974bcfbf871f019ac997b275ca5e1462a494c469f7543b0f5c00545ad6ff377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 27 Sep 2024 13:16:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:16:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104034
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
gzip
age
4200
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 14:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 12:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/ 		280 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-902961551
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ab615885d7c89c3648e04e6a9e2e6623695ea903314a1463acefadc2daf7a0b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 13:16:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:16:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97525
x-xss-protection
0
server
Google Tag Manager
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1727442963946&cv=11&fst=1727442963946&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892118992za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&hn=www.googleadservices.com&frm=0&tiba=KOHO&npa=0&pscdl=noapi&auid=1117240975.1727442964&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e31e46ec3ad0509de26cc9967fa3e8854e69b7dd01e979e76c5c27ee0e8ce220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2300
date
Fri, 27 Sep 2024 13:16:04 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
js
www.googletagmanager.com/gtag/ 		329 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FKN7NNETLF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
04ae356915b9d0b859fd69291955bfeb9cd7e3dc32c22f3176b3d1fae61dc828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 13:16:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:16:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109960
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		56 KB
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.44.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges
bytes
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Fri, 27 Sep 2024 13:16:04 GMT
x-tw-cdn
FT
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
x-served-by
cache-nyc-kteb1890085-NYC
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
x-amz-server-side-encryption
AES256
sa.jpeg
tags.srv.stackadapt.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.100.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-100-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-allow-origin
*
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
date
Fri, 27 Sep 2024 13:15:54 GMT
content-type
image/jpeg
adsct
t.co/1/i/ 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1235d9ce-d050-4130-99ad-5684a4b62078&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1ed7376c-6397-497e-98a2-7cc858c92f97&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.30
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=0
x-transaction-id
7feb4e6d1fefb92e
cache-control
no-cache, no-store, max-age=0
x-connection-hash
3977bf5f1c8350024e95cf22ddf0819722c60c7adef2203cafb05eeb995de1c3
cf-cache-status
DYNAMIC
cf-ray
8c9bc41d2d7936ce-YYZ
x-response-time
69
content-length
43
date
Fri, 27 Sep 2024 13:16:04 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1235d9ce-d050-4130-99ad-5684a4b62078&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1ed7376c-6397-497e-98a2-7cc858c92f97&tw_document_href=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&tw_iframe_status=0&txn_id=nvggn&type=javascript&version=2.3.30
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
8548d7eba77244a6
cache-control
no-cache, no-store, max-age=0
x-connection-hash
479d760dbb4c9b8862645aefb889b43b0256dc0c0456d9a92a557e870dfe53fd
x-response-time
77
content-length
43
date
Fri, 27 Sep 2024 13:16:03 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
truncated
/ Frame 616B 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 616B 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
saq_pxl
tags.srv.stackadapt.com/ 		116 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=xCz9Z3EeOCh0gHnlFpjwwA&is_js=true&landing_url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&t=KOHO&tip=iwX6_WiniGZ_3APcM9mzRvPg_Uf9A9nBGGBzYiVK_a0&host=https%3A%2F%2Fweb.koho.ca&sa_conv_data_pageView=www.koho.ca&sa_conv_data_css_value=%270-4bef2d5a-c747-50ed-7c2b-b3f828f12986%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd94bef2d5ac74750ed7c2bb3f828f12986955810e4&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgiuDatwYwAToEQN4Ii0IE2mOk4w.8F3LWZZnacZqq%252BQ3tzLfoEzX1YgGlfDF1XGUCMetlXQ&sa-user-id-v2=s%253AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%252BOQbX%252FmiKuRQGnYn8fWI9RU2Aa0y8w97%252FMX%252BLz8&sa-user-id=s%253A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%252FDcrjgLhCazRVtCqs
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.100.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-100-83.compute-1.amazonaws.com
Software
/
Resource Hash
b7fe75f27ba733dda9fe47b339733ede5c3e7a4272941d327b341c6adf8071ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-allow-methods
GET
access-control-allow-origin
https://web.koho.ca
content-length
116
date
Fri, 27 Sep 2024 13:16:04 GMT
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
*
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
br
age
2225
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 13:38:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 12:38:59 GMT
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
697
x-xss-protection
0
server
sffe
/
www.google.com/pagead/1p-user-list/902961551/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/902961551/?random=1727442963946&cv=11&fst=1727442000000&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892118992za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&hn=www.googleadservices.com&frm=0&tiba=KOHO&npa=0&pscdl=noapi&auid=1117240975.1727442964&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnftZpJT2mx37_K0s4_wWMNP8hHpqfrAZ9EY2t8Yb4_4gwpDe4c&random=401122305&rmt_tld=0&ipr=y
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Sep 2024 13:16:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/902961551/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/902961551/?random=1727442963946&cv=11&fst=1727442000000&bg=ffffff&guid=ON&async=1&gtm=45be49p0v892118992za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&hn=www.googleadservices.com&frm=0&tiba=KOHO&npa=0&pscdl=noapi&auid=1117240975.1727442964&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnftZpJT2mx37_K0s4_wWMNP8hHpqfrAZ9EY2t8Yb4_4gwpDe4c&random=401122305&rmt_tld=1&ipr=y
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Sep 2024 13:16:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/j/ 		15 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1824041231&t=pageview&_s=1&dl=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&dp=%2Freferral%2FXEZL9272&ul=en-ca&de=UTF-8&dt=Referrals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACgCIAB~&jid=1085610558&gjid=185502854&cid=1947008342.1727442964&tid=UA-41908934-3&_gid=280577346.1727442964&_slc=1&z=1450802031
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
7ac87dd9f74a67f144a3913ab313da479b90f31059c3d486b48e300ef72ea13f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://web.koho.ca/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:16:04 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://web.koho.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41908934-3&cid=1947008342.1727442964&jid=1085610558&gjid=185502854&_gid=280577346.1727442964&_u=aGBAgEAjAAAAAGgCIAD~&z=1363843637
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://web.koho.ca/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:16:04 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://web.koho.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/ 		35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1824041231&t=event&ni=1&_s=2&dl=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&dp=%2Freferral%2FXEZL9272&ul=en-ca&de=UTF-8&dt=Referrals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Referrals%20Page&ev=0&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=1947008342.1727442964&tid=UA-41908934-3&_gid=280577346.1727442964&z=170577176
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

age
35491
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 03:24:33 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
p
tr.snapchat.com/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
via
1.1 google, 1.1 google
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin
https://web.koho.ca
content-length
0
date
Fri, 27 Sep 2024 13:16:04 GMT
server
API Gateway
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FKN7NNETLF&gtm=45je49p0v894288470z8812560807za200zb812560807&_p=1727442963620&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686684~101747727&cid=1947008342.1727442964&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1727442964&sct=1&seg=0&dl=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&dt=KOHO&en=page_view&_fv=1&_ss=1&tfd=10516
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://web.koho.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:16:04 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FKN7NNETLF&cid=1947008342.1727442964&gtm=45je49p0v894288470z8812560807za200zb812560807&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686684~101747727&tag_exp=101671035~101686684~101747727&z=1682167491
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Sep 2024 13:16:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
js
www.googletagmanager.com/gtag/ 		333 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FKN7NNETLF&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ea4fcbe2a10f1f1073ba5f988d6d61b6d18bdd1e94e0b809e58af314eeb247e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 13:16:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:16:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111849
x-xss-protection
0
server
Google Tag Manager
truncated
/ Frame 5F7C 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 5F7C 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
/
api.amplitude.com/ 		7 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.210.38.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-38-139.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://web.koho.ca/

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
7
date
Fri, 27 Sep 2024 13:16:05 GMT
content-type
text/html;charset=utf-8
attribution_trigger
px.ads.linkedin.com/ 		2 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2658514&time=1727442965076&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Referer
https://web.koho.ca/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
00062319a850cd395d7746685e945199
x-msedge-ref
Ref A: A3B4A46E52F64120867A3E1D7E61E507 Ref B: YTO01EDGE0817 Ref C: 2024-09-27T13:16:05Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYjGahQzTldd0ZoXpRRmQ==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 13:16:05 GMT
content-type
application/json
access-control-allow-headers
*
li_sync
www.linkedin.com/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1727442965076&li_adsId=b65eeb4c-da11-4dca-93a6-9d2b501b372e&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1727442965076&li_adsId=b65eeb4c-da11-4dca-93a6-9d2b501b372e&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1727442965076%26li_adsId%3Db65eeb4c-da11-4dca-93a6-9d2b501b372e%...
0
0
/
px.ads.linkedin.com/wa/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 64BFC4D3EC6746B294D24A7399D82B3A Ref B: YTO01EDGE0809 Ref C: 2024-09-27T13:16:05Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYjGahU37TKK1/d8PnhoQ==
x-li-proto
http/2
access-control-allow-origin
https://web.koho.ca
x-cache
CONFIG_NOCACHE
date
Fri, 27 Sep 2024 13:16:05 GMT
vary
Origin
xiu5e01e
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/xiu5e01e
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/XEZL9272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-102.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95da81c27f643853e5d1ed94184077447389438b524bb7abf7461b3ab5fb51f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

content-encoding
gzip
x-amz-version-id
YRfasaCVHhKKtZFXPKs7OMIe_rSO5pPr
etag
"a57173345434439fa430253e2876cff6"
age
155
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
OJ7NMqY532H8Qp8e328QvxqLmBWKDpDXGLG2f7i7Ic4kMVut0aXjLA==
date
Fri, 27 Sep 2024 13:13:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Fri, 27 Sep 2024 12:43:29 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 f786281b2ac676774f88041b4f1587a4.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2667
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/diagnostic/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/5eeb94841ab9a70a809cdc75
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.233.199.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-199-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Fri, 27 Sep 2024 13:16:06 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 401A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4512520
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 27 Sep 2024 13:16:05 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Mon, 05 Aug 2024 20:35:49 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
492860
x-content-type-options
nosniff
x-request-id
466cef07-c2bc-4466-ad77-4bf53dc2f548
x-served-by
cache-yyz4562-YYZ
/
sdk.iad-03.braze.com/api/v3/data/ 		68 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d862f17dbb6b2bde0743d150b9a679528d2cd6bb159fe434a817b9eac63126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://web.koho.ca/
X-Braze-TriggersRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-DataRequest
true
X-Braze-Req-Attempt
1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
ba883daa-5bf0-4f38-927d-f18c08c40df6

Response headers

access-control-max-age
7200
x-request-id
87ebaf1c-ad32-4eea-9485-73cf35906184
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"79d862f17dbb6b2bde0743d150b9a679"
access-control-allow-methods
POST, GET
date
Fri, 27 Sep 2024 13:16:05 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.167249
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1727442966
cf-ray
8c9bc427fa08a22f-YYZ
x-ratelimit-remaining
475.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/5eeb94841ab9a70a809cdc75
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.233.199.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-199-232.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 27 Sep 2024 13:16:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
/
sdk.iad-03.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8c9bc42799c8a22f-YYZ
content-encoding
gzip
date
Fri, 27 Sep 2024 13:16:05 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
frame-modern.5298f2a3.js
js.intercomcdn.com/ Frame 8C55 		465 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.5298f2a3.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xiu5e01e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b042682176f6678e362c93d0c3c28c3e6e447b47792e46bbc318860e1d1a28a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"6f07b6384941c9568e6aba5013faebe5"
x-amz-version-id
0hb7sBrj0vpmU9_bayP6sDk89kyWBEEX
age
1954
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SLubAGnZY_5i6umP0RTQz2n-wOBLwoMLMyBJbC1ttUaibVPqQJsYlA==
date
Fri, 27 Sep 2024 12:43:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 27 Sep 2024 12:40:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
143250
x-amz-cf-pop
JFK50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.8b97a971.js
js.intercomcdn.com/ Frame 8C55 		455 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.8b97a971.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xiu5e01e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"2406ae0ce4db8aa51ed52dde4792a464"
x-amz-version-id
UnLMrLBQr9UeQ9UFvNM8_72ZPljs5GF0
age
1334
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
nN4fs4_CexHTP6xPb7cpnNa-vYyKIJf1Y5bcoTSm5UlQib3XjNyegA==
date
Fri, 27 Sep 2024 12:53:52 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 27 Sep 2024 12:40:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147289
x-amz-cf-pop
JFK50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
js_tracking
tags.srv.stackadapt.com/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FXEZL9272&uid=xCz9Z3EeOCh0gHnlFpjwwA&v=1&host=https%3A%2F%2Fweb.koho.ca&l_src=&l_src_d=&u_src=&u_src_d=&shop=false
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.100.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-100-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/

Response headers

access-control-allow-headers
*
access-control-allow-origin
https://web.koho.ca
date
Fri, 27 Sep 2024 13:16:05 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET
favicon.ico
web.koho.ca/ 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d813c1653d626f15e16dfbebe89aae9e44ae4cbfa43d722ffeb9d5bff2f8806
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://web.koho.ca/referral/XEZL9272

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"2ef2ac767831c595162fc48a02f73888"
age
67519
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
liSzCq-RNwU4U0Az2gpG_8i3CSPpI1Hxtsz7p5D5AGoj207jbBngKQ==
date
Fri, 27 Sep 2024 13:16:06 GMT
content-type
image/x-icon
last-modified
Thu, 26 Sep 2024 18:30:33 GMT
x-frame-options
DENY
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=31536000
referrer-policy
same-origin
via
1.1 9fa1ea4b10eec46f816675074f76e46c.cloudfront.net (CloudFront)
cf-ray
8c9bc4298f61ab27-YYZ
x-xss-protection
1; mode=block
x-amz-cf-pop
YTO50-C3
server
cloudflare
sync
sdk.iad-03.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-requested-with
Access-Control-Request-Method
POST
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
8c9bc42a2c14a22f-YYZ
content-encoding
gzip
date
Fri, 27 Sep 2024 13:16:06 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-03.braze.com/api/v3/content_cards/ 		85 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/content_cards/sync
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e0620b63e94cfcef37cf14e24bf1703d5a9d76770f9f4994f8a5f6a550c2611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://web.koho.ca/
BRAZE-SYNC-RETRY-COUNT
0
X-Braze-DataRequest
true
X-Braze-Last-Req-Ms-Ago
7200000
X-Braze-ContentCardsRequest
true
X-Braze-Req-Attempt
1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
X-Braze-Api-Key
ba883daa-5bf0-4f38-927d-f18c08c40df6

Response headers

access-control-max-age
7200
x-request-id
07c98f9e-ccd0-4309-94cc-b0f1f4c88b42
access-control-expose-headers
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"0e0620b63e94cfcef37cf14e24bf1703"
access-control-allow-methods
POST, GET
date
Fri, 27 Sep 2024 13:16:06 GMT
content-type
application/json
vary
Origin,Accept-Encoding
x-runtime
0.051238
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1727442969
cf-ray
8c9bc42a8c8ca22f-YYZ
x-ratelimit-remaining
496.0
access-control-allow-origin
*
x-ratelimit-limit
500.0
server
cloudflare
ping
api-iam.intercom.io/messenger/web/ Frame 8C55 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5298f2a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.228.87.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-87-93.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8cec42821b5e982205e102580b6cd22ebc6d48da01d38089086002f4212de165
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
000nphktpmdam1qdbjp0
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"8cec42821b5e982205e102580b6cd22e"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Fri, 27 Sep 2024 13:16:06 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.290782
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://web.koho.ca
x-xss-protection
1; mode=block
x-intercom-version
1ff612f736688746f0c8bda8f1fda364d0ca29ab
x-ami-version
ami-01577242fe9691a04
server
nginx
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/bulk/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5eeb94841ab9a70a809cdc75
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/index.2.11.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.233.199.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-199-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
X-LaunchDarkly-Event-Schema
4
Referer
https://web.koho.ca/
X-LaunchDarkly-Payload-ID
a7fce580-7cd2-11ef-831d-91c4873cb809
X-LaunchDarkly-User-Agent
JSClient/3.1.4
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Fri, 27 Sep 2024 13:16:07 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5eeb94841ab9a70a809cdc75
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.233.199.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-199-232.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 27 Sep 2024 13:16:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated
Domain
pixel-config.reddit.com
URL
https://pixel-config.reddit.com/pixels/t2_e4ba8g8u/config
Domain
www.linkedin.com
URL
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1727442965076%26li_adsId%3Db65eeb4c-da11-4dca-93a6-9d2b501b372e%26url%3Dhttps%253A%252F%252Fweb.koho.ca%252Freferral%252FXEZL9272%26cookiesTest%3Dtrue%26liSync%3Dtrue

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 string| APP_ID function| Intercom string| AppsFlyerSdkObject function| AF object| AF_cleanupMethods object| Plaid object| webpackJsonpPlaid object| uetq string| TiktokAnalyticsObject object| ttq function| snaptr object| r object| threatmetrix function| saq function| _saq function| rdt function| spdt function| twq function| fbq function| _fbq function| redditNormalizeEmail object| _scPxHelper object| _scPxTeller object| regeneratorRuntime object| twttr number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SEGMENT_INSPECTOR__ object| __SENTRY__ boolean| __vite_is_modern_browser object| AF_SDK string| res object| saCookies string| current_window_url_param object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| __sentry_instrumentation_handlers__ object| _jelly_sdks object| webpackChunkStripeJSouter function| noop function| Stripe object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE function| Forethought object| amplitudeDeps function| amplitudeLoader object| linkedin-insight-tagDeps function| linkedin-insight-tagLoader object| google-tag-managerDeps function| google-tag-managerLoader object| google-analyticsDeps function| google-analyticsLoader object| google-adwords-newDeps function| google-adwords-newLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| amplitudeIntegration object| amplitude function| linkedin-insight-tagIntegration string| _linkedin_data_partner_id function| google-tag-managerIntegration object| dataLayer function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga function| google-adwords-newIntegration function| gtag object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| lintrk boolean| _already_called_lintrk object| ORIBILI function| __intercomAssignLocation function| __intercomReloadLocation

103 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: f8e90476c00d47d5b72bf03943a18b84
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%2FDcrjgLhCazRVtCqs
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%2FDcrjgLhCazRVtCqs
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%2BOQbX%2FmiKuRQGnYn8fWI9RU2Aa0y8w97%2FMX%2BLz8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%2BOQbX%2FmiKuRQGnYn8fWI9RU2Aa0y8w97%2FMX%2BLz8
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgiuDatwYwAToEQN4Ii0IE2mOk4w.8F3LWZZnacZqq%2BQ3tzLfoEzX1YgGlfDF1XGUCMetlXQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgiuDatwYwAToEQN4Ii0IE2mOk4w.8F3LWZZnacZqq%2BQ3tzLfoEzX1YgGlfDF1XGUCMetlXQ
.koho.ca/ Name: _rdt_uuid
Value: 1727442954835.9cc01a56-eb74-4db8-9b40-e5029da81514
.tiktok.com/ Name: _ttp
Value: 2mehTEWXqRA5W8PyvA5fOIjbx8l
web.koho.ca/ Name: __spdt
Value: a8c02b2d0d5648379abced4783d81d7f
web.koho.ca/ Name: sa-user-id
Value: s%253A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%252FDcrjgLhCazRVtCqs
web.koho.ca/ Name: sa-user-id-v2
Value: s%253AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%252BOQbX%252FmiKuRQGnYn8fWI9RU2Aa0y8w97%252FMX%252BLz8
web.koho.ca/ Name: sa-user-id-v3
Value: s%253AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgiuDatwYwAToEQN4Ii0IE2mOk4w.8F3LWZZnacZqq%252BQ3tzLfoEzX1YgGlfDF1XGUCMetlXQ
.koho.ca/ Name: _scid
Value: u42k57ai9ZTy8zbUSHpcDq-SYGH2f-J6
.koho.ca/ Name: _scid_r
Value: u42k57ai9ZTy8zbUSHpcDq-SYGH2f-J6
.amazon-adsystem.com/ Name: ad-id
Value: AwmI-lQ09kbFpZjeMJl8PSA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172744295523049865
.twitter.com/ Name: guest_id_ads
Value: v1%3A172744295523049865
.twitter.com/ Name: personalization_id
Value: "v1_BBBDV6iBOWxhTZdFhWn0tA=="
.twitter.com/ Name: guest_id
Value: v1%3A172744295523049865
.t.co/ Name: muc_ads
Value: b82c755a-8eb2-4d7a-bce0-5827e67cd4a7
.t.co/ Name: __cf_bm
Value: iEIXPPof2FHgWod4x2lf4joDUDvSCAHXsLj38YtZrZo-1727442955-1.0.1.1-Bok5XeD1dbhI64J1SGUp2yaxe_xAbdwufAIS..cZX6uOiNghPfNzUSsi_FOtT0P73DxwrFNdJZY7efAWDzLFMw
.casalemedia.com/ Name: CMID
Value: ZvawC9HM6JQAAHvkACcN-AAA
.casalemedia.com/ Name: CMPS
Value: 1016
.casalemedia.com/ Name: CMPRO
Value: 1016
.connatix.com/ Name: cnx_userId
Value: c8bb0bbcbacf4772b1764b5b17a117a3
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
ads.samba.tv/ Name: sambapxid
Value: 13ba218a4802c935f
.360yield.com/ Name: tuuid
Value: d018ada4-b13f-4d26-ae65-21bedab8da77
.360yield.com/ Name: tuuid_lu
Value: 1727442955
.smartadserver.com/ Name: pid
Value: 171443661891697510
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 144:Hjut6FI0RZ6YPFsIMVSL2g
.rubiconproject.com/ Name: audit_p
Value: 1|HzmL0aZrjqLb7Jkq7YLYF9uij7go8f48s6MWNJDGSJrH5NJDjBcymUCCJvD8duAR9AQESV3iWUBBK03vAHceEMPlmrk2+MbIp/rlumRoxMH5E+FC7n+BnUmuj2aesU5HNHje8mUVhURWtEDobQg2QjZHOUmArsgEJuonZguwn/cQEWgnboXQOA==
.rubiconproject.com/ Name: khaos
Value: M1KQXN47-10-3KBP
.rubiconproject.com/ Name: khaos_p
Value: M1KQXN47-10-3KBP
.rubiconproject.com/ Name: audit
Value: 1|HzmL0aZrjqLb7Jkq7YLYF9uij7go8f48s6MWNJDGSJrH5NJDjBcymUCCJvD8duAR9AQESV3iWUBBK03vAHceEMPlmrk2+MbIp/rlumRoxMH5E+FC7n+BnUmuj2aesU5HNHje8mUVhURWtEDobQg2QjZHOUmArsgEJuonZguwn/cQEWgnboXQOA==
.360yield.com/ Name: um
Value: !416,ythEZUVY4FlDP.h0WePeKeaBJX2gwKp6eqRAz7g3FRaDzfx7,1735218955
.360yield.com/ Name: umeh
Value: !416,0,1789650955,-1
.mookie1.com/ Name: id
Value: 10615899116103420270
.mookie1.com/ Name: mdata
Value: 1|10615899116103420270|1727442955592
.mookie1.com/ Name: ov
Value: 9553eabccf96a67d184018d8193de1e0
.pbs.yahoo.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbWF6b24iOnsidWlkIjoieTNIXzJpVFhUN1M4WENvVGJCbGNxQSIsImV4cGlyZXMiOiIyMDI0LTEwLTExVDEzOjE1OjU1LjYyODYxNTA2OVoifX19
.koho.ca/ Name: _ScCbts
Value: %5B%5D
.koho.ca/ Name: _fbp
Value: fb.1.1727442955973.496620533325227674
.adform.net/ Name: C
Value: 1
.koho.ca/ Name: _tt_enable_cookie
Value: 1
.koho.ca/ Name: _ttp
Value: yaL_KQjd81FlefgrIz7y68nVZxT
.ninthdecimal.com/ Name: ndat
Value: CppFCGb2sAwKwwAjsgviAg==
.adform.net/ Name: uid
Value: 2191948449531831968
.demdex.net/ Name: demdex
Value: 32313017666828541670868164334170314942
.yieldmo.com/ Name: yieldmo_id
Value: VRJ2_JJBD2JSDPiamDdl%7C1727395200000%7C0
.ads.yieldmo.com/ Name: ptramazon
Value: yiwgmy7gSUC58xK9Kn2P9w
.dpm.demdex.net/ Name: dpm
Value: 32313017666828541670868164334170314942
.csync.loopme.me/ Name: viewer_token
Value: 94646198-84cc-4d72-b2c4-ed345c2d49ae
.bluekai.com/ Name: bku
Value: b/X9990y2ZjlB3L4
.bluekai.com/ Name: bkpa
Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.bidswitch.net/ Name: tuuid
Value: 105a1af5-ddee-4b00-bbc0-fc2ccb4d43e1
.bidswitch.net/ Name: c
Value: 1727442956
.bidswitch.net/ Name: tuuid_lu
Value: 1727442956
.yahoo.com/ Name: A3
Value: d=AQABBAyw9mYCEPbmTq16BlSVnluTNFstfA0FEgEBAQEB-GYAZyXaxyMA_eMAAA&S=AQAAAoPtDJN0bZF65cRkuxtwmJw
.analytics.yahoo.com/ Name: IDSYNC
Value: 19b9~2kxp
.pubmatic.com/ Name: KRTBCOOKIE_290
Value: 23219-BnI0phMDT2uU-rzERAvzCw&KRTB&23261-BnI0phMDT2uU-rzERAvzCw&KRTB&23561-BnI0phMDT2uU-rzERAvzCw&KRTB&23612-BnI0phMDT2uU-rzERAvzCw
.pubmatic.com/ Name: PugT
Value: 1727442955
.exelator.com/ Name: EE
Value: "5ba03e9cc5b89ae479d8cd568e5cac15"
.zeotap.com/ Name: zc
Value: ee6ab9d8-d241-4abe-5301-3b8ddf87151b
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE0KdHAONUyOdk0ycIyMdXE3DLFIjnF1Mwi1TQ5MdnQdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIckl%252BUWb6ImfHxUUpaQyLSopPBZ%252BUvAAA2Coq5A%253D%253D"
.doubleclick.net/ Name: IDE
Value: AHWqTUmLVnosXSceZ_IOly046FddBHaf2j-ITrOcKAmy6xAp_483mCTtYtwYjgmqJJ0
.agkn.com/ Name: ab
Value: 0001%3A%2BDI%2BAtpoGGfjk52Tgx7fnrQ7mqWAUW1h
.3lift.com/ Name: tluidp
Value: 129251045073832309189
.3lift.com/ Name: tluid
Value: 129251045073832309189
.semasio.net/ Name: SEUNCY
Value: BA6F0A76904296D1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 11B28A24-40AE-4462-B683-0BAFD40A0E20
.ispot.tv/ Name: pt
Value: v2:d064956b012df3d48569c7a2bbd4d100fba883db8c89a1115e867ef7a7631c0d|bd901cb79699ca28b1c4da91078408ad005c55a691c6d095742e5d1d8bdad86c
.kargo.com/ Name: ktcid
Value: 95c98d43-3280-0f70-5d09-8f0bd5607414
.scorecardresearch.com/ Name: UID
Value: 1EDd5573772ac178edc2d781727442960
.scorecardresearch.com/ Name: XID
Value: 1EDd5573772ac178edc2d781727442960
.koho.ca/ Name: ajs_anonymous_id
Value: 3c9c87d0-99ce-4ee8-bd71-1d619fd7ddce
.tapad.com/ Name: TapAd_TS
Value: 1727442963221
.tapad.com/ Name: TapAd_DID
Value: 82e703e0-75a5-491d-b9c9-2e6bfb987b23
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRHAIAgEwIqYAT0OTTeIsQqLzzf72h1+1gmIU5eg5paRVRL08VpmsvMa9LFoAbTJfn/VD8BFbAtAAAAA
.koho.ca/ Name: _sctr
Value: 1%7C1727420400000
.koho.ca/ Name: _gcl_au
Value: 1.1.1117240975.1727442964
.koho.ca/ Name: _gid
Value: GA1.2.280577346.1727442964
.koho.ca/ Name: _gat
Value: 1
.koho.ca/ Name: _ga_FKN7NNETLF
Value: GS1.1.1727442964.1.0.1727442964.60.0.0
.koho.ca/ Name: _ga
Value: GA1.1.1947008342.1727442964
.koho.ca/ Name: amplitude_idundefinedkoho.ca
Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.koho.ca/ Name: amplitude_id_10563d121b16631a278c49bd4b44caaekoho.ca
Value: eyJkZXZpY2VJZCI6IjMzMmMwYWQzLWY3ZmItNDUxMy04MDNjLTQ1ZWE3NGZhZmRlNlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTcyNzQ0Mjk2NTA1OCwibGFzdEV2ZW50VGltZSI6MTcyNzQ0Mjk2NTA2MSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.linkedin.com/ Name: li_sugr
Value: 716b02f7-dd0c-4e3d-b264-7b6d52cf6890
.linkedin.com/ Name: bcookie
Value: "v=2&d2b9c25f-11b8-4001-8f85-4d6e5a4c0b27"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3359:u=1:x=1:i=1727442965:t=1727529365:v=2:sig=AQF8t1tV2G-M-eYvGor0Ikwox7VwSd3Z"
.linkedin.com/ Name: UserMatchHistory
Value: AQKbeNhLgmxmSwAAAZIzn9O4qFgKJioitziffNSSzDxK_kBxgDtOT3RW_TZuTcIILNCdkYlzTjUldA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKpTKJMHdmiKQAAAZIzn9O4I2_w1f1z58ZINt1pJp2XY5jYhkTibgfjCfq_Alt26L_hmGHsofFN9Jd4yLdiNQ
.koho.ca/ Name: ab.storage.deviceId.ba883daa-5bf0-4f38-927d-f18c08c40df6
Value: g%3A3f560840-b2be-4ead-f6f7-d8f69b8661bf%7Ce%3Aundefined%7Cc%3A1727442965521%7Cl%3A1727442965521
m.stripe.com/ Name: m
Value: c88f6fe8-e9b2-472a-9b10-73e410b989f18300a6
.web.koho.ca/ Name: __stripe_mid
Value: 6b543879-721d-4491-b086-ce4223e418a1227da0
.web.koho.ca/ Name: __stripe_sid
Value: 422e0183-916f-46ad-95db-af9d1c1b9ec3d0da03
.koho.ca/ Name: intercom-id-xiu5e01e
Value: 5e71c7bd-db7f-4a70-9974-e1f08d96ff00
.koho.ca/ Name: intercom-session-xiu5e01e
Value:
.koho.ca/ Name: intercom-device-id-xiu5e01e
Value: 4936bff4-a45a-4401-98cb-a083f504b203

10 Console Messages

Source Level URL
Text
security error URL: https://web.koho.ca/referral/XEZL9272(Line 385)
Message:
Refused to set the document's base URI to 'https://web.koho.ca/' because it violates the following Content Security Policy directive: "base-uri 'none'".
security error URL: https://web.koho.ca/referral/XEZL9272
Message:
Refused to load the font 'data:application/font-woff;charset=utf-8;base64, d09GRgABAAAAAAZgABAAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAAGRAAAABoAAAAci6qHkUdERUYAAAWgAAAAIwAAACQAYABXR1BPUwAABhQAAAAuAAAANuAY7+xHU1VCAAAFxAAAAFAAAABm2fPczU9TLzIAAAHcAAAASgAAAGBP9V5RY21hcAAAAkQAAACIAAABYt6F0cBjdnQgAAACzAAAAAQAAAAEABEBRGdhc3AAAAWYAAAACAAAAAj//wADZ2x5ZgAAAywAAADMAAAD2MHtryVoZWFkAAABbAAAADAAAAA2E2+eoWhoZWEAAAGcAAAAHwAAACQC9gDzaG10eAAAAigAAAAZAAAArgJkABFsb2NhAAAC0AAAAFoAAABaFQAUGG1heHAAAAG8AAAAHwAAACAAcABAbmFtZQAAA/gAAAE5AAACXvFdBwlwb3...OnYercZg2YVmLN/d/gczfEimrE/fs/bOuq29Zmn8tloORaXgZgGa78yO9/cnXm2BpaGvq25Dv9S4E9+5SIc9PqupJKhYFSSl47+Qcr1mYNAAAAeNptw0cKwkAAAMDZJA8Q7OUJvkLsPfZ6zFVERPy8qHh2YER+3i/BP83vIBLLySsoKimrqKqpa2hp6+jq6RsYGhmbmJqZSy0sraxtbO3sHRydnEMU4uR6yx7JJXveP7WrDycAAAAAAAH//wACeNpjYGRgYOABYhkgZgJCZgZNBkYGLQZtIJsFLMYAAAw3ALgAeNolizEKgDAQBCchRbC2sFER0YD6qVQiBCv/H9ezGI6Z5XBAw8CBK/m5iQQVauVbXLnOrMZv2oLdKFa8Pjuru2hJzGabmOSLzNMzvutpB3N42mNgZGBg4GKQYzBhYMxJLMlj4GBgAYow/P/PAJJhLM6sSoWKfWCAAwDAjgbRAAB42mNgYGBkAIIbCZo5IPrmUn0hGA0AO8EFTQAA' because it violates the following Content Security Policy directive: "font-src 'self' https://braze-images.com https://cdn.appsflyer.com https://cdn.braze.com https://fonts.gstatic.com https://fonts.intercomcdn.com https://js.intercomcdn.com https://maxcdn.bootstrapcdn.com https://res.cloudinary.com/argyle-media https://script.hotjar.com https://sdk.onfido.com https://use.fontawesome.com".
security error URL: https://www.redditstatic.com/ads/pixel.js
Message:
Refused to connect to 'https://pixel-config.reddit.com/pixels/t2_e4ba8g8u/config' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: *.onfido.com https://*.convertexperiments.com https://*.cv.gpsrv.com https://*.equalweb.com/ https://*.hotjar.com:* https://*.hotjar.com:* https://*.ingest.sentry.io https://*.koho.ca https://*.launchdarkly.com https://*.onfido.com https://*.pd.gpsrv.com https://*.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.kohoanalytics.ca https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com http://onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.kohoanalytics.ca https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://surveystats.hotjar.io https://tags.srv.stackadapt.com/ https://tr-shadow.snapchat.com/ https://tr.snapchat.com/ https://tr6.snapchat.com/ https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vc.hotjar.io:* https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://pixel.byspotify.com/ https://evnt.byspotify.com/ https://www.woopra.com ws://localhost:*/sockjs-node wss://*.hotjar.com wss://*.onfido.com wss://localhost:*/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
security error URL: https://pixel.byspotify.com/ping.min.js
Message:
Refused to connect to 'https://pixels.spotify.com/v1/ingest' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: *.onfido.com https://*.convertexperiments.com https://*.cv.gpsrv.com https://*.equalweb.com/ https://*.hotjar.com:* https://*.hotjar.com:* https://*.ingest.sentry.io https://*.koho.ca https://*.launchdarkly.com https://*.onfido.com https://*.pd.gpsrv.com https://*.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.kohoanalytics.ca https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com http://onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.kohoanalytics.ca https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://surveystats.hotjar.io https://tags.srv.stackadapt.com/ https://tr-shadow.snapchat.com/ https://tr.snapchat.com/ https://tr6.snapchat.com/ https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vc.hotjar.io:* https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://pixel.byspotify.com/ https://evnt.byspotify.com/ https://www.woopra.com ws://localhost:*/sockjs-node wss://*.hotjar.com wss://*.onfido.com wss://localhost:*/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
javascript error URL: https://pixel.byspotify.com/ping.min.js
Message:
Refused to connect to 'https://pixels.spotify.com/v1/ingest' because it violates the document's Content Security Policy.
network error URL: https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYTBlN2IxZDAtN2NkMi0xMWVmLTgzMWQtOTFjNDg3M2NiODA5In0
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://www.googletagmanager.com/
Message:
Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' data: blob: http://s.amazon-adsystem.com/ https://accounts.accessibe.com/ https://bid.g.doubleclick.net https://cdn.plaid.com https://h.online-metrix.net/ https://hooks.stripe.com https://intercom-sheets.com https://js.stripe.com https://koho-api.private.fin.ag/ https://koho-iframe.private.fin.ag/v2/ https://kohodev-iframe.private.fin.ag/v2/ https://optimize.google.com https://s.amazon-adsystem.com/ https://solve-widget.forethought.ai https://tr.snapchat.com/ https://vars.hotjar.com https://web.koho.ca https://web.sandbox-koho.ca https://www.facebook.com/ https://www.google.com https://sdk.onfido.com https://*.sardine.ai/".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-FKN7NNETLF&l=dataLayer&cx=c(Line 250)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FKN7NNETLF&cid=1947008342.1727442964&gtm=45je49p0v894288470z8812560807za200zb812560807&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686684~101747727' because it violates the following Content Security Policy directive: "connect-src 'self' data: blob: *.onfido.com https://*.convertexperiments.com https://*.cv.gpsrv.com https://*.equalweb.com/ https://*.hotjar.com:* https://*.hotjar.com:* https://*.ingest.sentry.io https://*.koho.ca https://*.launchdarkly.com https://*.onfido.com https://*.pd.gpsrv.com https://*.ua.gpsrv.com https://af-event-logger.appsflyer.com https://analytics.google.com/ https://analytics.tiktok.com https://api-iam.intercom.io https://api-ping.intercom.io https://api-sandbox.argyle.com https://api.amplitude.com/ https://api.argyle.com https://api.ca.onfido.com https://api.eu.onfido.com https://api.forethought.ai/ https://api.intercom.io https://api.kohoanalytics.ca https://api.onfido.com https://api.sandbox-koho.ca https://api.segment.io https://api.staging.pungle.co https://api.stripe.com https://api.us.onfido.com http://onfido.com https://assets.koho.ca https://atr.veritonicmetrics.com/ https://banner.appsflyer.com https://cdn.kohoanalytics.ca https://cdn.linkedin.oribi.io https://cdn.segment.com https://conversions-config.reddit.com/ https://creatives-cdn.appsflyer.com https://get.geojs.io/v1/ip/country https://google.com/ccm/ https://h.online-metrix.net/ https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://px.ads.linkedin.com https://sdk.iad-01.braze.com https://sdk.iad-03.braze.com https://sentry.io https://stats.g.doubleclick.net/j/collect https://surveystats.hotjar.io https://tags.srv.stackadapt.com/ https://tr-shadow.snapchat.com/ https://tr.snapchat.com/ https://tr6.snapchat.com/ https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://vc.hotjar.io:* https://vendorapi.koho.ca/ https://vendorapi.sandbox-koho.ca/ https://webgateway.sandbox-koho.ca/ https://www.google-analytics.com https://www.redditstatic.com/ https://pixel.byspotify.com/ https://evnt.byspotify.com/ https://www.woopra.com ws://localhost:*/sockjs-node wss://*.hotjar.com wss://*.onfido.com wss://localhost:*/sockjs-node wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io".
security error URL: https://www.googletagmanager.com/
Message:
Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' data: blob: http://s.amazon-adsystem.com/ https://accounts.accessibe.com/ https://bid.g.doubleclick.net https://cdn.plaid.com https://h.online-metrix.net/ https://hooks.stripe.com https://intercom-sheets.com https://js.stripe.com https://koho-api.private.fin.ag/ https://koho-iframe.private.fin.ag/v2/ https://kohodev-iframe.private.fin.ag/v2/ https://optimize.google.com https://s.amazon-adsystem.com/ https://solve-widget.forethought.ai https://tr.snapchat.com/ https://vars.hotjar.com https://web.koho.ca https://web.sandbox-koho.ca https://www.facebook.com/ https://www.google.com https://sdk.onfido.com https://*.sardine.ai/".
security error URL: https://web.koho.ca/referral/XEZL9272
Message:
Refused to load the image 'https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1727442965076%26li_adsId%3Db65eeb4c-da11-4dca-93a6-9d2b501b372e%26url%3Dhttps%253A%252F%252Fweb.koho.ca%252Freferral%252FXEZL9272%26cookiesTest%3Dtrue%26liSync%3Dtrue' because it violates the following Content Security Policy directive: "img-src 'self' blob: data: https://*.amazonaws.com https://*.cv.gpsrv.com https://*.d.aa.online-metrix.net/ https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://*.koho.ca https://*.pd.gpsrv.com https://*.ua.gpsrv.com https://access.equalweb.com/ https://alb.reddit.com/ https://analytics.twitter.com/ https://appboy-images.com https://assets.koho.ca https://assets.onfido.com/ https://braze-images.com https://cdn.braze.eu https://consent.linksynergy.com https://downloads.intercomcdn.com https://gifs.intercomcdn.com https://googleads.g.doubleclick.net https://h.online-metrix.net/ https://js.intercomcdn.com https://lipis.github.io https://messenger-apps.intercom.io https://optimize.google.com https://p.adsymptotic.com https://px.ads.linkedin.com https://res.cloudinary.com/argyle-media/image/upload/ https://s.amazon-adsystem.com/iui3 https://script.hotjar.com https://sdk.onfido.com https://static.intercomassets.com https://t.co/ https://t.co/i/adsct https://track.linksynergy.com https://uploads.intercomusercontent.com https://ut.ra.linksynergy.com https://video-messages.intercomcdn.com https://www.facebook.com/ https://www.google-analytics.com https://www.google.ca https://www.google.com https://www.googletagmanager.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
api-iam.intercom.io
api.amplitude.com
api.segment.io
app.launchdarkly.com
cdn.amplitude.com
cdn.plaid.com
cdn.segment.com
connect.facebook.net
events.launchdarkly.com
googleads.g.doubleclick.net
inrd.ca
js.intercomcdn.com
js.stripe.com
o36260.ingest.sentry.io
pixel-config.reddit.com
pixel.byspotify.com
px.ads.linkedin.com
s.amazon-adsystem.com
sc-static.net
sdk.iad-03.braze.com
snap.licdn.com
solve-widget.forethought.ai
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
tr.snapchat.com
tr6.snapchat.com
truncated
web.koho.ca
webgateway.koho.ca
websdk.appsflyer.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
pixel-config.reddit.com
truncated
www.linkedin.com
104.18.36.46
104.18.6.38
104.244.42.131
108.138.128.124
108.139.29.40
108.139.47.42
108.139.47.46
13.107.42.14
13.249.86.140
13.249.91.102
142.250.65.206
142.250.72.104
142.250.72.98
142.251.111.154
142.251.40.164
142.251.41.3
151.101.192.176
151.101.193.140
151.101.194.217
151.101.44.157
151.101.64.176
151.101.65.140
157.240.241.35
162.159.140.229
162.210.96.121
172.66.44.175
172.66.47.81
216.239.32.181
23.206.172.45
23.57.90.111
3.163.245.4
3.228.87.93
3.233.199.232
31.13.71.7
34.117.162.98
34.120.195.249
34.210.38.139
34.236.100.83
35.155.246.37
35.190.43.134
98.82.157.231
00fd4daaee6b801db3232129ecad281d07314f199a0fad28e3e79497ef5c6380
014a7b4417ad3e24d4e19865a4b4feb5bf04a5b0faf4a63b527a737956198d0f
016f61f01838ce5e1d9564ffe5a84616a3c4f66048f99f1e89f410a9dc2cad9e
04ae356915b9d0b859fd69291955bfeb9cd7e3dc32c22f3176b3d1fae61dc828
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0e0620b63e94cfcef37cf14e24bf1703d5a9d76770f9f4994f8a5f6a550c2611
0f19e96f1d5a642a7504d19fda7a11b5e7d1cf4458f68d9ededdcde106dea4a5
10c7a07a10b7be94124b2d321286ae12289cd0984db4bfe8be40618194104cab
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288
1a6d7e3db9f7ea0e1f5a2ac594e4b4c23d6169986daa121b3f10263f39053fd8
1b042682176f6678e362c93d0c3c28c3e6e447b47792e46bbc318860e1d1a28a
2029e595475d929c69a21ec4b8ad3a8486c8d2ef1c444bb178a7e892eddd3b13
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
256a94cf916aa2f37ab71305486a1c724bf44097a39f2d814fdf1fb80c80bc75
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
36f9bf7f4514edb409609f496bb668dcf33cbaa9f6a3219663f631014c726a97
3fc2d2325282f8ceb8c6100733e41a97216e1ab93f351a3e1eace25c4099231f
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5d9eae9c05959fd61894aeb2d4c83ac44f7a7e080fd654d3c16527428028ba69
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba5f3edb2c2e41a487f3791abd280e5f8bd70490535bf54d72dd503038223c7
6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1
78a1d6aef842a4167a919fa6280d76b849b09dcc329bc0f9701f219546afc818
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
79d862f17dbb6b2bde0743d150b9a679528d2cd6bb159fe434a817b9eac63126
7ac87dd9f74a67f144a3913ab313da479b90f31059c3d486b48e300ef72ea13f
7c4bcee6745559d231f57b159e1ed4af39942af2cbe662bdbd70fd641a514502
8239ec3813476a434d3031db13d826e1d645b9402954a82053f509dc0bb2655a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
874d5b3423947103e7b7c3e7d7963d73e72842c338d761e83c110341ab52cdae
8cec42821b5e982205e102580b6cd22ebc6d48da01d38089086002f4212de165
8d813c1653d626f15e16dfbebe89aae9e44ae4cbfa43d722ffeb9d5bff2f8806
8fad3705a1a472691773031852ccee4616ba18f8fa7107b389d6c0b0a3e49293
9282844f53c3f4a67434fe4c5dc6588a3494640c0ceecd236e5a599e8adf348f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
937d0fc0c4c2a1b468fcee6070b979dc2cdd953342c60a6eedaa251b03e623c6
95da81c27f643853e5d1ed94184077447389438b524bb7abf7461b3ab5fb51f4
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c
9edb0a531341c78bea7eb4cb08dba5ce699755fe765d725b5418643e1fafc822
9f81fd8f16f2252dd378308c71da6fd438e247d2c6180e2bd08a9d561ef7b8a3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab615885d7c89c3648e04e6a9e2e6623695ea903314a1463acefadc2daf7a0b5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b7fe75f27ba733dda9fe47b339733ede5c3e7a4272941d327b341c6adf8071ee
bc4ae72d43593c2fc59ead95f45eb0c3b02cd465fd427b3fff5224e476d26259
bf4b1dd1103e7ade27a95fd976a984715c5e003947cc1e30a8e8971c2d154dbd
c0fa26d13d2d772c0ba569ab58307bb5e704277ab5ea652a5a2eda76df29c225
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d
d974bcfbf871f019ac997b275ca5e1462a494c469f7543b0f5c00545ad6ff377
ddf7c2922e8fe04447a49e376348f014a1a7b6269b08cc7976f1547814be9af7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e31e46ec3ad0509de26cc9967fa3e8854e69b7dd01e979e76c5c27ee0e8ce220
e38c65c61faacd1e56cf66e16d328e1cf2716c0a916bef0487a2ecac6c8102b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e68c3974a1631ba945970b3d8cb43af79fb61f8a56b107aab1d12245eb480907
e79246268023b3e5648e3d2095e65fbfbc769c325b010ab5643c0627925d140c
ea4fcbe2a10f1f1073ba5f988d6d61b6d18bdd1e94e0b809e58af314eeb247e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00b02b25d3be98c97bac513dfa32828c1816692ab10a25a4ba31b3cc166251e
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec