urlscan.io logo urlscan.io
SecurityTrails logo

web.koho.ca Open in urlscan Pro
104.18.6.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://web.koho.ca/referral/SM89J9XZ
Submission: On October 04 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 3 countries across 64 domains to perform 147 HTTP transactions. The main IP is 104.18.6.38, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is web.koho.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 29th 2022. Valid for: a year.
This is the only time web.koho.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 104.18.6.38 13335 (CLOUDFLAR...)
12 13.225.223.151 16509 (AMAZON-02)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
2 108.138.128.117 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
4 172.232.7.98 20940 (AKAMAI-ASN1)
2 108.138.113.246 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 138.128.247.123 36007 (KAMATERA)
2 39 52.46.128.147 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.65.140 54113 (FASTLY)
1 6 35.190.43.134 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 83.229.67.229 36007 (KAMATERA)
3 3 68.67.160.117 29990 (ASN-APPNEX)
1 1 52.85.61.49 16509 (AMAZON-02)
3 3 104.18.18.126 13335 (CLOUDFLAR...)
2 2 35.211.178.172 15169 (GOOGLE)
1 1 104.76.100.229 16625 (AKAMAI-AS)
2 2 3.218.90.66 14618 (AMAZON-AES)
2 2 52.0.12.161 14618 (AMAZON-AES)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 63.251.28.233 13789 (INTERNAP-...)
1 1 205.251.251.220 16509 (AMAZON-02)
1 72.44.48.48 14618 (AMAZON-AES)
1 34.231.251.147 14618 (AMAZON-AES)
1 35.190.126.92 15169 (GOOGLE)
1 1 44.195.236.71 14618 (AMAZON-AES)
2 2 69.173.151.100 26667 (RUBICONPR...)
2 2 3.221.198.169 14618 (AMAZON-AES)
1 1 35.190.90.30 15169 (GOOGLE)
1 1 34.206.33.80 14618 (AMAZON-AES)
2 2 185.167.164.43 198622 (ADFORM)
2 2 69.12.8.74 11742 (SPOTX-IAD)
1 1 54.175.188.222 14618 (AMAZON-AES)
1 1 52.205.220.58 14618 (AMAZON-AES)
3 3 142.250.80.2 15169 (GOOGLE)
1 3.231.177.24 14618 (AMAZON-AES)
2 2 18.164.96.83 16509 (AMAZON-02)
2 2 35.244.159.8 15169 (GOOGLE)
1 2 35.71.139.29 16509 (AMAZON-02)
2 2 50.57.31.206 19994 (RACKSPACE)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
2 2 52.0.156.250 14618 (AMAZON-AES)
1 1 45.79.143.172 63949 (LINODE-AP...)
1 1 151.101.2.132 54113 (FASTLY)
2 2 104.36.115.113 62713 (AS-PUBMATIC)
1 1 141.226.224.48 200478 (TABOOLA-AS)
1 18.164.115.222 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1400:900... 20940 (AKAMAI-ASN1)
1 199.232.36.157 54113 (FASTLY)
6 151.101.66.217 54113 (FASTLY)
2 34.120.195.249 396982 (GOOGLE-CL...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 142.251.40.130 15169 (GOOGLE)
2 2 107.178.246.49 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 13.226.39.20 16509 (AMAZON-02)
5 13.33.60.116 16509 (AMAZON-02)
4 50.19.151.202 14618 (AMAZON-AES)
1 52.200.232.200 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
147 40
14    104.18.6.38 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
web.koho.ca
webgateway.koho.ca
12    13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net
cdn.segment.com
1    2600:141b:13::17d7:829b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com
2    108.138.128.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-117.jfk50.r.cloudfront.net
cdn.plaid.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    172.232.7.98 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a172-232-7-98.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    108.138.113.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-246.jfk50.r.cloudfront.net
sc-static.net
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    138.128.247.123 (New York, United States)

ASN36007 (KAMATERA, US)
acsbapp.com
39    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
6    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    83.229.67.229 (New York, United States)

ASN36007 (KAMATERA, US)
cdn.acsbapp.com
3    68.67.160.117 (Newark, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    52.85.61.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-49.ewr53.r.cloudfront.net
aa.agkn.com
3    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    104.76.100.229 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    52.0.12.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-12-161.compute-1.amazonaws.com
t.myvisualiq.net
1    2600:1f18:612b:4200:438d:f16b:f4fb:94af (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
amazon.partners.tremorhub.com
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    205.251.251.220 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-205-251-251-220.yul62.r.cloudfront.net
www.imdb.com
1    72.44.48.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-48-48.compute-1.amazonaws.com
beacon.krxd.net
1    34.231.251.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-147.compute-1.amazonaws.com
usersync.samplicio.us
1    35.190.126.92 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 92.126.190.35.bc.googleusercontent.com
public-prod-dspcookiematching.dmxleo.com
1    44.195.236.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-236-71.compute-1.amazonaws.com
ads.samba.tv
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    3.221.198.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-198-169.compute-1.amazonaws.com
dpm.demdex.net
1    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    34.206.33.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-33-80.compute-1.amazonaws.com
px.surveywall-api.survata.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    69.12.8.74 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
1    54.175.188.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-188-222.compute-1.amazonaws.com
bs.serving-sys.com
1    52.205.220.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-220-58.compute-1.amazonaws.com
lm.serving-sys.com
3    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
cm.g.doubleclick.net
1    3.231.177.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-177-24.compute-1.amazonaws.com
usermatch.krxd.net
2    18.164.96.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-83.jfk50.r.cloudfront.net
sb.scorecardresearch.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
1    45.79.143.172 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-02.ninthdecimal.com
lciapi.ninthdecimal.com
1    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
pi.ispot.tv
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    18.164.115.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-222.jfk50.r.cloudfront.net
cdn.amplitude.com
3    2607:f8b0:4006:81c::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:817::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:1400:9000::687e:74bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
6    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
2    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o36260.ingest.sentry.io
o185886.ingest.sentry.io
2    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
www.googleadservices.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    2607:f8b0:4006:80c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4006:81f::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:821::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
8    2606:4700::6812:df2e (United States)

ASN13335 (CLOUDFLARENET, US)
solve-widget.forethought.ai
1    2606:4700:3034::ac43:a57f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-in-prod.com
4    2606:4700::6811:b131 (United States)

ASN13335 (CLOUDFLARENET, US)
api.forethought.ai
1    13.226.39.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-20.ewr53.r.cloudfront.net
widget.intercom.io
5    13.33.60.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-116.ewr52.r.cloudfront.net
js.intercomcdn.com
4    50.19.151.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-151-202.compute-1.amazonaws.com
events.launchdarkly.com
1    52.200.232.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-232-200.compute-1.amazonaws.com
api-iam.intercom.io
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
39 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 427
27 KB
14 koho.ca
web.koho.ca
webgateway.koho.ca
2 MB
12 forethought.ai
solve-widget.forethought.ai — Cisco Umbrella Rank: 68099
api.forethought.ai — Cisco Umbrella Rank: 68782
388 KB
12 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2553
77 KB
10 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 2417
events.launchdarkly.com — Cisco Umbrella Rank: 1866
14 KB
6 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 990
2 KB
5 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 5128
222 KB
5 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
3 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1028
91 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
21 KB
3 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1513
image6.pubmatic.com — Cisco Umbrella Rank: 915
972 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 432
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1651
1 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
3 KB
3 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 6715
cdn.acsbapp.com — Cisco Umbrella Rank: 7385
web1.acsbapp.com Failed
165 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 665
13 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5111
api-iam.intercom.io — Cisco Umbrella Rank: 5007
3 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 7572
611 B
2 google.com
www.google.com — Cisco Umbrella Rank: 19
611 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 732
558 B
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1567
8 KB
2 sentry.io
o36260.ingest.sentry.io
o185886.ingest.sentry.io — Cisco Umbrella Rank: 70544
403 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
114 KB
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1830
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1769
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 601
722 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 708
400 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
642 B
2 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1595
lm.serving-sys.com — Cisco Umbrella Rank: 2874
779 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 835
997 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 293
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 989 Failed
997 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
token.rubiconproject.com — Cisco Umbrella Rank: 1067
1 KB
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
usermatch.krxd.net — Cisco Umbrella Rank: 1933
358 B
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 2954
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 430
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
222 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
111 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1038
18 KB
2 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 27351
75 KB
1 lr-in-prod.com
cdn.lr-in-prod.com — Cisco Umbrella Rank: 34109
159 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
15 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 967
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1571
3 KB
1 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 4770
18 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1556
299 B
1 ispot.tv
pi.ispot.tv — Cisco Umbrella Rank: 3256
341 B
1 ninthdecimal.com
lciapi.ninthdecimal.com — Cisco Umbrella Rank: 4222
750 B
1 survata.com
px.surveywall-api.survata.com — Cisco Umbrella Rank: 4841
749 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1482
633 B
1 samba.tv
ads.samba.tv — Cisco Umbrella Rank: 9038
419 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 3532
94 B
1 samplicio.us
usersync.samplicio.us — Cisco Umbrella Rank: 4714
263 B
1 imdb.com
www.imdb.com — Cisco Umbrella Rank: 3750
879 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 1021
772 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2419
318 B
1 tremorhub.com
amazon.partners.tremorhub.com — Cisco Umbrella Rank: 8460
395 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 786
459 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 791
643 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 2044
157 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1954
8 KB
1 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 6043
12 KB
0 linkedin.com Failed
www.linkedin.com Failed
0 clarity.ms Failed
www.clarity.ms Failed
147 64
Domain Requested by
39 s.amazon-adsystem.com 2 redirects web.koho.ca
s.amazon-adsystem.com
12 cdn.segment.com web.koho.ca
cdn.segment.com
8 solve-widget.forethought.ai web.koho.ca
solve-widget.forethought.ai
8 web.koho.ca web.koho.ca
6 webgateway.koho.ca web.koho.ca
6 app.launchdarkly.com web.koho.ca
6 tr.snapchat.com 1 redirects sc-static.net
web.koho.ca
5 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
4 events.launchdarkly.com web.koho.ca
4 api.forethought.ai solve-widget.forethought.ai
4 analytics.tiktok.com web.koho.ca
analytics.tiktok.com
3 www.google-analytics.com cdn.segment.com
www.google-analytics.com
3 cm.g.doubleclick.net 3 redirects
3 ib.adnxs.com 3 redirects
3 bat.bing.com web.koho.ca
bat.bing.com
2 www.google.ca web.koho.ca
2 www.google.com web.koho.ca
2 pixel.tapad.com 2 redirects
2 use.fontawesome.com web.koho.ca
use.fontawesome.com
2 www.googletagmanager.com cdn.segment.com
2 image6.pubmatic.com 2 redirects
2 loadus.exelator.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 eb2.3lift.com 1 redirects s.amazon-adsystem.com
2 us-u.openx.net 2 redirects
2 sb.scorecardresearch.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 dpm.demdex.net 2 redirects
2 c1.adform.net s.amazon-adsystem.com
2 t.myvisualiq.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 x.bidswitch.net 2 redirects
2 dsum-sec.casalemedia.com 2 redirects
2 cdn.acsbapp.com acsbapp.com
web.koho.ca
2 www.facebook.com web.koho.ca
2 connect.facebook.net web.koho.ca
connect.facebook.net
2 sc-static.net web.koho.ca
tr.snapchat.com
2 cdn.plaid.com web.koho.ca
cdn.plaid.com
1 stats.g.doubleclick.net web.koho.ca
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 o185886.ingest.sentry.io solve-widget.forethought.ai
1 cdn.lr-in-prod.com solve-widget.forethought.ai
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 o36260.ingest.sentry.io web.koho.ca
1 static.ads-twitter.com cdn.segment.com
1 snap.licdn.com cdn.segment.com
1 cdn.amplitude.com cdn.segment.com
1 sync.taboola.com 1 redirects
1 pi.ispot.tv 1 redirects
1 lciapi.ninthdecimal.com 1 redirects
1 token.rubiconproject.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 usermatch.krxd.net s.amazon-adsystem.com
1 lm.serving-sys.com 1 redirects
1 bs.serving-sys.com 1 redirects
1 px.surveywall-api.survata.com 1 redirects
1 odr.mookie1.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 ads.samba.tv 1 redirects
1 public-prod-dspcookiematching.dmxleo.com s.amazon-adsystem.com
1 usersync.samplicio.us s.amazon-adsystem.com
1 beacon.krxd.net s.amazon-adsystem.com
1 www.imdb.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 mwzeom.zeotap.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 amazon.partners.tremorhub.com 1 redirects
1 tags.bluekai.com 1 redirects
1 aa.agkn.com 1 redirects
1 alb.reddit.com web.koho.ca
1 www.redditstatic.com web.koho.ca
1 acsbapp.com web.koho.ca
1 websdk.appsflyer.com web.koho.ca
0 web1.acsbapp.com Failed web.koho.ca
0 www.linkedin.com Failed web.koho.ca
0 www.clarity.ms Failed bat.bing.com
147 79

This site contains links to these domains. Also see Links.

Domain
www.koho.ca
accessibe.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-29 -
2023-03-29		 a year crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.appsflyer.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-22 -
2023-09-24		 a year crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-13 -
2022-10-11		 3 months crt.sh
*.acsbapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-28 -
2023-10-05		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.samplicio.us
Amazon		 2022-03-18 -
2023-04-16		 a year crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2022-09-24 -
2022-12-23		 3 months crt.sh
usermatch.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-06 -
2023-06-05		 a year crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.ingest.sentry.io
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
events.launchdarkly.com
Amazon		 2022-08-19 -
2023-09-16		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://web.koho.ca/referral/SM89J9XZ
Frame ID: A6643A56A71D7E98D9A60EBCEDDBDE0C
Requests: 75 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=23171337710743424&dcc=t
Frame ID: 4A3D7BE0EFE07C3937225C27DFF399C8
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=da43de41-ba70-4e29-9ac3-3329bf565b23&u_sclid=6d5f353d-a684-466b-9ae0-4f7c8337663d
Frame ID: C4413C1A3D9A141F6D4ED1183A32D3C3
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Frame ID: 39E1ECBB9D2E353C9EFBB28EF4AAF398
Requests: 41 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1664571956481&pnid=140&pcid=14a91a88-3fb1-4343-99b2-cc99c977c013
Frame ID: 5DDF494B731D0C001466A92351AD8064
Requests: 1 HTTP requests in this frame

Frame: https://solve-widget.forethought.ai/?v=2
Frame ID: BA94027E42ED3A647C83E673CAC3887C
Requests: 12 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.1985e493.js
Frame ID: 82F3ECA7A150F5EC018681871AD81D20
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

KOHO

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

147
Requests

71 %
HTTPS

25 %
IPv6

64
Domains

79
Subdomains

40
IPs

3
Countries

3143 kB
Transfer

9231 kB
Size

99
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=23171337710743424 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=23171337710743424&dcc=t
Request Chain 12
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40 HTTP 302
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&dcc=t
Request Chain 37
  • https://ib.adnxs.com/setuid/a9?entity=188&code=eBRBaMQCTcG2kB3EB28vLg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DeBRBaMQCTcG2kB3EB28vLg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eBRBaMQCTcG2kB3EB28vLg
Request Chain 38
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=213350604294003243929&ex=neustar.biz
Request Chain 39
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=3bp3EtDbS-CbFvmUtJFl6g&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=3bp3EtDbS-CbFvmUtJFl6g&C=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Yzu1NBAhy8dr1EzXnpsb.QAA
Request Chain 40
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b8acb2c33e9777e6a6bfac40caba050a
Request Chain 41
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Request Chain 42
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=yHaKGWeQTJOUPHKXgXILAQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=yHaKGWeQTJOUPHKXgXILAQ&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=yHaKGWeQTJOUPHKXgXILAQ
Request Chain 43
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=58552df7-d057-46cc-bc13-2ecfdc0c7de0
Request Chain 44
  • https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5a8ce4fdb9c94cea938d7ceee0af31ea
Request Chain 45
  • https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=y-k3YLIyhE2pE6FTkzLukXPjdEFyHVdjSN1djL~A&status=NOT_FOUND&ex=gemini
Request Chain 46
  • https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=fcb128fb-da80-4001-570d-3b51d823ccf5
Request Chain 47
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6918a39cd313543a3cc95661abe2d6ec&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 48
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Request Chain 52
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10158894e25cb0555
Request Chain 53
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eS8khU-hTUSZOwWbaglYlg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eS8khU-hTUSZOwWbaglYlg
Request Chain 54
  • https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=35GHrg0SShSLjOgJogLdQQ HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6918a39cd313543a3cc95661abe2d6ec&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=a136_7150508072619100683&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjkxOGEzOWNkMzEzNTQzYTNjYzk1NjYxYWJlMmQ2ZWM=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAOf_0O8QkF9clKeSRcfHdE&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=729b6705-fc31-4565-bde5-1468f57a3936 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/6918a39cd313543a3cc95661abe2d6ec?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ESJ4PJhE2oPRSoyW3CNWVViC19YRayv67TS.rUmQ~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8896634046348119270 HTTP 302
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554&userId=f1467eae-bc7c-4987-9776-b18d8b668346 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAH64E7Gd2oAAB_W1dlmOw&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=vMsaDeO61OFzsG5&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Request Chain 55
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=-7Rv8uyjTP-rgxTkPpH8mA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=-7Rv8uyjTP-rgxTkPpH8mA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=83119946646512766830427797561629329535
Request Chain 56
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=SSKLM4fiQO-fb5abkkYS_g HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10599925413564050934&gdpr=&gdpr_consent=
Request Chain 57
  • https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=
Request Chain 58
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2525618950739153524
Request Chain 59
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=45610a9d-439c-11ed-bff1-1fae1c890103 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=45610a46-439c-11ed-bff1-1fae1c890103
Request Chain 60
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%229d856095-1bba-4418-ae98-fa8a554683da%22,%22Time%22:%2220221004T042317.436880%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9d856095-1bba-4418-ae98-fa8a554683da
Request Chain 61
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESELyi9AGC-BG0oEHkVeYSiBc&google_cver=1
Request Chain 63
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=6d9d8e7da8fcaeaa1da5386303f0eb4f
Request Chain 64
  • https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7918568b-0935-c848-3245-70aa9ece1a60
Request Chain 65
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=KmmCBEAVgb8bhg_j5_51zDc4cak4ZgIC
Request Chain 66
  • https://eb2.3lift.com/xuid?mid=8341&xuid=9IiGKVG9TYWrRZTVGKmP1g&dongle=az46 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=9IiGKVG9TYWrRZTVGKmP1g&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
Request Chain 67
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8DF0B6F4152C74B0
Request Chain 68
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8896634046348119270&ex=appnexus.com
Request Chain 69
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=6zxgzw2hQjOLjvCuoiA1dA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=6zxgzw2hQjOLjvCuoiA1dA
Request Chain 70
  • https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=f2ZneJlk_qZdvOStlYgsMQ&ex=rubiconproject.com&status=ok
Request Chain 71
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=B0Zk_FKoRTKoKMCola03Ng& HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Request Chain 72
  • https://loadus.exelator.com/load/?p=204&g=8888&j=0 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=81ae68656eeda00d1e4620d71a5e3397
Request Chain 73
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2D35B53B63597FA90D02508A59
Request Chain 74
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=7ed8a8eef64118f48ba8b4dc43f426f1cd4d02af1d16018e9706171a4028c0c0
Request Chain 75
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B2A05308-7371-4A69-B50B-882EBB9A219F
Request Chain 76
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=23caed48-0de9-4fe7-aef0-812c329d4a5d-tucta353ab5
Request Chain 100
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1664857397163&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1664857397163&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&cookiesTest=true HTTP 0
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1664857397163%26url%3Dhttps%253A%252F%252Fweb.koho.ca%252Freferral%252FSM89J9XZ%26cookiesTest%3Dtrue%26liSync%3Dtrue
Request Chain 110
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1664857397279&u_scsid=c38255d9-8c26-4959-9fb2-92508cf948ce&u_sclid=85077e00-95e4-4eb6-807b-2e26dc67f38a HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1664571956481%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1664571956481%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1664571956481&pnid=140&pcid=14a91a88-3fb1-4343-99b2-cc99c977c013
Request Chain 131
  • https://widget.intercom.io/widget/xiu5e01e HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

147 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SM89J9XZ
web.koho.ca/referral/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac1f0475659709f981412806b86d083e000ceede96dbfbd0898b9529dfd3364
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=2
cf-cache-status
DYNAMIC
cf-ray
754b2422a8c653fb-YYZ
content-encoding
br
content-type
text/html
date
Tue, 04 Oct 2022 04:23:15 GMT
last-modified
Mon, 26 Sep 2022 12:55:23 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 21037594d36e9b9a390ad50eb40cec6a.cloudfront.net (CloudFront)
x-amz-cf-id
sGpUt2LWFNzYhWanFtmLBkfs7tNlNdFsC840EOMmi8SWKfxlGK4OSQ==
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
analytics.min.js
cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/ 		96 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bcc9405ad2fa43230a8f0a4ee5ae882890eda5e91dd1a06f77f465fc9f55c02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
pO.np6l62hNuKuaijGhAZYxaebK0T.7u
content-encoding
br
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 04:22:37 GMT
x-amz-cf-pop
JFK51-C1
age
87
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 31 Aug 2022 21:20:10 GMT
server
AmazonS3
etag
W/"2d7337195ae5f1773d83304ff647ddc5"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
M0KsjaOvGLH6h7F0DX3LPWHoTtV1GquY0kT43PXKr82BEK7Cxp5vjg==
/
websdk.appsflyer.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://websdk.appsflyer.com/?st=banners&
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:829b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f44c4c0006c2239db8defec6537b0306ed3981369008fc4711bad69fbaf15e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 04:23:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Apr 2022 08:41:42 GMT
Server
AmazonS3
x-amz-request-id
QBCZFTPJZQS2RA4D
ETag
"08179f9adc55b98cc307cd6770e123ad"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3572
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11541
x-amz-id-2
k439erDrxRlBvl+9nyRArbeTMb0ltPoYKyytjhOOcSqARr8XKoelk/SPJveoUhLmqSV6DlUUVY4=
Expires
Tue, 04 Oct 2022 05:22:47 GMT
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-117.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bac076abf1313e31598959472ecd9336be3b2eb4a8be31ba7dd0a86182a5d830

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
ARwFLa4QBRXkoi7tIF8RpyXG6Qrm9ayE
content-encoding
gzip
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 09:10:26 GMT
x-amz-request-id
NZFPKGPHRY6F8947
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
age
69218
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
sCxPXgma4YO+um+COUZKLuO1MbnKuPjGMPs7a3GdWDKW5IsIj1XEcM6CkSU2dC/D5IG2c+wc4as=
last-modified
Thu, 29 Sep 2022 19:48:07 GMT
server
AmazonS3
etag
W/"7414bb655596877cab6594ef7d7c62b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-id
x_YCDh1l0_kiqxR_CS2QyyRaYAAQ7vlIGl33stJLS-Qy4WT7cPfOeQ==
settings
cdn.segment.com/v1/projects/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b62755476a0d224ae89d5b69f5aa15eb51ef18a2c571fbd3d6a669a7f3e45543

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
K84Ee5bV60KEiq9wU6KaStbf7dJL7bom
content-encoding
br
via
1.1 9e89086b4bc4697bea1e1dec6ddc5c5c.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 01:41:30 GMT
x-amz-cf-pop
JFK51-C1
age
9707
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 28 Jul 2022 14:24:44 GMT
server
AmazonS3
etag
W/"f8922cb5d091347114241cee6fcc2f33"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
DpJtid9K0FXYgmuo5TjlMZ_kNu9e9kF8K3ZJzPc0uXlJ0zpVjw3aPQ==
link-dynamic-loader.js
cdn.plaid.com/link/2.0.1398/ 		0
43 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/2.0.1398/link-dynamic-loader.js
Requested by
Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-117.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 19:00:47 GMT
x-amz-version-id
T81OvNJu6bfshps9G1xPc8uFPxZefLcQ
content-encoding
gzip
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
33749
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 29 Sep 2022 19:48:07 GMT
server
AmazonS3
etag
W/"a5f147134a874f0b63da3223dc7133cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800
x-amz-cf-id
BOqpqnCOZh1M7xFFMb2fhmwqBBbzm05q10c_huaSapknds9ezcZUPw==
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 04 Oct 2022 04:23:15 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C0D1031966E4A48BFF2AE4DF8161133 Ref B: YTO01EDGE0809 Ref C: 2022-10-04T04:23:16Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
events.js
analytics.tiktok.com/i18n/pixel/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.7.98 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a172-232-7-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9a57722f1b63611971fda47ee19090160f3c11b21405e65327bf6d1a4a6891cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
gzip
x-akamai-request-id
1eb06981
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20221004042316410B36759050EA02C40F
vary
Accept-Encoding
x-cache
TCP_MISS from a172-232-7-94.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
23,172.232.7.94
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0dec3d99fec582ce1acc73c90db3a978ee3589a9780e5c7b5d345c01daf78e89d3b55a58999f76f392090f4b92f98a6ad097911540a78a92533d6b0fccacd5f9eea7
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=23
expires
Tue, 04 Oct 2022 04:23:16 GMT
scevent.min.js
sc-static.net/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-113-246.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
6533db921fa04e1546686ca9111f2cc38032b09365026cf886e3b4d8f58020d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
gzip
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
8757
x-amz-cf-id
7EZ2mRdGqgZ5MLfFHy-v9owrfdC-Yt_5kd7nsnlOZ5rWjiMsr1-7tA==
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 04 Oct 2022 04:23:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Lb2BI2zBCdsJppBOPK+y0wFvhTMCkhuJSCt1FVfxXu30oz90MIC+tL2gMVTkZbiY9RB/NzYMgJ94uAirKU6SyQ==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.19f44e23.js
web.koho.ca/static/js/ 		3 MB
746 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/static/js/main.19f44e23.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb342a218b4b7c5d62e4a7cc32c36601b928466729b658e9c7749675e4341a18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/referral/SM89J9XZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 21037594d36e9b9a390ad50eb40cec6a.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Sep 2022 12:55:23 GMT
server
cloudflare
etag
W/"6ce56aacdc759bf81f2bece8a13d0ffe"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
cf-ray
754b24250b9853fb-YYZ
x-amz-cf-id
7688g5WWJAD7OVV72OiRP1u5g3dN-WTO01qzXp2CjyMa6knLjLj1sg==
app.js
acsbapp.com/apps/app/dist/js/ 		426 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
2c1b65fde8061e09e63a4a93fea9f47512ba90094db86b3a62115ab4f03416f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
br
last-modified
Mon, 03 Oct 2022 17:07:56 GMT
etag
"6a902-633b16ec-af3ebb833015feec;br"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
142239
expires
Wed, 05 Oct 2022 04:23:16 GMT
iu3
s.amazon-adsystem.com/ Frame 4A3D
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=23171337710743424&dcc=t
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
274c4bf0d7032abc99af6ad85567b45fdee131d6d94530ed7eb8552456d3a5d4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1152
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 04 Oct 2022 04:23:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RANCX9GVW8QSN86YPDSY

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 04 Oct 2022 04:23:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=23171337710743424&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
00P40MXPDHYH7WYVP6NV
iui3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...
  • https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D15128585...
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&dcc=t
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9R1ATMPN4BMCWE9RGKBY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R52NNTQ51SMW3ZRWSFRN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7722
870.bundle.323974846b6d45afb45e.js
cdn.segment.com/analytics-next/bundles/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 08:03:23 GMT
x-amz-version-id
O3TYlfTF38gXfIVLYR4rmmfjC2blbB1M
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
2319594
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Sep 2022 07:41:43 GMT
server
AmazonS3
etag
W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
_fNJAf0D0f3ENUKsK2F2ptRD59zfmZT7DDOBvavVsqqPb8s3YgpSAQ==
ajs-destination.bundle.35a8f6f19959bf2f455f.js
cdn.segment.com/analytics-next/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 10:03:10 GMT
x-amz-version-id
aQUBg.QXPuT6mYHMNV.43Hi_xhE.jtoN
content-encoding
br
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
2485207
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sat, 03 Sep 2022 04:34:27 GMT
server
AmazonS3
etag
W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
u0r60EpkGrTgvJ5Unws_QB94xwz_znjhveF2WEZRPAxQhWWpx2AlhA==
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 10:29:44 GMT
x-amz-version-id
.2F30zWCOyrC1vrGDesyD3Q_04LRDBZp
content-encoding
br
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
2483613
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sat, 03 Sep 2022 04:34:27 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
NDL-KVu6aFO9Vr98CM_JWbjbuGRwMfOVomh3auwhEytdTHwqspTXPw==
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1664857396074&id=t2_e4ba8g8u&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=aacfb5b8-bb59-47af-af88-9cd6ab1012b0&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
599633800219052
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/599633800219052?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a9e7b40607770f5a56e4eae6fb4b433a9c08aaecd4750a15eba83245ec6be7c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 04 Oct 2022 04:23:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85895
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
YfRvkHNXFS1ls0AX5uDlTNVQ47nqisiRxS1Um7y6Ntte1vbXMpMkIWNESmL8AQGZxilYRb+uG96/d2spe3/zog==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
56368685.js
bat.bing.com/p/action/ 		1 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56368685.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
200deff96f3ff8c96f1259db3aea670e766f3647a15c74edb0b42170a15dd7aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 04 Oct 2022 04:23:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 39B652C8386F4E13BDEEB14CAC128573 Ref B: YTO01EDGE0809 Ref C: 2022-10-04T04:23:16Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
668
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56368685&Ver=2&mid=6e52c97e-cfe4-4966-a3ae-1649204ea7b7&sid=4477ae80439c11ed860773e38c9e508f&vid=4477cf10439c11edba8d9fd881bfd06f&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=KOHO&p=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&r=&evt=pageLoad&sv=1&rn=850580
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Oct 2022 04:23:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E97DFF1CB4F42D7AE7824622D392320 Ref B: YTO01EDGE0809 Ref C: 2022-10-04T04:23:16Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
amplitude.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 12:49:46 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-version-id
gJlYJ9dgH2NvmWazB0ilSMUAxCclDsWw
x-amz-cf-pop
JFK51-C1
age
315211
x-cache
Hit from cloudfront
content-length
3181
last-modified
Mon, 19 Sep 2022 21:38:19 GMT
server
AmazonS3
etag
"949376aa55c1e7a26572d64a97dbe296"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
DB9-oMl0JIG-bDdQyQNQr8cexTb015d0_VAZLIutHzGYzL7ehXR7aA==
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:30:17 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-version-id
i7V8adpJC0v_FV6MGqES_PT759Yi.CDp
x-amz-cf-pop
JFK51-C1
age
456779
x-cache
Hit from cloudfront
content-length
4743
last-modified
Mon, 19 Sep 2022 21:38:20 GMT
server
AmazonS3
etag
"36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
aHdrQXnVCO_pSirL0wp-GMg3KVp8Q4iMBEQrT7otP5XQ-DoXwXJ9qw==
google-adwords-new.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/google-adwords-new.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb3b64d44021d764fb620e90c54d8190e488a830fb02b38775463650dd282cb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 10:01:07 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-version-id
DhnVJeCSYtBSBZzW.QXJxjhST6dNXS.l
x-amz-cf-pop
JFK51-C1
age
843730
x-cache
Hit from cloudfront
content-length
1636
last-modified
Mon, 19 Sep 2022 21:38:20 GMT
server
AmazonS3
etag
"620564b85ad2c80b8d7935669871043c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
2Jxex_fUm0Lk2IxZIhZCyoNiwTvw0qeahTMU72Tc0ukC3ff9mK_z3A==
google-tag-manager.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:34:47 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-version-id
Y4lwW_1LqKmsCq_EX8EGKACwF5NkY9as
x-amz-cf-pop
JFK51-C1
age
578910
x-cache
Hit from cloudfront
content-length
1342
last-modified
Mon, 19 Sep 2022 21:38:20 GMT
server
AmazonS3
etag
"a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
X4Hlv9qs3VTb4YM7kb09qBxoMHt3JmzfzD6_RZRt9MnFN2541i0sHA==
linkedin-insight-tag.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:54:08 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-version-id
r2nyTxWTpEuqi72HdPhvMC3J5yBNohDD
x-amz-cf-pop
JFK51-C1
age
887349
x-cache
Hit from cloudfront
content-length
1061
last-modified
Mon, 19 Sep 2022 21:38:20 GMT
server
AmazonS3
etag
"9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
Naoq5DjLulmTun5KIHDDAXmu9fLPZ8-h9KFvo5ecR6lNLD43XbsqrA==
twitter-ads.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b463c4dd20b3cbc19ec6283dd35a50a10d926c6efe5e0b054fdc5e3b959b6f19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 21:54:07 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-version-id
TdQWdPtD85M71EWyqfo1KOrYVRR5fwK_
x-amz-cf-pop
JFK51-C1
age
887349
x-cache
Hit from cloudfront
content-length
1969
last-modified
Mon, 19 Sep 2022 21:38:21 GMT
server
AmazonS3
etag
"c8cbba72a05e723659d348e2dd175bb0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
KxYXfcbjUHHtwPfdCga7C9dAHBiwfqfUnR-hIs-SeDck_LjWnE6O2Q==
init
tr.snapchat.com/ 		126 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=18f977ac-724c-4b10-a145-d6c3aa30a9c6
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
53a90be17c8ccbbcac38315e37155c0e0e26820a03058fb231bb48b63c2cf150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google, 1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://web.koho.ca
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
is_enabled
tr.snapchat.com/collector/ 		79 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=18f977ac-724c-4b10-a145-d6c3aa30a9c6&tld=ca
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
48e8b5489088931970427de70d47ce9cfa6fe46cd58e9d5ae8d9c6fa00cdfe9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google, 1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://web.koho.ca
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
tr.snapchat.com/cm/ Frame C441 		672 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=da43de41-ba70-4e29-9ac3-3329bf565b23&u_sclid=6d5f353d-a684-466b-9ae0-4f7c8337663d
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
gzip
content-type
text/html
date
Tue, 04 Oct 2022 04:23:16 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
7
p
tr.snapchat.com/ 		68 B
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://web.koho.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarySSWa2AouIJngERJb

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://web.koho.ca
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/55ISPtHuwCa8DI4LQEqGuliQORi5XN4c/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-151.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 02:10:32 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-version-id
Z.cz1sApkVz0CAwS1aXBsP5bZXvNz24o
x-amz-cf-pop
JFK51-C1
age
785565
x-cache
Hit from cloudfront
content-length
22177
last-modified
Mon, 19 Sep 2022 21:38:18 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
XtXSIUDHYLpcdChR0oVAUmyAAwCKaSrBlgBBV5ZegVGDArVvgquIow==
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.7.98 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a172-232-7-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
gzip
x-akamai-request-id
1eb069cb
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210040423166D4739699A21D5103016
vary
Accept-Encoding
x-cache
TCP_MISS from a172-232-7-94.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,172.232.7.94
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0dec3d99fec582ce1acc73c90db3a978ee356bcecc26f15dc1d0f75e164a4b3b0ce3bd4d98dd627b913737e9a3f3c5fc567a6d85a4fae53530239b17978826a21546
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=11
expires
Tue, 04 Oct 2022 04:23:16 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BTGIL6BQ55EMJL0L2V00&hostname=web.koho.ca
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.7.98 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a172-232-7-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
56384da2193b6c8acdcc2327bc507a7ab78ca4d0354180d549a20f8a55962129

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id
1eb069fc
date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a172-232-7-94.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=12
content-length
19664
pragma
no-cache
server
nginx
x-tt-logid
202210040423169541A1256265390881FC
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,172.232.7.94
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0dec3d99fec582ce1acc73c90db3a978ee3575a6b28e3c9a6b290987df3f489da72d00dcdecb3549eb5675011f59821416463c06ea52658c091ed7c33385dd0c1caa
expires
Tue, 04 Oct 2022 04:23:16 GMT
pr
s.amazon-adsystem.com/v3/ Frame 39E1 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=23171337710743424&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f71cee8d9441d52cdc6f24e9ed0560fa3c0220f8d869b8a0b15751239fe8cca4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da0a1b511-ad9b-0004-ff63-a6651392dd40%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://web.koho.ca/&ex-hargs=v%3D1.0%3Bc%3D1512858570601%3Bp%3DA0A1B511-AD9B-0004-FF63-A6651392DD40&cb=23171337710743424&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
6069
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 04 Oct 2022 04:23:16 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
BKFY94QG2SAS95M9KP9P
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=599633800219052&ev=PageView&dl=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&rl=&if=false&ts=1664857396282&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664857396280.1798468063&it=1664857396084&coo=false&rqm=GET
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 04 Oct 2022 04:23:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
config.json
cdn.acsbapp.com/cache/app/web.koho.ca/ 		159 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/web.koho.ca/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
83.229.67.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
e888a175e3fb186bdc6c58bc176b98c387d4a48aff10b5043c0a269248dd60b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
last-modified
Tue, 04 Oct 2022 04:22:12 GMT
etag
"9f-633bb4f4-7d7d660977e6b05b;;;"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
159
expires
Wed, 05 Oct 2022 04:23:16 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://ib.adnxs.com/setuid/a9?entity=188&code=eBRBaMQCTcG2kB3EB28vLg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DeBRBaMQCTcG2kB3EB28vLg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eBRBaMQCTcG2kB3EB28vLg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eBRBaMQCTcG2kB3EB28vLg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YVEE9WXHQK4J8PN8C7E6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
AN-X-Request-Uuid
1f615373-f20d-43d5-a74a-13454ea2b19c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=eBRBaMQCTcG2kB3EB28vLg
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268
  • https://s.amazon-adsystem.com/ecm3?id=213350604294003243929&ex=neustar.biz
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=213350604294003243929&ex=neustar.biz
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NRTS6P4Z068GHDBT4FF5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:16 GMT
via
1.1 4b6e1bc9480bffb0b8980e408fffa59e.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR53-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://s.amazon-adsystem.com/ecm3?id=213350604294003243929&ex=neustar.biz
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
bcRfNDdqVj0Ua3WmlljxlyRCi35qj6cL26NTPMwbhmfmW_gHkShd-Q==
expires
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=3bp3EtDbS-CbFvmUtJFl6g&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=3bp3EtDbS-CbFvmUtJFl6g&C=1
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Yzu1NBAhy8dr1EzXnpsb.QAA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Yzu1NBAhy8dr1EzXnpsb.QAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
05PS7HQDKZTE3A9E1J5W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2m5LKq2m0vL5vjSYvQ7uBXeBf3vXpPPJ5a5ZNXw17Dx3Jrq9kTU2YUGqAj2DT66TLSA9Zh%2BkecgaTS5tmVNl7AVQyLRUCC8wzj77NwVTMOkNK4vfCbVGHUK%2BJVSGOxlgogyji%2B5xdY5mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Yzu1NBAhy8dr1EzXnpsb.QAA
cache-control
no-cache
cf-ray
754b242ac8af5431-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b8acb2c33e9777e6a6bfac40caba050a
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b8acb2c33e9777e6a6bfac40caba050a
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ATG1ATV2MZEV9ADY5AJX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b8acb2c33e9777e6a6bfac40caba050a
Date
Tue, 04 Oct 2022 04:23:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PZD5G0XAQ1YRQXP2CWH4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date
Tue, 04 Oct 2022 04:23:16 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=yHaKGWeQTJOUPHKXgXILAQ
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=yHaKGWeQTJOUPHKXgXILAQ&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=yHaKGWeQTJOUPHKXgXILAQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=yHaKGWeQTJOUPHKXgXILAQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
51WPA79BMF29S2PS0Q2K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=yHaKGWeQTJOUPHKXgXILAQ
date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=58552df7-d057-46cc-bc13-2ecfdc0c7de0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=58552df7-d057-46cc-bc13-2ecfdc0c7de0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y2ZPXCFK9EGB3JA9HNT6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
Location
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=58552df7-d057-46cc-bc13-2ecfdc0c7de0
Date
Tue, 04 Oct 2022 04:23:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
  • https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5a8ce4fdb9c94cea938d7ceee0af31ea
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5a8ce4fdb9c94cea938d7ceee0af31ea
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7NGSV3ZW8XZC2F3AKQ4N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=5a8ce4fdb9c94cea938d7ceee0af31ea
date
Tue, 04 Oct 2022 04:23:16 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
  • https://s.amazon-adsystem.com/ecm3?id=y-k3YLIyhE2pE6FTkzLukXPjdEFyHVdjSN1djL~A&status=NOT_FOUND&ex=gemini
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=y-k3YLIyhE2pE6FTkzLukXPjdEFyHVdjSN1djL~A&status=NOT_FOUND&ex=gemini
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
00FMT8RQS1CWAJ3NA3JW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0114.tgt.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?id=y-k3YLIyhE2pE6FTkzLukXPjdEFyHVdjSN1djL~A&status=NOT_FOUND&ex=gemini
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
  • https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=fcb128fb-da80-4001-570d-3b51d823ccf5
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=fcb128fb-da80-4001-570d-3b51d823ccf5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XA5MB3H6QR9NSHP2DBXK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 04:23:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=fcb128fb-da80-4001-570d-3b51d823ccf5
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
754b2427c8bf7148-YUL
access-control-allow-headers
*
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=6918a39cd313543a3cc95661abe2d6ec&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=6918a39cd313543a3cc95661abe2d6ec&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
003YH9BHJBT1546Y7536
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=6918a39cd313543a3cc95661abe2d6ec&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1664857396951022-247
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T16TCDD8MHGPNXS6ZE0J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 f7a96eacae195ce7e3982601464ebc84.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=XPKGFVQ4VSB0D64STCB8:sn=www.imdb.com
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
Server
x-amz-rid
XPKGFVQ4VSB0D64STCB8
x-frame-options
SAMEORIGIN
vary
Content-Type,Accept-Encoding,User-Agent
location
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag
noindex, nofollow
x-amz-cf-id
c4oecHiq6UDpLbElVFGHGGeBB6GJOxMKW9PJyd5w5kQEL7EyZOZOrA==
usermatch.gif
beacon.krxd.net/ Frame 39E1 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=LML2B8HLQ0-9EAGvEK5kKQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.48.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-48-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by
beacon-n022-ash-prod.krxd.net
date
Tue, 04 Oct 2022 04:23:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1664857399
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel.gif
usersync.samplicio.us/amazon/ Frame 39E1 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.251.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-147.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Server
nginx/1.20.0
Location
https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 39E1 		0
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=CSHSzeL8TvShMLizMZMlEw&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.126.92 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
92.126.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10158894e25cb0555
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10158894e25cb0555
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FAZQ71TYKPDW3TXVC011
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 04:23:17 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,OPTIONS,GET
content-type
text/html; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10158894e25cb0555
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization
content-length
94
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eS8khU-hTUSZOwWbaglYlg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eS8khU-hTUSZOwWbaglYlg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eS8khU-hTUSZOwWbaglYlg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
862ZXFX5GCD37YA23ZBW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=eS8khU-hTUSZOwWbaglYlg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
c1.adform.net/serving/cookie/match/ Frame 39E1
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=35GHrg0SShSLjOgJogLdQQ
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6918a39cd313543a3cc95661abe2d6ec&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=a136_7150508072619100683&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjkxOGEzOWNkMzEzNTQzYTNjYzk1NjYxYWJlMmQ2ZWM=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAOf_0O8QkF9clKeSRcfHdE&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=729b6705-fc31-4565-bde5-1468f57a3936
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/6918a39cd313543a3cc95661abe2d6ec?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-ESJ4PJhE2oPRSoyW3CNWVViC19YRayv67TS.rUmQ~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8896634046348119270
  • https://usersync.octillion.tv/fw?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1554&userId=f1467eae-bc7c-4987-9776-b18d8b668346
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAH64E7Gd2oAAB_W1dlmOw&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=vMsaDeO61OFzsG5&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
0
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=-7Rv8uyjTP-rgxTkPpH8mA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=-7Rv8uyjTP-rgxTkPpH8mA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=83119946646512766830427797561629329535
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=83119946646512766830427797561629329535
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AZS6SC9TSS9AGNG6RSSD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-va6-1-v043-09382261a.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
v+bxGnrTTZ0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=83119946646512766830427797561629329535
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=SSKLM4fiQO-fb5abkkYS_g
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10599925413564050934&gdpr=&gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10599925413564050934&gdpr=&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TSYHDA34WPX4HGXNZ2W2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10599925413564050934&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P11ZH24TBDHRT6RPVZN7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 04 Oct 2022 04:23:17 GMT
Server
nginx/1.19.2
X-Powered-By
Express
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Content-Type
image/gif; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=survata.com&id=
Referer
px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2525618950739153524
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2525618950739153524
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RKPHJPP6AFAB8SCD800T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2525618950739153524
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=45610a9d-439c-11ed-bff1-1fae1c890103
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=45610a46-439c-11ed-bff1-1fae1c890103
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=45610a46-439c-11ed-bff1-1fae1c890103
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2JCXGVPY04XW0TCJ9GFF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 04:23:17 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=45610a46-439c-11ed-bff1-1fae1c890103
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
145
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%229d856095-1bba-4418-ae98-fa8a554683da%22,%22Time%22:%2220221004T042317.436880%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9d856095-1bba-4418-ae98-fa8a554683da
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9d856095-1bba-4418-ae98-fa8a554683da
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S8QXES8CBRDCB0TKB5DG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=9d856095-1bba-4418-ae98-fa8a554683da
Server
LogModule 0.4
Content-Length
204
Content-Type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm=&ex=doubleclick.net&google_tc=
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESELyi9AGC-BG0oEHkVeYSiBc&google_cver=1
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESELyi9AGC-BG0oEHkVeYSiBc&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JYEK163EE88AQBK6NWET
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESELyi9AGC-BG0oEHkVeYSiBc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
usermatch.krxd.net/um/ Frame 39E1 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.krxd.net/um/v2?partner=amzn
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.177.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-177-24.compute-1.amazonaws.com
Software
/
Resource Hash
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by
usermatch-a012-ash-prod.krxd.net
date
Tue, 04 Oct 2022 04:23:17 GMT
content-type
text/plain; charset=utf-8
x-age
0
content-length
20
x-cache
MISS
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=6d9d8e7da8fcaeaa1da5386303f0eb4f
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=6d9d8e7da8fcaeaa1da5386303f0eb4f
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9NSK1660R10YVKVE6HJA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=6d9d8e7da8fcaeaa1da5386303f0eb4f
date
Tue, 04 Oct 2022 04:23:17 GMT
via
1.1 fe3f86f21d87c094c405e9e14c807538.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
content-length
0
x-amz-cf-id
Jv3hJEnHL4VFnK0sqCGbnEzWbpww036THMDw4DPC3D_CGYoLYrl4EA==
x-cache
Miss from cloudfront
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7918568b-0935-c848-3245-70aa9ece1a60
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7918568b-0935-c848-3245-70aa9ece1a60
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1P43W7QKW8Z5B697R4GB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 04:23:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7918568b-0935-c848-3245-70aa9ece1a60
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=KmmCBEAVgb8bhg_j5_51zDc4cak4ZgIC
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index&id=KmmCBEAVgb8bhg_j5_51zDc4cak4ZgIC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MM86AA159V0A9BARVER2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKYPvWXo%2BqkVzJfu%2BPMPx4Tzt9C1WuRIt7KFN%2B2g%2Fo%2FPf2K%2BcNEEQ9yEotdESJhxD9L0AKxfA%2BXZFUtk2spZz9o26%2FSvFcdrGSmvSshbat%2B2Up6ujdnG9RZfZ1AskLjXGT3zZ4pBPLwFMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.amazon-adsystem.com/ecm3?ex=index&id=KmmCBEAVgb8bhg_j5_51zDc4cak4ZgIC
cache-control
no-cache
cf-ray
754b242e3bb2a1de-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 39E1
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=8341&xuid=9IiGKVG9TYWrRZTVGKmP1g&dongle=az46
  • https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=9IiGKVG9TYWrRZTVGKmP1g&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=9IiGKVG9TYWrRZTVGKmP1g&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 04 Oct 2022 04:23:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=8341&xuid=9IiGKVG9TYWrRZTVGKmP1g&dongle=az46&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 04 Oct 2022 04:23:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8DF0B6F4152C74B0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8DF0B6F4152C74B0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VVHCS498RQR4JR94E496
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Frontend-ID
8
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=8DF0B6F4152C74B0
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8896634046348119270&ex=appnexus.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=8896634046348119270&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BBE22DS3V7NCQ6MKNY95
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
AN-X-Request-Uuid
00d47715-9f8a-4a6a-a299-dcf68617a9bf
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://s.amazon-adsystem.com/ecm3?id=8896634046348119270&ex=appnexus.com
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=6zxgzw2hQjOLjvCuoiA1dA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
  • https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=6zxgzw2hQjOLjvCuoiA1dA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=6zxgzw2hQjOLjvCuoiA1dA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WK59TF3YMVQF2CNV51MY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=6zxgzw2hQjOLjvCuoiA1dA
date
Tue, 04 Oct 2022 04:23:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2179&pt=n
  • https://s.amazon-adsystem.com/ecm3?id=f2ZneJlk_qZdvOStlYgsMQ&ex=rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=f2ZneJlk_qZdvOStlYgsMQ&ex=rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
960JGGXPRQ8Q72GNZE8W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=f2ZneJlk_qZdvOStlYgsMQ&ex=rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=B0Zk_FKoRTKoKMCola03Ng&
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SVB76H49B79TF5MQFJGP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://loadus.exelator.com/load/?p=204&g=8888&j=0
  • https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1
  • https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=81ae68656eeda00d1e4620d71a5e3397
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=81ae68656eeda00d1e4620d71a5e3397
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FNT6F9GFYQ9AMEV1WG5Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 04:23:17 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=81ae68656eeda00d1e4620d71a5e3397
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2D35B53B63597FA90D02508A59
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2D35B53B63597FA90D02508A59
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7Z0Z169CYH752DBJN3CQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 04 Oct 2022 04:23:17 GMT
Server
openresty/1.15.8.2
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AC8F4F2D35B53B63597FA90D02508A59
Access-Control-Allow-Origin
https://www.homedepot.com
Access-Control-Expose-Headers
User-NDAT
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
P3P
CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection
keep-alive
Content-Length
151
Expires
Tue, 04 Oct 2022 04:23:16 GMT
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=7ed8a8eef64118f48ba8b4dc43f426f1cd4d02af1d16018e9706171a4028c0c0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=7ed8a8eef64118f48ba8b4dc43f426f1cd4d02af1d16018e9706171a4028c0c0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TKQGEJ6FBRMBTM0WCT9D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=7ed8a8eef64118f48ba8b4dc43f426f1cd4d02af1d16018e9706171a4028c0c0
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
retry-after
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B2A05308-7371-4A69-B50B-882EBB9A219F
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B2A05308-7371-4A69-B50B-882EBB9A219F
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
83SZP9A65M2ZGAR5G2Z0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B2A05308-7371-4A69-B50B-882EBB9A219F
date
Tue, 04 Oct 2022 04:23:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 39E1
Redirect Chain
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=23caed48-0de9-4fe7-aef0-812c329d4a5d-tucta353ab5
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=23caed48-0de9-4fe7-aef0-812c329d4a5d-tucta353ab5
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=LML2B8HLQ0-9EAGvEK5kKQ&dmt=3&ex-pl-n-g-hmt=B0Zk_FKoRTKoKMCola03Ng&ep=mfS4I4Lxm4iN8M-0MyueFTvm0jIbROW1mV1fj5oKK3u4yn8p46h4oqCyHeZ-vUn1VQ8R5BhBP_Lhts7p8O9Rb9XOl1sEbi7SUu4SHY4b_RjWI7dct-dlucNDqjse9ip9oA9pc_Q_6ASnV2rk1tfPLunwygRVpKrtf-wYb95W-ucILsXPs0As4cYnq8fzEmm7h2ke5WK9LnVXsoYnex0d_S4-MNL6S86ZxRTcxPmGs5GDMIWbr31GVYim1t-MX2kP2RGZA8LwrQ5eslI9cY1JgNlJPFKTpKfJt7Q546Tp4Gfmr_hdF3PJeDXNrAWjxA6-zmNCXyP3cI1gngmJkG8mw3YX5WqCTgaDWcGYtlooW9jWe1PTrSTW8-CXlbxTdb_TPMXz4OMi97j-nR0QA9RCUh9fLylA7moDWppNmO8rpg4FccVd0K9z4QkCm3XuSUEmBQC0Sz-0Woe7ScWBm7iD883E4-ubKiO5lRwn5TGMjaT8NV3fVVyBQe344vMjV-qlpCIBmcOAh2q7oewKuHyLWXhJuV25joEiVUJPqTrXYm8
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 04:23:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WKPRVZ8YGPPKEZ9N0367
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=23caed48-0de9-4fe7-aef0-812c329d4a5d-tucta353ab5
date
Tue, 04 Oct 2022 04:23:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18860
amplitude-5.2.2-min.gz.js
cdn.amplitude.com/libs/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-222.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 11:41:29 GMT
content-encoding
gzip
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-amz-version-id
aZB1RIRJqET7nosqRtOBVideRuh0jIV6
x-amz-cf-pop
JFK50-P6
age
2133708
x-cache
Hit from cloudfront
content-length
17889
last-modified
Mon, 21 Oct 2019 15:45:34 GMT
server
AmazonS3
etag
"b568e7b3c9d94da6a1d4845b18400f7a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
YWHxEDiLY9KzJilFuGpV3XwwJTI1fluineuqN7GSc_ixIJuKV_Nx_g==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Oct 2022 03:02:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4856
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 04 Oct 2022 05:02:20 GMT
js
www.googletagmanager.com/gtag/ 		171 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-902961551
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
373204d2cf6eb9d4f9e367144ef91f2d4134410054435f8e938dfab694a214a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63533
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Oct 2022 04:23:16 GMT
gtm.js
www.googletagmanager.com/ 		136 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGDFZD8&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87e2e3928fda45838518a8d4808df0242836769a20417ffdb5e2ce155b2b5dff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52429
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Oct 2022 04:23:16 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=53801
accept-ranges
bytes
content-length
3063
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 14:35:09 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kcgs7200143-IAD, cache-lga21933-LGA
pixel
analytics.tiktok.com/api/v2/ 		0
543 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BTGIL6BQ55EMJL0L2V00&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.232.7.98 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a172-232-7-98.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://web.koho.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:16 GMT
x-akamai-request-id
1eb06a63
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202210040423169541A12562653908821B
x-cache
TCP_MISS from a172-232-7-94.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
20,172.232.7.94
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0dec3d99fec582ce1acc73c90db3a978ee357949767c309b2465b269b1260a6f19185c37a83f152330e5a769d5324447e71cb52be2f57193e7624ef733e1f5956238
server-timing
inner; dur=12, cdn-cache; desc=MISS, edge; dur=5, origin; dur=20
content-length
0
expires
Tue, 04 Oct 2022 04:23:16 GMT
scevent.min.js
sc-static.net/ Frame C441 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=18f977ac-724c-4b10-a145-d6c3aa30a9c6&u_scsid=da43de41-ba70-4e29-9ac3-3329bf565b23&u_sclid=6d5f353d-a684-466b-9ae0-4f7c8337663d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-113-246.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
6533db921fa04e1546686ca9111f2cc38032b09365026cf886e3b4d8f58020d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:52:44 GMT
content-encoding
gzip
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
16232
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
8757
x-amz-cf-id
9JtfwdpDr5VIj3ZR_jlEqAUagOvhzwoF3S1QpyuvMo_dQYTfU8l2kA==
5eeb94841ab9a70a809cdc75
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5eeb94841ab9a70a809cdc75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 04 Oct 2022 04:23:16 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-yul12831-YUL
x-timer
S1664857397.918274,VS0,VE0
/
o36260.ingest.sentry.io/api/3725458/envelope/ 		2 B
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o36260.ingest.sentry.io/api/3725458/envelope/?sentry_key=b6af6813dda749a3836c9191fe2b4be2&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.7.0
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://web.koho.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 04 Oct 2022 04:23:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://web.koho.ca
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
5eeb94841ab9a70a809cdc75
app.launchdarkly.com/sdk/goals/ 		2 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5eeb94841ab9a70a809cdc75
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://web.koho.ca/
X-LaunchDarkly-Wrapper
react-client-sdk/2.25.0
accept-language
en-CA,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.20.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Tue, 04 Oct 2022 04:23:16 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-yul12831-YUL
x-timer
S1664857397.932797,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
3
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjQ0ZWE3YTUwLTQzOWMtMTFlZC1iMmY4LTBiNzA0Zjc5MjJhMyJ9
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/ 		56 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjQ0ZWE3YTUwLTQzOWMtMTFlZC1iMmY4LTBiNzA0Zjc5MjJhMyJ9
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8239ec3813476a434d3031db13d826e1d645b9402954a82053f509dc0bb2655a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://web.koho.ca/
X-LaunchDarkly-Wrapper
react-client-sdk/2.25.0
accept-language
en-CA,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.20.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Tue, 04 Oct 2022 04:23:16 GMT
age
0
x-cache
MISS
content-length
71
x-served-by
cache-yul12831-YUL
x-timer
S1664857397.932857,VS0,VE42
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjQ0ZWE3YTUwLTQzOWMtMTFlZC1iMmY4LTBiNzA0Zjc5MjJhMyJ9
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjQ0ZWE3YTUwLTQzOWMtMTFlZC1iMmY4LTBiNzA0Zjc5MjJhMyJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 04 Oct 2022 04:23:16 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
12
x-served-by
cache-yul12831-YUL
x-timer
S1664857397.918273,VS0,VE0
56368685
www.clarity.ms/tag/uet/ 		0
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=599633800219052&ev=Microdata&dl=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&rl=&if=false&ts=1664857396989&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22KOHO%22%2C%22meta%3Adescription%22%3A%22A%20no-fee%20spending%20account%20with%20instant%20cash%20back%20%26%20money%20management%20app%20designed%20to%20simplify%20your%20personal%20finances.%20%20Sign%20up%20in%20minutes%20to%20join%20over%20170%2C000%20Canadians%20who%20use%20KOHO%27s%20prepaid%20Visa%20card%20to%20budget%20and%20save.%20Welcome%20to%20a%20new%20era%20of%20banking!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22KOHO%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fweb.koho.ca%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.koho.ca%2Freferrals%2Fog.png%22%2C%22og%3Aimage%3Aalt%22%3A%22The%20ultimate%20way%20to%20earn%20cash%20back%22%2C%22og%3Alocale%3Aalternate%22%3A%22fr%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664857396280.1798468063&it=1664857396084&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 04 Oct 2022 04:23:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
7f85a56ba4.css
use.fontawesome.com/ 		1 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/7f85a56ba4.css
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5S339QMKK528VSV7
age
6007
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9dSlkvadgIlyIapHx90zUSi7IallNEQegxuqLJVBFltwCmxq7oZOJkb+IdSJPqqkQoYXa9t0Gjk=
last-modified
Wed, 30 Jun 2021 21:14:33 GMT
server
cloudflare
etag
W/"8360eb270b919a1fb4776bc448d9ed14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMLeMkdSN%2BwnIuh6nebJGTDSJrz%2FechbyxiGm55bBprR4IMrU3GKCUOLBqY%2BFOb2B6Cnkmvt8YE4n7FoYBaVingYEEOyoeFfCZ%2BCl1iGCumU3Gwf8u2Hs8xIuNsgBjLwbEmjj5LI4vo%2Bg5s6u0%2FaToG%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
754b242bf8198c3f-EWR
logo-background.fd250dadb6818cbc155cf5aa833c8e4f.svg
web.koho.ca/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.koho.ca/static/media/logo-background.fd250dadb6818cbc155cf5aa833c8e4f.svg
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937d0fc0c4c2a1b468fcee6070b979dc2cdd953342c60a6eedaa251b03e623c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/referral/SM89J9XZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 2a6d4f11086c689d07041ed2831056ee.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Sep 2022 12:55:23 GMT
server
cloudflare
etag
W/"6a5a3fb3290ae4294d73fa5ba1e0d826"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
cf-ray
754b242c1ac8a232-YYZ
x-amz-cf-id
rZLvIrefakf1lYoijvGyo2VbUjF3i472H9hAL-75s3KvbikKIvRzRg==
cheers.4cfb20e53304af80b7af.webp
web.koho.ca/static/media/ 		459 KB
460 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.koho.ca/static/media/cheers.4cfb20e53304af80b7af.webp
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c37cfd5eac2fbb8b1bf3e69f0469cb0c6a8c4f8305e3bae8cd59495bfe12b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/referral/SM89J9XZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 039b6acf310ef8fb314d9bef263bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
469904
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Sep 2022 12:55:23 GMT
server
cloudflare
etag
"e7931db3dddfb6f2376f16fc139bcf76"
x-frame-options
DENY
content-type
image/webp
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
cf-ray
754b242c1acaa232-YYZ
x-amz-cf-id
G-7wopoGwuhp_X7oRqxLH_w_Csx8KWPMeyEGlcvyNfRcxwPOPaSM-Q==
phones.455f239997acab605a87.png
web.koho.ca/static/media/ 		241 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.koho.ca/static/media/phones.455f239997acab605a87.png
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d138c602518b71444616f2922e32b112107983d6e3ae4b70c058b56c55c326
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/referral/SM89J9XZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 3f47446cdc78ba68e7e51279d0973d56.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
246410
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Sep 2022 12:55:24 GMT
server
cloudflare
etag
"774470f97e03cc2a47df050894ab9369"
x-frame-options
DENY
content-type
image/png
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
cf-ray
754b242c1ad2a232-YYZ
x-amz-cf-id
MFVB6I7mqaJIe_YeCTuFwn9yJD4mn7JTg-y10k8sdiEjXRCcXVdMwQ==
basis-grotesque-medium.c4d44e1e983e74b9ede4.woff2
web.koho.ca/static/media/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/static/media/basis-grotesque-medium.c4d44e1e983e74b9ede4.woff2
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016f61f01838ce5e1d9564ffe5a84616a3c4f66048f99f1e89f410a9dc2cad9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.koho.ca/referral/SM89J9XZ
Origin
https://web.koho.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 e45a001f96edfc92a3d789e566ab0406.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28148
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Sep 2022 12:55:23 GMT
server
cloudflare
etag
"d37b904ee00f12ca729be334e9eeb28a"
x-frame-options
DENY
content-type
font/woff2
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
cf-ray
754b242c2adca232-YYZ
x-amz-cf-id
nSqSxzibXDtTwlZxCtpccbVhL_EZxpg0ZcjOHPzbgQ86JjJEJEA8cQ==
basis-grotesque-bold.b5f93f83bec082293f58.woff2
web.koho.ca/static/media/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/static/media/basis-grotesque-bold.b5f93f83bec082293f58.woff2
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.koho.ca/referral/SM89J9XZ
Origin
https://web.koho.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 939b49b14eb6e9c52659cb5fdf3603f8.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27812
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Sep 2022 12:55:23 GMT
server
cloudflare
etag
"17627e07a001f770a3f441710f74f61c"
x-frame-options
DENY
content-type
font/woff2
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
cf-ray
754b242c2adea232-YYZ
x-amz-cf-id
MhHMjW1t25kNbtrZCr145BGaJPHGzQLwC0Al-RqnE8SN30XDcRZwuw==
basis-grotesque-regular-pro.14e27a296fba4d0a5155.woff2
web.koho.ca/static/media/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.koho.ca/static/media/basis-grotesque-regular-pro.14e27a296fba4d0a5155.woff2
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.koho.ca/referral/SM89J9XZ
Origin
https://web.koho.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 22ad618d7b444b69e8464fdbcc18da0e.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50128
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Sep 2022 12:55:23 GMT
server
cloudflare
etag
"c294fc5a277925342bcdbda0ebe58f61"
x-frame-options
DENY
content-type
font/woff2
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
cf-ray
754b242c2adfa232-YYZ
x-amz-cf-id
m2kXjX0WMT8w4MPUb1a_l33I1SzLD0G4DqLVXAQF-5y-vshqwl0L-w==
en.build.json
cdn.acsbapp.com/cache/app/ 		238 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/cache/app/en.build.json
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
83.229.67.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
/
Resource Hash
7039ddbd807be8e5be0933c0cfa099709a6cc2fc9bf3a3e61a2c10ff2147edf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
content-encoding
br
last-modified
Sat, 01 Oct 2022 13:27:03 GMT
etag
"3b844-63384027-8ddbb90124a8a66a;br"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=432000 public
accept-ranges
bytes
access-control-allow-headers
*
content-length
25896
expires
Wed, 05 Oct 2022 04:23:17 GMT
li_sync
www.linkedin.com/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1664857397163&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2658514&time=1664857397163&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1664857397163%26url%3Dhttps%253A%252F%252Fweb.koho.ca%252Freferr...
0
0
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 04 Oct 2022 05:20:38 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-902961551
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15192
x-xss-protection
0
server
cafe
etag
699633608045481581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 04:23:17 GMT
SM89J9XZ
webgateway.koho.ca/1.0/referrals/code/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/referrals/code/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,CONNECT
access-control-allow-origin
https://web.koho.ca
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
754b242d6ee85419-YYZ
date
Tue, 04 Oct 2022 04:23:17 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
SM89J9XZ
webgateway.koho.ca/1.0/referrals/code/ 		140 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/referrals/code/SM89J9XZ
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba411e3d4b6e49e867a0776b153387dfbeda88cb1b8ebdcf9c517a0cf0618338
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-koho-device-platform
web
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
x-koho-app-version
2.0.0
Accept
application/json, text/plain, */*
Referer
https://web.koho.ca/
X-Organization
koho
x-device-id
953717d0-f754-40fc-84fd-fce6b3cc7099

Response headers

x-causation-id
d8672bad-3af6-451c-a2a9-d00d18925b35
date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-correlation-id
d8672bad-3af6-451c-a2a9-d00d18925b35
cf-cache-status
DYNAMIC
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.koho.ca
access-control-allow-credentials
true
cf-ray
754b242e4f27f991-YYZ
x-organization
koho
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hash
webgateway.koho.ca/1.0/users/users/anonymous-b/flags/ 		88 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/users/users/anonymous-b/flags/hash
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014a7b4417ad3e24d4e19865a4b4feb5bf04a5b0faf4a63b527a737956198d0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-koho-device-platform
web
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
x-koho-app-version
2.0.0
Accept
application/json, text/plain, */*
Referer
https://web.koho.ca/
X-Organization
koho
x-device-id
953717d0-f754-40fc-84fd-fce6b3cc7099

Response headers

x-causation-id
46652c8c-cd4a-4dba-85e3-9daaee011fcb
date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-correlation-id
46652c8c-cd4a-4dba-85e3-9daaee011fcb
cf-cache-status
DYNAMIC
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.koho.ca
access-control-allow-credentials
true
cf-ray
754b242e4f25f991-YYZ
x-organization
koho
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logout
webgateway.koho.ca/1.0/ 		107 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/logout
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5241a44f952b11c1dfaa0f893d292b82b26c30132466803f1c3ffb294dc9a663
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-koho-device-platform
web
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
x-koho-app-version
2.0.0
Accept
application/json, text/plain, */*
Referer
https://web.koho.ca/
X-Organization
koho
x-device-id
953717d0-f754-40fc-84fd-fce6b3cc7099

Response headers

x-causation-id
b6f3a184-a567-4a42-8672-b558b0e3f92a
date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-correlation-id
b6f3a184-a567-4a42-8672-b558b0e3f92a
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
server
cloudflare
vary
Origin
content-type
application/problem+json
access-control-allow-origin
https://web.koho.ca
access-control-allow-credentials
true
cf-ray
754b242f5ffdf991-YYZ
x-organization
koho
content-length
107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.fontawesome.com/7f85a56ba4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5S364MARM4QVH1ZD
age
24613881
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/WdOL5DOZk24FpO2o16wdx2G6gzY13wfK/ja6JKGXbjoERAPjwmMDgEWQ7AJWn+8hZFs4N5Emog=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcrOswr5fafC9ea%2F8Gp22kISokASqX2L6CfOST%2FoJlEITKgxQmPZowoZRYqNZShODbCfvb4qDUZ%2BhMOlmXioqbnZO742MJVwgqEYR63tc%2FSKC9vpsd%2BE%2BHhucN1SBjpxoDIN%2F9rVrWm1AOulN%2F2GF1jw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
754b242d3fa48c99-EWR
hash
webgateway.koho.ca/1.0/users/users/anonymous-b/flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/users/users/anonymous-b/flags/hash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,CONNECT
access-control-allow-origin
https://web.koho.ca
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
754b242d6ee95419-YYZ
date
Tue, 04 Oct 2022 04:23:17 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
logout
webgateway.koho.ca/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://webgateway.koho.ca/1.0/logout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.38 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
Access-Control-Request-Method
POST
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-device-id,x-koho-app-version,x-koho-device-platform,x-organization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,CONNECT
access-control-allow-origin
https://web.koho.ca
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
754b242d6eeb5419-YYZ
date
Tue, 04 Oct 2022 04:23:17 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
p
tr.snapchat.com/cm/ Frame 5DDF
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1664857397279&u_scsid=c38255d9-8c26-4959-9fb2-92508cf948ce&u_sclid=85077e00-95e4-4eb6-807b-2e26dc67f38a
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1664571956481%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1664571956481%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1664571956481&pnid=140&pcid=14a91a88-3fb1-4343-99b2-cc99c977c013
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1664571956481&pnid=140&pcid=14a91a88-3fb1-4343-99b2-cc99c977c013
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Tue, 04 Oct 2022 04:23:17 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google, 1.1 google
x-envoy-upstream-service-time
12

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 04 Oct 2022 04:23:17 GMT
location
https://tr.snapchat.com/cm/p?rand=1664571956481&pnid=140&pcid=14a91a88-3fb1-4343-99b2-cc99c977c013
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
logomono.svg
web1.acsbapp.com/apps/app/dist/media/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902961551/?random=1664857397379&cv=9&fst=1664857397379&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&tiba=KOHO&auid=698038595.1664857397&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c2015dbffa14489493cf08941a2f5734a80e3c19e36f9b7e2b6dd828fe712d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1030
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/902961551/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/902961551/?random=1664857397379&cv=9&fst=1664856000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&tiba=KOHO&async=1&fmt=3&is_vtc=1&random=4145262751&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/902961551/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/902961551/?random=1664857397379&cv=9&fst=1664856000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&tiba=KOHO&async=1&fmt=3&is_vtc=1&random=4145262751&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/referral/SM89J9XZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/ 		81 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0?h=5e7a2804c17b3b552f3cc07ea2daf3ec7fb341ae133bccb4cfdd33f7839a9192
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4758940c0aebb6b022188104c33dccf7c72b9b9fee824575248ae1b047b64f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://web.koho.ca/
X-LaunchDarkly-Wrapper
react-client-sdk/2.25.0
accept-language
en-CA,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.20.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Tue, 04 Oct 2022 04:23:17 GMT
age
0
x-cache
HIT
content-length
12961
x-served-by
cache-yul12831-YUL
x-timer
S1664857398.629106,VS0,VE0
etag
"6454d_7KI3CaBfTAdQ8d2g4VykzQ==b"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding, Authorization
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
3
eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/eyJrZXkiOiJhbm9ueW1vdXMtYiIsImFub255bW91cyI6dHJ1ZX0?h=5e7a2804c17b3b552f3cc07ea2daf3ec7fb341ae133bccb4cfdd33f7839a9192
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 04 Oct 2022 04:23:17 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
13
x-served-by
cache-yul12831-YUL
x-timer
S1664857398.614328,VS0,VE0
embed.js
solve-widget.forethought.ai/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/embed.js
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c73fafb54146e1a6c32a6e42b78bdb69cdbc6325aa003431072419ab8900e1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
etag
"633b228d-3fe3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform, max-age=0
accept-ranges
bytes
cf-ray
754b242fce33ca57-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16355
/
solve-widget.forethought.ai/ Frame BA94 		311 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/?v=2
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85303332bde60992e85edeca7c4369128ba9b98af70b4633a945696fff43fc2c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://web.koho.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, no-transform, max-age=0
cf-cache-status
DYNAMIC
cf-ray
754b2430f9cc7157-YUL
content-length
311
content-type
text/html
date
Tue, 04 Oct 2022 04:23:18 GMT
etag
"633b228d-137"
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
embed.js
solve-widget.forethought.ai/ Frame BA94 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/embed.js
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c73fafb54146e1a6c32a6e42b78bdb69cdbc6325aa003431072419ab8900e1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://solve-widget.forethought.ai/?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
etag
"633b228d-3fe3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform, max-age=0
accept-ranges
bytes
cf-ray
754b2432fb627157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16355
main.9b68f76b.js
solve-widget.forethought.ai/static/js/ Frame BA94 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/static/js/main.9b68f76b.js
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b429cf24701e321e233cbbd63f22920b2419764cdb6425695d094bf842fc46
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://solve-widget.forethought.ai/?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
age
7196
cf-polished
origSize=14848
etag
W/"633b228d-3a00"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
754b2432fb637157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
349.6680fd62.chunk.js
solve-widget.forethought.ai/static/js/ Frame BA94 		1 MB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/static/js/349.6680fd62.chunk.js
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/static/js/main.9b68f76b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b5ba93558c08d1859e1dcab828099489a53452fceec73f1e674dd5965604fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://solve-widget.forethought.ai/?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
age
7196
cf-polished
origSize=1090758
etag
W/"633b228d-10a4c6"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
754b2433bbe27157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
982.7aa9f6ea.chunk.css
solve-widget.forethought.ai/static/css/ Frame BA94 		4 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/static/css/982.7aa9f6ea.chunk.css
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/static/js/main.9b68f76b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb55ae428ebec6bca22a6b41af803eb480c2c8b189fb0d114281ce6362db10c9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://solve-widget.forethought.ai/?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
age
6646
cf-polished
origSize=3858
etag
W/"633b228d-f12"
vary
Accept-Encoding
content-type
text/css
cf-ray
754b2433bbe37157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
982.98db0abf.chunk.js
solve-widget.forethought.ai/static/js/ Frame BA94 		128 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solve-widget.forethought.ai/static/js/982.98db0abf.chunk.js
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/static/js/main.9b68f76b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f242425d6d8085afa928ba087cc06eb429ed04f273d3177e96d0c677b4cdcd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://solve-widget.forethought.ai/?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
age
7196
cf-polished
origSize=131368
etag
W/"633b228d-20128"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
754b2433bbe57157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logger-1.min.js
cdn.lr-in-prod.com/ Frame BA94 		774 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-in-prod.com/logger-1.min.js
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/static/js/349.6680fd62.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a57f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c2ed73cddd4b747d9a6b63be5dc21882ef7aef4dead6a029a6eb0011b9ce1d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://solve-widget.forethought.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263
x-cache
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yul12831-YUL
last-modified
Mon, 03 Oct 2022 20:19:21 GMT
server
cloudflare
x-timer
S1664828504.421612,VS0,VE159
etag
W/"95ba636e9cca4a3527d90fcfbbc00806cbefdd8028c2e7b8e7ccf99a763f6533"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9L9kRC9mru8J18m4lMcv7haiVXHI4aM0XF0ekUo%2B3kIEsKnyBZKH9g29l6ZMyPuQTimYtqbm%2F4bGQOgAZmr3zhfVwpmfq6Fe5XEmP3tfVyHsCcodY4RgfllcrbICk41yKJBneWgzgU%2F0x%2FxDNLqsN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
754b2434cc874bcb-YUL
x-cache-hits
0
/
o185886.ingest.sentry.io/api/5321290/envelope/ Frame BA94 		2 B
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o185886.ingest.sentry.io/api/5321290/envelope/?sentry_key=e69efc0111d24ee3b79752765776ca0a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.13.0
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/static/js/349.6680fd62.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://solve-widget.forethought.ai/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://solve-widget.forethought.ai
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
c9a0052c-4bd7-41c4-a151-f3675811e9bb
https://solve-widget.forethought.ai/ Frame BA94 		426 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://solve-widget.forethought.ai/c9a0052c-4bd7-41c4-a151-f3675811e9bb
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/?v=2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73f075e6b57a855638f866d595bf56ebd102ef552f8b927d845b789c8a1b87be

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
436092
feature-flags
api.forethought.ai/workflow/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.forethought.ai/workflow/v2/feature-flags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,is-draft,is-preview,solve-origin
Access-Control-Request-Method
GET
Origin
https://solve-widget.forethought.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,is-draft,is-preview,solve-origin
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://solve-widget.forethought.ai
access-control-max-age
600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
754b2435f96a4bb8-YUL
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 04 Oct 2022 04:23:19 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
feature-flags
api.forethought.ai/workflow/v2/ Frame BA94 		36 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.forethought.ai/workflow/v2/feature-flags
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/static/js/349.6680fd62.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e84d400b955dfb25ab72888aa508375ceb4b7808c721aa550d02fbc4ae21a17
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options DENY

Request headers

solve-origin
https://web.koho.ca
accept-language
en-CA,en;q=0.9
Authorization
Bearer 89a28e13-4c9f-4578-b21b-5f9a14d29202
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
is-draft
false
Accept
application/json, text/plain, */*
Referer
https://solve-widget.forethought.ai/
is-preview
false

Response headers

date
Tue, 04 Oct 2022 04:23:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
vary
Origin
content-type
application/json
access-control-allow-origin
https://solve-widget.forethought.ai
access-control-allow-credentials
true
cf-ray
754b2437ff7b4bcb-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
widget-config
api.forethought.ai/workflow/ Frame BA94 		1 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.forethought.ai/workflow/widget-config
Requested by
Host: solve-widget.forethought.ai
URL: https://solve-widget.forethought.ai/static/js/349.6680fd62.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79545325d9448c94fe3397403bf7c76c50315711a1874ebc41de9af2cc7dc62
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options DENY

Request headers

solve-origin
https://web.koho.ca
accept-language
en-CA,en;q=0.9
Authorization
Bearer 89a28e13-4c9f-4578-b21b-5f9a14d29202
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
is-draft
false
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://solve-widget.forethought.ai/
is-preview
false

Response headers

date
Tue, 04 Oct 2022 04:23:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
vary
Origin
content-type
application/json
access-control-allow-origin
https://solve-widget.forethought.ai
access-control-allow-credentials
true
cf-ray
754b24380f7d4bcb-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-config
api.forethought.ai/workflow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.forethought.ai/workflow/widget-config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,is-draft,is-preview,solve-origin
Access-Control-Request-Method
POST
Origin
https://solve-widget.forethought.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,is-draft,is-preview,solve-origin
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://solve-widget.forethought.ai
access-control-max-age
600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
754b2435f96d4bb8-YUL
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 04 Oct 2022 04:23:19 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/xiu5e01e
  • https://js.intercomcdn.com/shim.latest.js
18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
13.33.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-116.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38f636e41b30a0597f811a26740bb5b6b48cc3ed562aa4706ed576a7f0da492d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
VTai40L5IfLdrYIxekJ2smyso62lYb1Z
content-encoding
gzip
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
EWR52-C1
age
156
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6172
last-modified
Mon, 03 Oct 2022 15:05:32 GMT
server
AmazonS3
etag
"3256e79214c05b7b62893b05a9406e35"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
Oh5cidVI9CnkYEPh5bHswr_EYyJuigpzZEDMad_h7AhHNcwGj-PW6w==

Redirect headers

date
Sat, 01 Oct 2022 13:12:42 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
227437
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
content-length
0
x-amz-cf-id
9TQig39Xsg4bLk8uzTqJa9UuXwKkDWczFo9xGu81GF1jctYhI_DyoA==
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/5eeb94841ab9a70a809cdc75
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.151.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-151-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://web.koho.ca/
X-LaunchDarkly-Wrapper
react-client-sdk/2.25.0
accept-language
en-CA,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.20.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/5eeb94841ab9a70a809cdc75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.151.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-151-202.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Tue, 04 Oct 2022 04:23:18 GMT
strict-transport-security
max-age=31536000
frame-modern.1985e493.js
js.intercomcdn.com/ Frame 82F3 		431 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.1985e493.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xiu5e01e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-116.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e4bc08fd40dcf2fa96e95eee031f8b5cac67af1c36f5fa0d943662562d0e561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
GJRZ4aNB0KDGAP4LhDEHhE4YnxOYAyFx
content-encoding
gzip
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 03:05:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
EWR52-C1
age
4656
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
120330
last-modified
Mon, 03 Oct 2022 15:04:09 GMT
server
AmazonS3
etag
"b0d40e47cb0893eb706e8ce90c944172"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
sRuzNAmC0_jecP4hvyGqKyizUpvH2tHoDTuySgbROFJeS99y_fInng==
vendor-modern.9742668a.js
js.intercomcdn.com/ Frame 82F3 		219 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.9742668a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xiu5e01e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-116.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe8b5b8ad60caca35fc45d745d709376477940f68e9679f5444badef4bc051ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
X69QraOAABDdKee8g2WBzROXRaYG9TKu
content-encoding
gzip
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 03:18:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
EWR52-C1
age
3899
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
69458
last-modified
Mon, 03 Oct 2022 15:04:09 GMT
server
AmazonS3
etag
"b48441ef0d351865f467eb569d6de7f5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
0pejNJaDwCZHKLgbmie4LJN--J1jIYHNJtO1WNoWCVlXGP9iWf1eoA==
ping
api-iam.intercom.io/messenger/web/ Frame 82F3 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.1985e493.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.232.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-232-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f2cc8d773b76490dd9bd0e20e7a3aff595700e36624978117b9e5b1f92083406
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Oct 2022 04:23:19 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0cfcfd89bf8b8e104
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00319j40togjq7v1ahsg
x-runtime
0.538379
server
nginx
etag
W/"f2cc8d773b76490dd9bd0e20e7a3aff5"
x-ratelimit-remaining
13324
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://web.koho.ca
x-intercom-version
a9c535d53a5f755b24e3a88592c20c55a11f0fe0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1664857400
x-ratelimit-limit
13333
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
vendors~sentry-modern.cb1711a2.js
js.intercomcdn.com/ Frame 82F3 		118 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~sentry-modern.cb1711a2.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.1985e493.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-116.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
552fb9122879a5717c85bd8012f5d9d7aad4b33550a2faa843ac3a2e7504ca23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
aXoeGFaaPITNtpYLVQLmscei.Oqe0FPj
content-encoding
gzip
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 04:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
EWR52-C1
age
821
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27392
last-modified
Mon, 03 Oct 2022 15:04:09 GMT
server
AmazonS3
etag
"b41413123a4462a7d2d0686d37d91e7d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
hjNM02sgriB3Ykv6P5nfxDixVpdAKRcshmr1nY2SJvDEXLQfawMdcg==
sentry-modern.e561b09b.js
js.intercomcdn.com/ Frame 82F3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/sentry-modern.e561b09b.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.1985e493.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-116.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8720a148d314c820e9afd3c92693f5a281eaac1f29399c044c6266cd090b9c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 03:27:06 GMT
content-encoding
gzip
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
x-amz-version-id
cNX7Nuqt0w49HjhclXwfJoR5mZekT.yj
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
EWR52-C1
age
3374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1415
last-modified
Mon, 03 Oct 2022 15:04:09 GMT
server
AmazonS3
etag
"db42d5aa0a0859c37273d9e1cee3b83a"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
IjEoucjVe7_RTUZYKTVCeH8zZyFchP5Q0_xdzaTq9eaKg1iEBejJpQ==
widget-icon.c877245ab94f9fbc9cb5df14ece31d31.svg
solve-widget.forethought.ai/static/media/ Frame BA94 		1 KB
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://solve-widget.forethought.ai/static/media/widget-icon.c877245ab94f9fbc9cb5df14ece31d31.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:df2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98f904d3f156851b882b52ef43ec849dae675e0b89e82d250d513dfd84dc2b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://solve-widget.forethought.ai/?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 04:23:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Oct 2022 17:57:33 GMT
server
cloudflare
age
4541
etag
W/"633b228d-415"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
754b243928137157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41908934-3&cid=282916269.1664857397&jid=1324934283&gjid=54988475&_gid=968184765.1664857397&_u=KHBAgEAjAAAAAEAAIAB~&z=875057395
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://web.koho.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 04 Oct 2022 04:23:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://web.koho.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=2093351594&t=event&_s=1&dl=https%3A%2F%2Fweb.koho.ca%2Freferral%2FSM89J9XZ&ul=en-us&de=UTF-8&dt=KOHO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Intercom%20Messenger&ea=Closed%20Messenger&_u=KHBAgEAjAAAAAAAAIAB~&jid=1324934283&gjid=54988475&cid=282916269.1664857397&tid=UA-41908934-3&_gid=968184765.1664857397&z=719193952
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 12:56:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55592
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-41908934-3&cid=282916269.1664857397&jid=1324934283&_u=KHBAgEAjAAAAAEAAIAB~&z=779135794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-41908934-3&cid=282916269.1664857397&jid=1324934283&_u=KHBAgEAjAAAAAEAAIAB~&z=779135794
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://web.koho.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 04:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/bulk/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5eeb94841ab9a70a809cdc75
Requested by
Host: web.koho.ca
URL: https://web.koho.ca/static/js/main.19f44e23.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.151.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-151-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID
47326e80-439c-11ed-b2f8-0b704f7922a3
X-LaunchDarkly-Event-Schema
3
accept-language
en-CA,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.20.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json
Referer
https://web.koho.ca/
X-LaunchDarkly-Wrapper
react-client-sdk/2.25.0

Response headers

date
Tue, 04 Oct 2022 04:23:20 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
5eeb94841ab9a70a809cdc75
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5eeb94841ab9a70a809cdc75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.151.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-151-202.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://web.koho.ca
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Tue, 04 Oct 2022 04:23:20 GMT
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/uet/56368685
Domain
www.linkedin.com
URL
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1664857397163%26url%3Dhttps%253A%252F%252Fweb.koho.ca%252Freferral%252FSM89J9XZ%26cookiesTest%3Dtrue%26liSync%3Dtrue
Domain
web1.acsbapp.com
URL
https://web1.acsbapp.com/apps/app/dist/media/logomono.svg

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| analytics string| APP_ID function| Intercom string| AppsFlyerSdkObject function| AF object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| Plaid object| webpackJsonpPlaid object| __core-js_shared__ object| AF_cleanupMethods object| uetq string| TiktokAnalyticsObject object| ttq function| snaptr object| r function| fbq function| _fbq object| threatmetrix function| rdt object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| UET function| UET_init function| UET_push object| ueto_ce0e495db5 object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge object| amplitudeDeps function| amplitudeLoader object| google-analyticsDeps function| google-analyticsLoader object| google-adwords-newDeps function| google-adwords-newLoader object| google-tag-managerDeps function| google-tag-managerLoader object| linkedin-insight-tagDeps function| linkedin-insight-tagLoader object| twitter-adsDeps function| twitter-adsLoader object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| _0x1247 function| _0x4f58 function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| AJS object| AccessiBe object| acsb object| acsbJS object| EJSEventListeners object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| amplitudeIntegration object| amplitude function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga function| google-adwords-newIntegration object| dataLayer function| gtag function| google-tag-managerIntegration function| linkedin-insight-tagIntegration string| _linkedin_data_partner_id function| twitter-adsIntegration function| twq function| TiktokJelly object| _jelly_sdks object| webpackChunkkoho_web object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__ object| AF_SDK function| lintrk boolean| _already_called_lintrk object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twttr object| google_tag_manager function| EJSCustomEvent function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| SENTRY_RELEASE object| SENTRY_RELEASES function| Forethought object| intercomSettings function| __intercomAssignLocation

99 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.koho.ca/ Name: _rdt_uuid
Value: 1664857396073.aacfb5b8-bb59-47af-af88-9cd6ab1012b0
.bing.com/ Name: MUID
Value: 21E66AFAA21A6579303D78C9A330641B
.bat.bing.com/ Name: MR
Value: 0
.koho.ca/ Name: _uetsid
Value: 4477ae80439c11ed860773e38c9e508f
.koho.ca/ Name: _uetvid
Value: 4477cf10439c11edba8d9fd881bfd06f
.koho.ca/ Name: _scid
Value: def41443-7fbf-4381-b2ba-4e32e550e647
.amazon-adsystem.com/ Name: ad-id
Value: A3T8pEJLrUgzi24UZuIhheU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tiktok.com/ Name: _ttp
Value: 2FefJKpsxejgaM4YoefL39gMR5A
.koho.ca/ Name: _fbp
Value: fb.1.1664857396280.1798468063
.koho.ca/ Name: _tt_enable_cookie
Value: 1
.koho.ca/ Name: _ttp
Value: 39f99624-a1a6-4895-947d-8a7311b2f541
.adnxs.com/ Name: uuid2
Value: 8896634046348119270
.agkn.com/ Name: ab
Value: 0001%3AB%2F1U6YyQVO0ojIr8zINEOnC9dZ%2F86J6z
.casalemedia.com/ Name: CMID
Value: Yzu1NBAhy8dr1EzXnpsb.QAA
.casalemedia.com/ Name: CMPS
Value: 462
.casalemedia.com/ Name: CMPRO
Value: 462
.yahoo.com/ Name: A3
Value: d=AQABBDS1O2MCELj-3tTE6BeH9r25itdP0yIFEgEBAQEGPWNFYwAAAAAA_eMAAA&S=AQAAAlfanhfLkWKDVgD5yLMZplY
.zeotap.com/ Name: zc
Value: fcb128fb-da80-4001-570d-3b51d823ccf5
.bidswitch.net/ Name: tuuid
Value: 2d010ef3-1017-469d-ac94-fae9c7eb6ade
.bidswitch.net/ Name: c
Value: 1664857396
.bidswitch.net/ Name: tuuid_lu
Value: 1664857396
.myvisualiq.net/ Name: tuuid
Value: 58552df7-d057-46cc-bc13-2ecfdc0c7de0
.myvisualiq.net/ Name: c
Value: 1664857396
.myvisualiq.net/ Name: tuuid_lu
Value: 1664857396
.tremorhub.com/ Name: tvid
Value: 5ce00148bc504893ac13d3ff4cf1ce78
.tremorhub.com/ Name: tv_UIAM
Value: 5a8ce4fdb9c94cea938d7ceee0af31ea
.adnxs.com/ Name: anj
Value: dTM7k!M4/YF7/.XF']wIg2In3g5*@+!]tbPl1M]o$IyEVU[Y:iSEmqqXU@_3b5C$$_+f*R:DCwdcr<)oF!Szc#BI7y)N[UD!!+eK)l+Lw
.analytics.yahoo.com/ Name: IDSYNC
Value: 195g~27is
.ads.stickyadstv.com/ Name: UID
Value: 6918a39cd313543a3cc95661abe2d6ec
.ads.stickyadstv.com/ Name: sessionId
Value: 1ce6464d85316ae7375e6269e3c79
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 35GHrg0SShSLjOgJogLdQQ
.krxd.net/ Name: _kuid_
Value: PHfq6aLa
.mookie1.com/ Name: id
Value: 10599925413564050934
.mookie1.com/ Name: mdata
Value: 1|10599925413564050934|1664857397121
.mookie1.com/ Name: ov
Value: 12b4432701afbc7af2a2ed299d83f3e1
ads.samba.tv/ Name: sambapxid
Value: 10158894e25cb0555
.adform.net/ Name: C
Value: 1
.rubiconproject.com/ Name: khaos
Value: L8TP3X5N-8-GOHD
.demdex.net/ Name: demdex
Value: 83119946646512766830427797561629329535
.surveywall-api.survata.com/ Name: svResp
Value: 816dc7e3-2ddd-1376-1b1f-78054f6cbe79
.koho.ca/ Name: _ga
Value: GA1.2.282916269.1664857397
.koho.ca/ Name: _gid
Value: GA1.2.968184765.1664857397
.koho.ca/ Name: amplitude_idundefinedkoho.ca
Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.koho.ca/ Name: amplitude_id_10563d121b16631a278c49bd4b44caaekoho.ca
Value: eyJkZXZpY2VJZCI6ImUwNWJmYjQwLWRiYjQtNGIyNy1iMjljLWU4ODRlMmM2ZDg4ZVIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY2NDg1NzM5NzIxNSwibGFzdEV2ZW50VGltZSI6MTY2NDg1NzM5NzIxNSwiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.koho.ca/ Name: _gcl_au
Value: 1.1.698038595.1664857397
.linkedin.com/ Name: li_sugr
Value: 973e5dc9-9965-4691-b213-2f32fef2c191
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ae1ea3aa-ed68-429e-8f00-87c0c06a9095"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2886:u=1:x=1:i=1664857397:t=1664943797:v=2:sig=AQFINqbFbsF-AphmVDEC6HWs-sn0huBp"
.adform.net/ Name: uid
Value: 2525618950739153524
.dpm.demdex.net/ Name: dpm
Value: 83119946646512766830427797561629329535
.linkedin.com/ Name: UserMatchHistory
Value: AQJwqyFngYK1uQAAAYOhO9hh5Z6toUHPKNbPLAbiXP4SbCcGPQrryi_bVXCeW5goQVIa4kL83x4XFA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLo2_7OystpCwAAAYOhO9hhJBv9PLfgC-FFjEKc_n0Kqfs2YEzvvxPfGpZ79tsYanvZNhgMk_xLr_WnrQxTfw
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwQ3AMAgEsImQjgQO6DigZooM32/9ssHGW1/h5BLLdimCEoWZjtPZddXwKGnpsSvur/gAAlTlSUAAAAA=
.scorecardresearch.com/ Name: UID
Value: 1FE25c82418b1502d9c7dc11664857397
.openx.net/ Name: i
Value: f26215af-bc18-4c45-a89d-3ad592dae27d|1664857397
.fwmrm.net/ Name: _uid
Value: "a136_7150508072619100683"
.3lift.com/ Name: tluid
Value: 119362673746066435129
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: a136_7150508072619100683
.ads.stickyadstv.com/ Name: MRM_UID
Value: a136_7150508072619100683
bs.serving-sys.com/ Name: r1
Value: 1664857397_1
.serving-sys.com/ Name: u2
Value: 9d856095-1bba-4418-ae98-fa8a554683da4J5090
.tapad.com/ Name: TapAd_TS
Value: 1664857397460
.tapad.com/ Name: TapAd_DID
Value: 14a91a88-3fb1-4343-99b2-cc99c977c013
.doubleclick.net/ Name: IDE
Value: AHWqTUnpeX_-YUVLze1jNZJwJlrjqdUC8UZyXSSzdw6SdjcXJFbN2GS8RIBSsGVbpC8
.casalemedia.com/ Name: CMTS
Value: 137
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEAOf_0O8QkF9clKeSRcfHdE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: KRTBCOOKIE_290
Value: 23261-6zxgzw2hQjOLjvCuoiA1dA&KRTB&23219-6zxgzw2hQjOLjvCuoiA1dA
.pubmatic.com/ Name: PugT
Value: 1664857396
.rubiconproject.com/ Name: audit
Value: 1|zUWJHycGff1uwyOV2oAB3FYFKvj5yMZJGuizOgL8v7zWaDs14xzbSPLmTJAnEcvCXWyVJ0dxnUDyUhTWCqUS/K1sEWZomT4FxD6eoMVMhhH51YEKHw5FvbzTatOya6bRbGJyVem9VBeBq1u0XziNGcQosMH4rx7EAVZMf7k9zyXynhDmszAPOA==
.ispot.tv/ Name: pt
Value: v2:7ed8a8eef64118f48ba8b4dc43f426f1cd4d02af1d16018e9706171a4028c0c0|b95c0cb7f52eb6f5680f6c3a2a4246d9d351f2a08e012b1c9e1f0c551fc3f8c2
.ninthdecimal.com/ Name: ndat
Value: LU+PrGM7tTUNqX9ZWYpQAg==
.adsrvr.org/ Name: TDID
Value: 729b6705-fc31-4565-bde5-1468f57a3936
.spotxchange.com/ Name: audience
Value: 45610a46-439c-11ed-bff1-1fae1c890103
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.semasio.net/ Name: SEUNCY
Value: 8DF0B6F4152C74B0
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiK_6XL3PKSOxAFOAE.
.exelator.com/ Name: EE
Value: "81ae68656eeda00d1e4620d71a5e3397"
.koho.ca/ Name: _sctr
Value: 1|1664841600000
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B2A05308-7371-4A69-B50B-882EBB9A219F
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 729b6705-fc31-4565-bde5-1468f57a3936
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHCMDHVzMLM1Cw1NSXRwCDFMNXEzMggxdww0TTV2NjSfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAbEl%252BUWb6ImfHxUUpaQyLSopPBR%252B8MA8AlTEqjg%253D%253D"
.taboola.com/ Name: t_gid
Value: 23caed48-0de9-4fe7-aef0-812c329d4a5d-tucta353ab5
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-ESJ4PJhE2oPRSoyW3CNWVViC19YRayv67TS.rUmQ~A
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 8896634046348119270
.ads.stickyadstv.com/ Name: uid-bp-40946
Value: f1467eae-bc7c-4987-9776-b18d8b668346
.bidr.io/ Name: bito
Value: AAH64E7Gd2oAAB_W1dlmOw
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAH64E7Gd2oAAB_W1dlmOw
.w55c.net/ Name: wfivefivec
Value: vMsaDeO61OFzsG5
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: vMsaDeO61OFzsG5
.koho.ca/ Name: intercom-id-xiu5e01e
Value: 8202f60d-4af3-405c-ac40-798ea1b885dc
.koho.ca/ Name: intercom-session-xiu5e01e
Value:
.koho.ca/ Name: _gat
Value: 1

7 Console Messages

Source Level URL
Text
security error URL: https://bat.bing.com/p/action/56368685.js(Line 23)
Message:
Refused to load the script 'https://www.clarity.ms/tag/uet/56368685' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://api-iam.intercom.io https://solve-widget.forethought.ai https://js.appboycdn.com https://cdn.amplitude.com https://cdn.segment.com https://xjlrjsy.stg-koho.ca https://cdn.plaid.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://www.gstatic.com https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/599633800219052 https://connect.facebook.net/signals/plugins/identity.js https://static.cloudflareinsights.com https://ajax.cloudflare.com https://tag.rmp.rakuten.com/122943.ct.js https://www.google-analytics.com/analytics.js https://www.google-analytics.com/gtm/js https://websdk.appsflyer.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://www.woopra.com https://assets.onfido.com https://www.google-analytics.com https://optimize.google.com https://static.ads-twitter.com/uwt.js https://analytics.twitter.com/i/adsct https://snap.licdn.com/li.lms-analytics/insight.min.js https://bat.bing.com/bat.js https://bat.bing.com/p/action/56368685.js https://acsbapp.com/apps/app/dist/js/app.js https://*.acsbapp.com/apps/app/dist/js/app.js https://analytics.tiktok.com/i18n/pixel/events.js https://analytics.tiktok.com/i18n/pixel/identify.js https://analytics.tiktok.com/i18n/pixel/config.js https://onfido-js-sdk.com https://www.redditstatic.com/ads/pixel.js https://sc-static.net/scevent.min.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://plugin.argyle.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://app.launchdarkly.com/sdk/evalx/5eeb94841ab9a70a809cdc75/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6IjQ0ZWE3YTUwLTQzOWMtMTFlZC1iMmY4LTBiNzA0Zjc5MjJhMyJ9
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://web.koho.ca/referral/SM89J9XZ
Message:
Refused to load the image 'https://web1.acsbapp.com/apps/app/dist/media/logomono.svg' because it violates the following Content Security Policy directive: "img-src 'self' blob: data: https://appboy-images.com https://static.intercomassets.com https://lipis.github.io https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://*.koho.ca https://assets.ua.gpsrv.com https://assets.pd.gpsrv.com/ https://*.amazonaws.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://www.googletagmanager.com https://www.facebook.com/ https://consent.linksynergy.com https://ut.ra.linksynergy.com https://track.linksynergy.com https://px.ads.linkedin.com https://www.google-analytics.com https://optimize.google.com https://t.co/i/adsct https://analytics.twitter.com/i/adsct https://s.amazon-adsystem.com/iui3 https://bat.bing.com/action/0 https://web1.acsbapp.com/apps/app/dist/media/languages/en.svg https://web1.acsbapp.com/apps/app/dist/media/languages/es.svg https://web1.acsbapp.com/apps/app/dist/media/languages/de.svg https://web1.acsbapp.com/apps/app/dist/media/languages/pt.svg https://web1.acsbapp.com/apps/app/dist/media/languages/fr.svg https://web1.acsbapp.com/apps/app/dist/media/languages/it.svg https://web1.acsbapp.com/apps/app/dist/media/languages/he.svg https://web1.acsbapp.com/apps/app/dist/media/languages/tw.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ru.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ar.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ua.svg https://web1.acsbapp.com/apps/app/dist/media/languages/nl.svg https://web1.acsbapp.com/apps/app/dist/media/languages/zh.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ja.svg https://p.adsymptotic.com https://alb.reddit.com/rp.gif https://script.hotjar.com http://script.hotjar.com https://res.cloudinary.com/argyle-media/image/upload/ https://assets.onfido.com/".
security error URL: https://web.koho.ca/referral/SM89J9XZ
Message:
Refused to load the image 'https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2658514%26time%3D1664857397163%26url%3Dhttps%253A%252F%252Fweb.koho.ca%252Freferral%252FSM89J9XZ%26cookiesTest%3Dtrue%26liSync%3Dtrue' because it violates the following Content Security Policy directive: "img-src 'self' blob: data: https://appboy-images.com https://static.intercomassets.com https://lipis.github.io https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://*.koho.ca https://assets.ua.gpsrv.com https://assets.pd.gpsrv.com/ https://*.amazonaws.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://www.googletagmanager.com https://www.facebook.com/ https://consent.linksynergy.com https://ut.ra.linksynergy.com https://track.linksynergy.com https://px.ads.linkedin.com https://www.google-analytics.com https://optimize.google.com https://t.co/i/adsct https://analytics.twitter.com/i/adsct https://s.amazon-adsystem.com/iui3 https://bat.bing.com/action/0 https://web1.acsbapp.com/apps/app/dist/media/languages/en.svg https://web1.acsbapp.com/apps/app/dist/media/languages/es.svg https://web1.acsbapp.com/apps/app/dist/media/languages/de.svg https://web1.acsbapp.com/apps/app/dist/media/languages/pt.svg https://web1.acsbapp.com/apps/app/dist/media/languages/fr.svg https://web1.acsbapp.com/apps/app/dist/media/languages/it.svg https://web1.acsbapp.com/apps/app/dist/media/languages/he.svg https://web1.acsbapp.com/apps/app/dist/media/languages/tw.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ru.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ar.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ua.svg https://web1.acsbapp.com/apps/app/dist/media/languages/nl.svg https://web1.acsbapp.com/apps/app/dist/media/languages/zh.svg https://web1.acsbapp.com/apps/app/dist/media/languages/ja.svg https://p.adsymptotic.com https://alb.reddit.com/rp.gif https://script.hotjar.com http://script.hotjar.com https://res.cloudinary.com/argyle-media/image/upload/ https://assets.onfido.com/".
network error URL: https://usermatch.krxd.net/um/v2?partner=amzn
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://webgateway.koho.ca/1.0/logout
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acsbapp.com
ads.samba.tv
ads.stickyadstv.com
alb.reddit.com
amazon.partners.tremorhub.com
analytics.tiktok.com
api-iam.intercom.io
api.forethought.ai
app.launchdarkly.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.acsbapp.com
cdn.amplitude.com
cdn.lr-in-prod.com
cdn.plaid.com
cdn.segment.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
events.launchdarkly.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
js.intercomcdn.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
mwzeom.zeotap.com
o185886.ingest.sentry.io
o36260.ingest.sentry.io
odr.mookie1.com
pi.ispot.tv
pixel.rubiconproject.com
pixel.tapad.com
public-prod-dspcookiematching.dmxleo.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sc-static.net
snap.licdn.com
solve-widget.forethought.ai
ssum-sec.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
usersync.samplicio.us
web.koho.ca
web1.acsbapp.com
webgateway.koho.ca
websdk.appsflyer.com
widget.intercom.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
c1.adform.net
web1.acsbapp.com
www.clarity.ms
www.linkedin.com
104.18.18.126
104.18.6.38
104.36.115.113
104.76.100.229
107.178.246.49
108.138.113.246
108.138.128.117
13.225.223.151
13.226.39.20
13.33.60.116
138.128.247.123
141.226.224.48
142.250.80.2
142.251.40.130
151.101.2.132
151.101.65.140
151.101.66.217
172.232.7.98
18.164.115.222
18.164.96.83
185.167.164.43
199.232.36.157
205.251.251.220
2600:1400:9000::687e:74bb
2600:141b:13::17d7:829b
2600:1f18:612b:4200:438d:f16b:f4fb:94af
2606:4700:10::6816:1857
2606:4700:3034::ac43:a57f
2606:4700::6811:b131
2606:4700::6812:df2e
2606:4700:e2::ac40:850f
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80c::2002
2607:f8b0:4006:817::2008
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81f::2004
2607:f8b0:4006:821::2003
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::396
3.218.90.66
3.221.198.169
3.231.177.24
34.120.195.249
34.206.33.80
34.231.251.147
35.190.126.92
35.190.43.134
35.190.90.30
35.211.178.172
35.244.159.8
35.71.139.29
44.195.236.71
45.79.143.172
50.19.151.202
50.57.31.206
52.0.12.161
52.0.156.250
52.200.232.200
52.205.220.58
52.46.128.147
52.85.61.49
54.175.188.222
63.251.28.233
68.67.160.117
69.12.8.74
69.173.151.100
72.44.48.48
76.13.32.147
8.28.7.83
83.229.67.229
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
014a7b4417ad3e24d4e19865a4b4feb5bf04a5b0faf4a63b527a737956198d0f
016f61f01838ce5e1d9564ffe5a84616a3c4f66048f99f1e89f410a9dc2cad9e
06d95e7c78ae4bd7fc58fe29a222697fa4063a83a676d6169b875e8462a253d9
07f242425d6d8085afa928ba087cc06eb429ed04f273d3177e96d0c677b4cdcd
0a9e7b40607770f5a56e4eae6fb4b433a9c08aaecd4750a15eba83245ec6be7c
19d138c602518b71444616f2922e32b112107983d6e3ae4b70c058b56c55c326
200deff96f3ff8c96f1259db3aea670e766f3647a15c74edb0b42170a15dd7aa
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
274c4bf0d7032abc99af6ad85567b45fdee131d6d94530ed7eb8552456d3a5d4
2ac1f0475659709f981412806b86d083e000ceede96dbfbd0898b9529dfd3364
2c1b65fde8061e09e63a4a93fea9f47512ba90094db86b3a62115ab4f03416f0
2f44c4c0006c2239db8defec6537b0306ed3981369008fc4711bad69fbaf15e1
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
373204d2cf6eb9d4f9e367144ef91f2d4134410054435f8e938dfab694a214a3
38f636e41b30a0597f811a26740bb5b6b48cc3ed562aa4706ed576a7f0da492d
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4758940c0aebb6b022188104c33dccf7c72b9b9fee824575248ae1b047b64f11
48e8b5489088931970427de70d47ce9cfa6fe46cd58e9d5ae8d9c6fa00cdfe9c
4bcc9405ad2fa43230a8f0a4ee5ae882890eda5e91dd1a06f77f465fc9f55c02
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5241a44f952b11c1dfaa0f893d292b82b26c30132466803f1c3ffb294dc9a663
53a90be17c8ccbbcac38315e37155c0e0e26820a03058fb231bb48b63c2cf150
552fb9122879a5717c85bd8012f5d9d7aad4b33550a2faa843ac3a2e7504ca23
56384da2193b6c8acdcc2327bc507a7ab78ca4d0354180d549a20f8a55962129
59c2ed73cddd4b747d9a6b63be5dc21882ef7aef4dead6a029a6eb0011b9ce1d
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c2015dbffa14489493cf08941a2f5734a80e3c19e36f9b7e2b6dd828fe712d9
5c73fafb54146e1a6c32a6e42b78bdb69cdbc6325aa003431072419ab8900e1a
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6533db921fa04e1546686ca9111f2cc38032b09365026cf886e3b4d8f58020d6
6dcdb5d625307386c2d3b21f8b51c43bfd4683fe073b66e884372cd35710c7a1
7039ddbd807be8e5be0933c0cfa099709a6cc2fc9bf3a3e61a2c10ff2147edf8
71b429cf24701e321e233cbbd63f22920b2419764cdb6425695d094bf842fc46
73f075e6b57a855638f866d595bf56ebd102ef552f8b927d845b789c8a1b87be
8239ec3813476a434d3031db13d826e1d645b9402954a82053f509dc0bb2655a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c37cfd5eac2fbb8b1bf3e69f0469cb0c6a8c4f8305e3bae8cd59495bfe12b2
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
85303332bde60992e85edeca7c4369128ba9b98af70b4633a945696fff43fc2c
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8720a148d314c820e9afd3c92693f5a281eaac1f29399c044c6266cd090b9c21
87e2e3928fda45838518a8d4808df0242836769a20417ffdb5e2ce155b2b5dff
8e4bc08fd40dcf2fa96e95eee031f8b5cac67af1c36f5fa0d943662562d0e561
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
937d0fc0c4c2a1b468fcee6070b979dc2cdd953342c60a6eedaa251b03e623c6
9a57722f1b63611971fda47ee19090160f3c11b21405e65327bf6d1a4a6891cd
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9e84d400b955dfb25ab72888aa508375ceb4b7808c721aa550d02fbc4ae21a17
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b463c4dd20b3cbc19ec6283dd35a50a10d926c6efe5e0b054fdc5e3b959b6f19
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b62755476a0d224ae89d5b69f5aa15eb51ef18a2c571fbd3d6a669a7f3e45543
b98f904d3f156851b882b52ef43ec849dae675e0b89e82d250d513dfd84dc2b6
ba411e3d4b6e49e867a0776b153387dfbeda88cb1b8ebdcf9c517a0cf0618338
bac076abf1313e31598959472ecd9336be3b2eb4a8be31ba7dd0a86182a5d830
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
d79545325d9448c94fe3397403bf7c76c50315711a1874ebc41de9af2cc7dc62
d8b5ba93558c08d1859e1dcab828099489a53452fceec73f1e674dd5965604fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
e888a175e3fb186bdc6c58bc176b98c387d4a48aff10b5043c0a269248dd60b1
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
eb342a218b4b7c5d62e4a7cc32c36601b928466729b658e9c7749675e4341a18
eb3b64d44021d764fb620e90c54d8190e488a830fb02b38775463650dd282cb7
eb55ae428ebec6bca22a6b41af803eb480c2c8b189fb0d114281ce6362db10c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cc8d773b76490dd9bd0e20e7a3aff595700e36624978117b9e5b1f92083406
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de
f71cee8d9441d52cdc6f24e9ed0560fa3c0220f8d869b8a0b15751239fe8cca4
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb
fe8b5b8ad60caca35fc45d745d709376477940f68e9679f5444badef4bc051ba