www.yourkpplan.org Open in urlscan Pro
52.25.115.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://inbox.health-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYcDmIb3RkmC0R8xmK8bfHa...
Effective URL:
https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Submission: On August 06 via api (August 6th 2021, 3:32:19 pm UTC) from US

Summary HTTP 55 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 55 HTTP transactions. The main IP is 52.25.115.59, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.yourkpplan.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 7th 2021. Valid for: a year.

This is the only time www.yourkpplan.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
2 14	52.25.115.59 52.25.115.59	16509 (AMAZON-02) (AMAZON-02)
22	104.17.202.85 104.17.202.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.214.203.0 3.214.203.0	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.178.149 52.216.178.149	16509 (AMAZON-02) (AMAZON-02)
11	161.71.8.41 161.71.8.41	14340 (SALESFORCE) (SALESFORCE)
2	13.110.38.200 13.110.38.200	14340 (SALESFORCE) (SALESFORCE)
2	44.240.119.239 44.240.119.239	16509 (AMAZON-02) (AMAZON-02)
1	13.110.39.212 13.110.39.212	14340 (SALESFORCE) (SALESFORCE)
55	8

1 167.89.115.56 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

inbox.health-coverage.kp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.25.115.59 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-115-59.us-west-2.compute.amazonaws.com

www.yourkpplan.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yourkpplan.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.17.202.85 (United States)

ASN13335 (CLOUDFLARENET, US)

kp.qumucloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.qumucloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.203.0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-203-0.compute-1.amazonaws.com

www.glancecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.178.149 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 161.71.8.41 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-lhr4.um1-lo3.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.38.200 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl6-ncg0-phx3.na111-ph2.force.com

explorekp.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.240.119.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-119-239.us-west-2.compute.amazonaws.com

dbs-analytics.sourceflowsales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.39.212 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl8-ncg0-phx3.la4-c2-ph2.salesforceliveagent.com

d.la4-c2-ph2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	qumucloud.com kp.qumucloud.com cdn.qumucloud.com analytics.qumucloud.com Failed	1 MB
14	yourkpplan.org 2 redirects www.yourkpplan.org yourkpplan.org	925 KB
13	force.com service.force.com explorekp.secure.force.com	39 KB
2	sourceflowsales.com dbs-analytics.sourceflowsales.com	67 KB
1	salesforceliveagent.com d.la4-c2-ph2.salesforceliveagent.com	4 KB
1	amazonaws.com s3.amazonaws.com	15 KB
1	glancecdn.net 1 redirects www.glancecdn.net	209 B
1	kp.org 1 redirects inbox.health-coverage.kp.org	364 B
55	8

	Domain	Requested by
18	cdn.qumucloud.com	kp.qumucloud.com cdn.qumucloud.com
13	www.yourkpplan.org	1 redirects www.yourkpplan.org
11	service.force.com	www.yourkpplan.org service.force.com
4	kp.qumucloud.com	www.yourkpplan.org cdn.qumucloud.com
2	dbs-analytics.sourceflowsales.com	www.yourkpplan.org
2	explorekp.secure.force.com	www.yourkpplan.org
1	d.la4-c2-ph2.salesforceliveagent.com	service.force.com
1	s3.amazonaws.com	www.yourkpplan.org
1	www.glancecdn.net	1 redirects
1	yourkpplan.org	1 redirects
1	inbox.health-coverage.kp.org	1 redirects
0	analytics.qumucloud.com Failed	cdn.qumucloud.com
55	12

This site contains links to these domains. Also see Links.

Domain
info.kaiserpermanente.org
www.marylandhealthconnection.gov
www.kaiserpermanente.org
healthy.kaiserpermanente.org
members.kaiserpermanente.org
buykp.org

Subject Issuer	Validity	Valid
www.yourkpplan.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-07` - `2022-02-06`	a year	crt.sh
qumucloud.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.um1.force.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-31` - `2022-03-30`	a year	crt.sh
*.na111.force.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-21` - `2022-06-16`	a year	crt.sh
*.sourceflowsales.com Thawte RSA CA 2018	`2021-03-08` - `2022-03-08`	a year	crt.sh
la4-c2-ph2.salesforceliveagent.com DigiCert SHA2 Secure Server CA	`2020-10-27` - `2021-10-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Frame ID: 8595276CB7E209E3F4F528C163A0E85C
Requests: 23 HTTP requests in this frame

Frame: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Frame ID: 0FB2B998D2F356A040740F5BAEA7FAED
Requests: 13 HTTP requests in this frame

Frame: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Frame ID: CB9604CB0D869682EE1AC9FCA7648782
Requests: 13 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Frame ID: 68755EAA5133601191723DA2F6F6C357
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://inbox.health-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYc... HTTP 302
https://www.yourkpplan.org/email/link?id=12dcc564-45a8-401e-bc94-0f3a46d15525&url=https%3A%2F%2Fyourkpp... HTTP 302
https://yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote HTTP 303
https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

55
Requests

93 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

8
IPs

2
Countries

2116 kB
Transfer

7180 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://info.kaiserpermanente.org/html/gethelp/index.html?kp_shortcut_referrer=kp.org/languages
Title: Other languages

Search URL Search Domain Scan URL

URL: https://www.marylandhealthconnection.gov/
Title: www.marylandhealthconnection.gov

Search URL Search Domain Scan URL

URL: https://www.kaiserpermanente.org/
Title: kp.org

Search URL Search Domain Scan URL

URL: https://healthy.kaiserpermanente.org/health/poc?uri=content:ancillary&ctype=informational&tid=WPP::LXJZXQ4NU&tname=site_context
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://members.kaiserpermanente.org/kpweb/privacystate/entrypage.do
Title: Privacy practices

Search URL Search Domain Scan URL

URL: http://buykp.org/terms-and-conditions.aspx
Title: Terms & conditions

Search URL Search Domain Scan URL

URL: https://healthy.kaiserpermanente.org/health/poc?uri=center:site-policies
Title: Site policies

Search URL Search Domain Scan URL

URL: http://info.kaiserpermanente.org/html/nondiscrimination/select-region-en.html?kp_shortcut_referrer=kp.org/notices
Title: Nondiscrimination notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://inbox.health-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYcDmIb3RkmC0R8xmK8bfHaRLShZ3Kq-2BqPeOMHzCNDoPCgDqOKpNXeKT4Ca0yaTnbh89kIa5ys9p8lNJHy1cWwFAK2cMePcaOWxTKca5e7xVZ153H3eRhGCBpIjZqdWid93NMnBy9v0IwB1nyK9N95pBsY4yh9IvMRuChQbpHPW5Jis-3DFOAe_doCaxM-2FOGI2lRhIP-2BA07DUlVGEKpgVZpjTiyllCHFDxc02OEeBUlcW6RegzVYaXYjq0g14YAzpP-2FBAvBzWAVAoUv1vXb2JlpVrOMLoJpEk8tIKdoKsCE0WMGX3T1LZYK6ZaJ6TS8v7VzgzfboAxzkGh8Ca2HtIH9UvFVv-2Ftfk5x6khElToDUVrS3NZnR62SAJtCit3Xu7b3htr-2BKSju9H234tOTycKr8hNfN2l9JjYlU5E3tAT9nfvcVYGqMD4US HTTP 302
https://www.yourkpplan.org/email/link?id=12dcc564-45a8-401e-bc94-0f3a46d15525&url=https%3A%2F%2Fyourkpplan.org%2F7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7%3F_aid%3Dquote HTTP 302
https://yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote HTTP 303
https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21375&site=production HTTP 302
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set 7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7 Show response
www.yourkpplan.org/
Redirect Chain

http://inbox.health-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYcDmIb3RkmC0R8xmK8bfHaRLShZ3Kq-2BqPeOMHzCNDoPCgDqOKpNXeKT4Ca0yaTnbh89kIa5ys9p8lNJHy1cWw...
https://www.yourkpplan.org/email/link?id=12dcc564-45a8-401e-bc94-0f3a46d15525&url=https%3A%2F%2Fyourkpplan.org%2F7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7%3F_aid%3Dquote
https://yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

92 KB
18 KB

415ms
414ms

Document
text/html

52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

23b696bee9d83ce88b273e87cf5d48d268a419ccb98eb45c9884b6961acc520b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.yourkpplan.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 06 Aug 2021 15:31:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; expires=Sun, 07-Aug-2022 15:31:59 GMT; Max-Age=31622400; path=/; samesite=None; secure _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; expires=Sun, 07-Aug-2022 15:31:59 GMT; Max-Age=31622400; path=/; httponly _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D; path=/; httponly
Strict-Transport-Security: max-age=63072000;
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 06 Aug 2021 15:31:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 162
Connection: keep-alive
Location: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Strict-Transport-Security: max-age=63072000;
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.min.css
www.yourkpplan.org/sites/kp/dist/assets/css/ 174 KB
30 KB 189ms
188ms Stylesheet
text/css 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

231eaa50571ae9992e33c5acaf5eb4f2aceeb8b50339ad5888f1197e30ff2a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 May 2021 16:10:24 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"60956670-2b74a"
Strict-Transport-Security: max-age=63072000;
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK logo.svg
www.yourkpplan.org/sites/kp/dist/assets/images/2020/ 6 KB
6 KB 519ms
170ms Image
image/svg+xml 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yourkpplan.org/sites/kp/dist/assets/images/2020/logo.svg

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e52bfa31a53e1ebb754935fbacfab8085903eb7b0c94107202021ff18b523b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Nov 2020 07:21:59 GMT
Server: nginx
ETag: "5f9e6217-183d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
Accept-Ranges: bytes
Content-Length: 6205
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK marketing_hero.jpg
www.yourkpplan.org/sites/kp/assets/images/2021/hero/ 319 KB
319 KB 785ms
424ms Image
image/jpeg 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yourkpplan.org/sites/kp/assets/images/2021/hero/marketing_hero.jpg

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6bcf084ca494c57d4efdd83fde0050c4fd2f51c5a7aded2713bdfe7e00c508d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Nov 2020 07:21:59 GMT
Server: nginx
ETag: "5f9e6217-4fac5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
Accept-Ranges: bytes
Content-Length: 326341
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK ok_icon.png
www.yourkpplan.org/sites/kp/assets/images/2020/icons/ 286 B
658 B 689ms
170ms Image
image/png 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yourkpplan.org/sites/kp/assets/images/2020/icons/ok_icon.png

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

aba77af88c8b701c1851112ed8f0a16abe49656afb5b636c7fc641cba8d1b91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Nov 2020 07:21:59 GMT
Server: nginx
ETag: "5f9e6217-11e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
Accept-Ranges: bytes
Content-Length: 286
X-Xss-Protection: 1; mode=block

GET
H2 200 Wk7iASvP16f Show response
kp.qumucloud.com/view/ Frame 0FB2 59 KB
20 KB 294ms
202ms Document
text/html 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d25576d2da63d433c40652e564924d072196b8fb0dfd3c461cdeb6d191ac001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: kp.qumucloud.com
:scheme: https
:path: /view/Wk7iASvP16f?autoplay=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yourkpplan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yourkpplan.org/

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-type: text/html;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: KV_CLIENT_SESSION_ID=FJg9rUSDEfm5aiw6AMxnGl; Max-Age=31536000; Expires=Sat, 06-Aug-2022 15:32:00 GMT; Path=/; Secure; HttpOnly; SameSite=None JSESSIONID=77D3C8C47348DFBCF8F9D6D4F234F872; Max-Age=1209600; Expires=Fri, 20-Aug-2021 15:32:00 GMT; Path=/; Secure; HttpOnly; SameSite=None i18next=en-US; Max-Age=31536000; Expires=Sat, 06-Aug-2022 15:32:00 GMT; Path=/; Secure; SameSite=None
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
vary: accept-encoding
content-language: en-US
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwlVCIZfqKTeNc9VzYi6XXvLHuC1r89uvLe4tYfSKmjm%2FleSgJdTcLOeOVApfHZdGduUQf%2FkWmHDb8lfXGstIZYyRjxvsNuD7MSzTHAD55EBjkW9v7sN3ITI11WMYsYwVFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67a950bd0e353b31-CDG
content-encoding: gzip

GET
H2 200 Wk7iASvP16f Show response
kp.qumucloud.com/view/ Frame CB96 59 KB
20 KB 271ms
181ms Document
text/html 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

174e6068cb9d5a11e2309723d4fe4a9e5cda81a0fed0a9d14acebca0bd46c2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: kp.qumucloud.com
:scheme: https
:path: /view/Wk7iASvP16f?autoplay=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.yourkpplan.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yourkpplan.org/

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-type: text/html;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: KV_CLIENT_SESSION_ID=tthJYYMOI44xvbQKxJNdRl; Max-Age=31536000; Expires=Sat, 06-Aug-2022 15:32:00 GMT; Path=/; Secure; HttpOnly; SameSite=None JSESSIONID=58254A35BC638974B829867ED3EFA780; Max-Age=1209600; Expires=Fri, 20-Aug-2021 15:32:00 GMT; Path=/; Secure; HttpOnly; SameSite=None i18next=en-US; Max-Age=31536000; Expires=Sat, 06-Aug-2022 15:32:00 GMT; Path=/; Secure; SameSite=None
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
vary: accept-encoding
content-language: en-US
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BEciLpproQEJn5Vv32QpEzvgoTrS3B1rw2fc6vgndbBd9SOwudkWbecBy6KfWzdq9cfLwNGaT063IpO99KdYeQfVBjsD8ftr39Ju6HxfpiCOwL6VtYHG33ZTxa1p3nruTA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67a950bd0e363b31-CDG
content-encoding: gzip

GET
H/1.1 200
OK logo.svg
www.yourkpplan.org/sites/kp/assets/images/2020/ 6 KB
6 KB 797ms
180ms Image
image/svg+xml 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yourkpplan.org/sites/kp/assets/images/2020/logo.svg

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e52bfa31a53e1ebb754935fbacfab8085903eb7b0c94107202021ff18b523b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Nov 2020 07:21:59 GMT
Server: nginx
ETag: "5f9e6217-183d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
Accept-Ranges: bytes
Content-Length: 6205
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK app.min.js Show response
www.yourkpplan.org/sites/kp/dist/assets/js/ 2 MB
465 KB 375ms
185ms Script
application/javascript 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/sites/kp/dist/assets/js/app.min.js?v=2021.3

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0f480804b0fc282409817aa01da3ea0a8eb2619637a7816c7dc5afe983d08763

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 May 2021 16:10:24 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"60956670-1e6467"
Strict-Transport-Security: max-age=63072000;
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block

GET
H/1.1

200
OK

GlanceCobrowseLoader_4.17.0M.js Show response
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain

https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21375&site=production
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js

15 KB
15 KB

429ms
135ms

Script
application/javascript

52.216.178.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js
Requested by: Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.178.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f76c2aed837deb6ab5069475e5adedd607f88824f83edf9f775d11dca369b6eb

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:01 GMT
Last-Modified: Tue, 08 Dec 2020 22:18:18 GMT
Server: AmazonS3
x-amz-request-id: K9HV5B83CA4NCWNA
ETag: "fb5356e1ee52a4b1f35811057486b6c8"
x-amz-version-id: OJneW9yJx3041yNJX.cgKqRdRLcz5c_f
Cache-Control: public, max-age=31556926
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 15095
x-amz-id-2: XQjBgiUPBjdWHq/sGXNm4iEZPZHOiASghzovVlUT6o1sJ0k/gH2c3mIYyccIoMfvP2+izOPL30M=

Redirect headers

date: Fri, 06 Aug 2021 15:32:00 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
location: https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 195

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 29 KB
9 KB 150ms
34ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

27611fad3c4b4c0b6100038f5039d424d0514b0b650f98ea3062f6c0fa92df19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 06:50:07 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 19 Apr 2021 22:41:40 GMT
Age: 31313
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 8189
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Aug 2021 06:50:07 GMT

GET
H/1.1 200
OK Gotham-Book.woff
www.yourkpplan.org/sites/kp/dist/assets/fonts/ 23 KB
23 KB 448ms
316ms Font
application/font-woff 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/sites/kp/dist/assets/fonts/Gotham-Book.woff

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

39a2f923f8b5567fa276a80b5cb5ebbec1f2986eddbef0e059b09e5b284b3848

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.yourkpplan.org
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Origin: https://www.yourkpplan.org
Referer: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Nov 2020 07:21:59 GMT
Server: nginx
ETag: "5f9e6217-5b1c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
Accept-Ranges: bytes
Content-Length: 23324
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Gotham-Bold.woff
www.yourkpplan.org/sites/kp/dist/assets/fonts/ 31 KB
31 KB 461ms
324ms Font
application/font-woff 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/sites/kp/dist/assets/fonts/Gotham-Bold.woff

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d6efd03844b9edbba5d22286e8b2f1f73004f2f5700dd6135deebd4249898aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.yourkpplan.org
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Origin: https://www.yourkpplan.org
Referer: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Nov 2020 07:21:59 GMT
Server: nginx
ETag: "5f9e6217-7a70"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
Accept-Ranges: bytes
Content-Length: 31344
X-Xss-Protection: 1; mode=block

GET
H2 200 player-v2.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame CB96 40 KB
8 KB 94ms
67ms Stylesheet
text/css 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.css

Requested by

Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7343d91144b9629c30f066e7fe3cebd4089a6d8c18d0fdab1b812d782cd4e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxBdJ4qOUyNaVapOtCuFD%2BH1Z85MFJOGQIvf3UW8cq8W0Rco2E8HGZwvFh80%2BlQggcMqU%2FH4KQ0iKxf3rtGAA9o9bAcVJDIWRqePL3ZM17PJDLatpSiuMbz10dxJ1m%2BdVO9R"}],"group":"cf-nel","max_age":604800}
content-type: text/css
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950be68013b31-CDG

GET
H2 200 default.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/ Frame CB96 11 KB
3 KB 92ms
65ms Stylesheet
text/css 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/default.css

Requested by

Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c931d2b034269d829913ac1ebab2336d9ce233781decc27d8473dce831dea78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud3Vf77nnVruVJoknxZZmEpp%2FajpfFssz5QytXJFYDsoCKdotrNOK%2F7GuLz3ZDvWcsLRtA2yBQwCbrYt55Bnx5aXoJVaRznCTCfpMHi8zUdjjBme8F9FqVKrX2%2BJkp4griWh"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=ISO-8859-1
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950be68023b31-CDG

GET
H2 200 player-v2.loader.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame CB96 4 KB
2 KB 74ms
63ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js

Requested by

Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610942fedcc6e61287a3a7fe2224a21598bb5af7c96e812e0f583cc9b1182e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnTSmEoZ4oGZwZ9QDe5czH1qz8ogB8Juk7vgvQyPXK5n%2Buq8sc07BZ3qveABR%2Br2pgwx2ZqQrrDDCOypG3nQYh5RDPnAdJYRmgjPF0Tt34DSvw0kGpRjV%2BZhAhT%2Bha8KVYDJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950be68033b31-CDG

GET
H2 200 player-v2.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 0FB2 40 KB
8 KB 84ms
84ms Stylesheet
text/css 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.css

Requested by

Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7343d91144b9629c30f066e7fe3cebd4089a6d8c18d0fdab1b812d782cd4e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lIro%2FmK9gY%2B7rXOPjFhFMmmBcLzgEy01ncr2jCahAn0koNmFfde0fzHt7vbtCun78mvoC5HTm5f2H7vbWV8goLsNU0yvWjfIRjJ5FQW0wSd%2BGlTH3Yb9vetiVjXvwY13jTe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950be68043b31-CDG

GET
H2 200 default.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/ Frame 0FB2 11 KB
2 KB 64ms
64ms Stylesheet
text/css 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/default.css

Requested by

Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c931d2b034269d829913ac1ebab2336d9ce233781decc27d8473dce831dea78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKiQ%2BH%2F2dxfBRkkD61IRK7Sb9gJRZHJKbyAaS3crrZYgErKkj1UwYaitUKAvEY3Y%2BlbwkQU5%2BTlrlsHAOKgLXuYfrBbNLmZWEpbMVwmW4OCmThM9zjvJP6qZgy7UZsmd1%2Blw"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=ISO-8859-1
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950be68063b31-CDG

GET
H2 200 player-v2.loader.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 0FB2 4 KB
2 KB 64ms
64ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js

Requested by

Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610942fedcc6e61287a3a7fe2224a21598bb5af7c96e812e0f583cc9b1182e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3BoVa%2FfGrpiHA8CrXE3NRGfSCUVJbFiEgGH%2FGtj5NweHyHGKQBY9ntnM6c5yqXHFFFVZiapC1Zja5AEyH%2Bi95K5eMBbdUmDsg1%2BFfUVK3dk9QUzqGzkHgfTJXm3c1uL9Kf2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950be68073b31-CDG

GET
H2 200 player-v2.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame CB96 1 MB
331 KB 39ms
38ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62abfa3afc73349f1be1456e1efd7928009ad5df059947b9f11be7d19e0ada8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZoffdI8XysWbEUJDT%2FfI1skC97zm9inJTSnGXqrJk1qrB%2BOdcQPSxcNGZBqPKNjqPrWYoac4hXTywpGzidu5Yn0Uam%2F%2FysHDV3TvfWJR2rYw%2BPTMaJT3VTDvhndroBwvSNG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950bed8923b31-CDG

GET
H2 200 player-v2.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 0FB2 1 MB
331 KB 89ms
89ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62abfa3afc73349f1be1456e1efd7928009ad5df059947b9f11be7d19e0ada8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457258
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 08:31:02 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWC78vH4t1ANNvXyn%2B20WVQynXZ3o8TjGfDPpHaW1pSSNpasWeqVesZxzaT3QKEM25pDG0pYP1UunnUnKHx9MROWPm5bagi1zm%2BShUYHiKRHVxRLMDQWPh0YXEeoV4L0h7vM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950bef8ae3b31-CDG

GET
H2 200 geolocate Show response
cdn.qumucloud.com/ Frame CB96 185 B
651 B 202ms
158ms Fetch
application/json 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qumucloud.com/geolocate
Requested by: Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22a9d0c5a991975ebffc1a2135644872123bee0e4939b3854500bb4037da741

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nhsdcd%2FDukwN6SCG17Dk8U%2BwgiMtCAY0l%2B1nfZlYFh%2FXbnnSfmhF%2FkeDV7avMpUxQi%2BAUtJ5KbdsLRmfGjU8PVo7HhT%2BllqNuFuDci4biW%2FryemIJ1DaeIb2qYNcxugc6iND"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-geo-request: CF
cf-ray: 67a950c02b404063-CDG

GET
H2 200 adobe-analytics.js Show response
kp.qumucloud.com/430/client/js-lib/ Frame CB96 46 KB
16 KB 31ms
31ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kp.qumucloud.com/430/client/js-lib/adobe-analytics.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9f171cfae1b102b0d5e35e241a2beabd572d1cd27ec708bd021bd46e51e32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348490
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Aug 2020 14:43:50 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxDXw6%2F80QTdP6%2Fb9PqmJWB5cIACG0I%2Bk2nssbZQW2054apTLF1wOGetIR1rsQPKjUJSS9wj4uhyCraLpA2xTugRnSKjZYcGC8a8Z3W30dcxCljWo%2FuMGj%2FW9SeXwz4SmZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950c01a033b31-CDG

GET
H2 200 1UPztwDRvVQ;wc=1920;hc=1080
cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/ Frame CB96 58 KB
58 KB 48ms
48ms Image
image/jpeg 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/1UPztwDRvVQ;wc=1920;hc=1080

Requested by

Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29172437423729b407768e7522483a6b696b9ae40e5d9c8f253d76eb13fa89a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775723
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Accept-Encoding
content-length: 58927
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jul 2020 16:03:17 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hABJjyNJI0eTUjVF6uFecYy2NIwiI9BsVK7vQ3yMfqm2emyNkagE%2FT6wGQt2jSWcoofY3FDGwtupziTNU9Zv3GZWGWfJlIIzQ3mmlRi2yrD3D1o8z21WAnJXY1uZORj%2FCGnx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 67a950c01a063b31-CDG
cf-bgj: h2pri

GET
H2 200 p-60b54eeb69092161a676.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame CB96 246 KB
72 KB 39ms
38ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-60b54eeb69092161a676.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21299cb5fc052c970acd743e5f402bf7cc6bb65ba15af127824680841d60546a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444975
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 11:55:45 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lmgr1HP0Mg4ltdrTPIjIMVbN3wiBjyyDuWPB6SXcNdCeI%2FXI7O7Mq%2BCgsWtRXZbJQUBvAl6CD9k%2FCK%2FXP3hgN3BG2EhCE0UIwBP7L1VM1jEnd2%2Bo5uiPcBr1BSCgpIttXres"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950c02a0a3b31-CDG

GET
H2 200 p-f0cf42cf0950ae8e38bd.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame CB96 21 KB
6 KB 40ms
40ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-f0cf42cf0950ae8e38bd.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf5869d67369f9cfb3bcb624ca963f08646661018ef1337c8605b4aec26d9ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444975
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 11:55:45 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTY6LMlQP8pF0jXdr7ZhfFBVf0Ky%2BuIrmEV9K6tr9SJdp8cOeD9dl0IsiMTqjBEkYUCl50kLSnV7NX4ok13xOvriPFlP5hXn9zZu%2FpYDSl1e%2FpDAgP1qj3%2F7L7k8QWtaUdK1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950c02a0b3b31-CDG

GET
H2 200 geolocate Show response
cdn.qumucloud.com/ Frame 0FB2 185 B
434 B 151ms
151ms Fetch
application/json 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qumucloud.com/geolocate
Requested by: Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22a9d0c5a991975ebffc1a2135644872123bee0e4939b3854500bb4037da741

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiD6XE02DL3fNxC%2FIXPHTtB7wB%2Bnj3OoZqtd2r7wJbXhQ6xm%2F%2BoVyt1W7Xeen5qEDyllqyvNn9H4%2FdiB6GbKAWs%2FhbZJQ05AMhfq0lnJKbJRHc5B9PKoGx50SjG1vHSwAQMa"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
x-geo-request: CF
cf-ray: 67a950c08ba44063-CDG

GET
H2 200 1UPztwDRvVQ;wc=1920;hc=1080
cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/ Frame 0FB2 58 KB
58 KB 40ms
39ms Image
image/jpeg 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/1UPztwDRvVQ;wc=1920;hc=1080

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29172437423729b407768e7522483a6b696b9ae40e5d9c8f253d76eb13fa89a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775723
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: Accept-Encoding
content-length: 58927
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jul 2020 16:03:17 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6HMCXnNOUXe41vieRsVZAad7HSoSUS1JotOIGobmHG3KvY9KM9VmI4QiIu17Spc1%2BJ7VC94SIaB4oBGjCx0oukHPMiREpEPYaIOZH6szMRLcLKtyAKpbToVeJQFKp7%2BEoid"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 67a950c07a763b31-CDG
cf-bgj: h2pri

GET
H2 200 adobe-analytics.js Show response
kp.qumucloud.com/430/client/js-lib/ Frame 0FB2 46 KB
16 KB 32ms
31ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kp.qumucloud.com/430/client/js-lib/adobe-analytics.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9f171cfae1b102b0d5e35e241a2beabd572d1cd27ec708bd021bd46e51e32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348490
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Aug 2020 14:43:50 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjKoXBKMvCzNJg9DSTZmOic58svWMhcWFTvMA9jxvBHW9uiY7cL3b%2BECcdECP1kFkhic9nV3BoRzyjtgevCYF3wJhzejV73ZNYaA4eMcHSda%2B2l4dsxq5CyZshI5bA2I5CY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950c08a883b31-CDG

GET
H2 200 p-60b54eeb69092161a676.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 0FB2 246 KB
72 KB 36ms
36ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-60b54eeb69092161a676.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21299cb5fc052c970acd743e5f402bf7cc6bb65ba15af127824680841d60546a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444975
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 11:55:45 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VO%2FYGr03uEtCBqP7No9kyqJHi2Y21VuL9KHV%2FaM8fiqKgfJDfzFYGrfB%2B1%2F2M2GYWBF3xQ7ukJQ2MHJO1Zn5Rd%2Fo0ot0YHykk9Gg2MEkQ%2FR6WUhZCqzHFRy890HYeW%2BAD5Qq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950c09a8e3b31-CDG

GET
H2 200 p-f0cf42cf0950ae8e38bd.js Show response
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 0FB2 21 KB
6 KB 38ms
38ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-f0cf42cf0950ae8e38bd.js

Requested by

Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf5869d67369f9cfb3bcb624ca963f08646661018ef1337c8605b4aec26d9ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444975
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary: accept-encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Sat, 01 Aug 2020 11:55:45 +0000
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx5bB73NzQEdsEVcj6mfLQ9K0zMVpFBdXpXmZerUCbgmWQb6QI%2BT57MIzhfPK9E6scaBfJC37Ep3uFWjASPOnV3Ua1LBH4RLY3POeV0zh7aUlHnhlvRej4fhokYoVwIbFj33"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public,max-age=31536000
cf-ray: 67a950c09a8f3b31-CDG

GET
H2 200 nr-spa-1208.min.js Show response
cdn.qumucloud.com/ Frame CB96 42 KB
16 KB 80ms
79ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qumucloud.com/nr-spa-1208.min.js
Requested by: Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3905
cf-ray: 67a950c0dad93b31-CDG
x-cache: HIT
content-length: 15815
x-amz-id-2: SJwlHEEUUvtQ/HmRtBjBXj5CakeCmW1L6aVdz67bZP5N03qcWOw2chDZymJeOlSw92USG3iHDs4=
x-served-by: cache-cdg20725-CDG
last-modified: Wed, 10 Mar 2021 16:24:31 GMT
server: cloudflare
x-timer: S1625676307.245262,VS0,VE0
etag: "d9d4f5c3991c0454eca3e6b2ddfe31d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p85EnAFcOTWfwHbAbSLqt8Mk4hynZXPvFjq7HUmQfq9QIPqTgJsHsW1MMG0wB%2FnTpTLsgZ%2BwMIpwkJDixvwodS0zwcSfTM3vsYQsuYabNhwo6vvF0I27Z4rgYzupa8zG2lcM"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: TVV68QHW35HQH1Q1
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
x-amz-version-id: Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 547

GET
H2 200 nr-spa-1208.min.js Show response
cdn.qumucloud.com/ Frame 0FB2 42 KB
16 KB 62ms
61ms Script
application/javascript 104.17.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qumucloud.com/nr-spa-1208.min.js
Requested by: Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Request headers

Referer: https://kp.qumucloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:00 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3905
cf-ray: 67a950c0fb063b31-CDG
x-cache: HIT
content-length: 15815
x-amz-id-2: SJwlHEEUUvtQ/HmRtBjBXj5CakeCmW1L6aVdz67bZP5N03qcWOw2chDZymJeOlSw92USG3iHDs4=
x-served-by: cache-cdg20725-CDG
last-modified: Wed, 10 Mar 2021 16:24:31 GMT
server: cloudflare
x-timer: S1625676307.245262,VS0,VE0
etag: "d9d4f5c3991c0454eca3e6b2ddfe31d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHOPT2vB5sb9%2FJ8NGptZ4EU5czPbZiCYKMfjOLGpSFAo5EyfdOe1pbJ%2BtxYp2%2FFWX8iZWwsrdr%2BO10LLFRf%2Bs%2BMNs4KvbhGwHTuA55lIXqkaw8T0tCqylTpJV%2FxIMFr8XBHo"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: TVV68QHW35HQH1Q1
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
x-amz-version-id: Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 547

GET 245c3146b4
analytics.qumucloud.com/1/ Frame CB96 0
0

GET 245c3146b4
analytics.qumucloud.com/1/ Frame 0FB2 0
0

OPTIONS
H/1.1 200
OK chathoop
explorekp.secure.force.com/KPIF/services/apexrest/ Frame 0
0 1102ms
161ms Preflight 13.110.38.200
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://explorekp.secure.force.com/KPIF/services/apexrest/chathoop?buttonId=5733h000000DN11

Protocol

HTTP/1.1

Server

13.110.38.200 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg0-phx3.na111-ph2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.yourkpplan.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 06 Aug 2021 15:32:01 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: origin-when-cross-origin
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Access-Control-Allow-Origin: https://www.yourkpplan.org
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: X-SFDC-Request-Id,content-type
Transfer-Encoding: chunked

GET
H/1.1 200
OK chathoop Show response
explorekp.secure.force.com/KPIF/services/apexrest/ 4 B
1 KB 211ms
210ms XHR
application/json 13.110.38.200
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://explorekp.secure.force.com/KPIF/services/apexrest/chathoop?buttonId=5733h000000DN11

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.38.200 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg0-phx3.na111-ph2.force.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Fri, 06 Aug 2021 15:32:02 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Transfer-Encoding: chunked
Access-Control-Allow-Methods: HEAD, GET, POST, PUT, PATCH, DELETE
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.yourkpplan.org
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Access-Control-Allow-Credentials: false
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536004; includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 piwik.js Show response
dbs-analytics.sourceflowsales.com/js/ 328 KB
67 KB 600ms
192ms Script
application/javascript 44.240.119.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbs-analytics.sourceflowsales.com/js/piwik.js
Requested by: Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.119.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-119-239.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b25dbd3d4a10380d977109869927ea351140040d42cdf60af3e1130d7019c5d2

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:01 GMT
content-encoding: gzip
last-modified: Mon, 20 Aug 2018 05:12:25 GMT
server: nginx
etag: W/"5b7a4db9-51feb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

POST 245c3146b4
analytics.qumucloud.com/events/1/ Frame 0FB2 0
0

POST 245c3146b4
analytics.qumucloud.com/events/1/ Frame CB96 0
0

POST
H/1.1 200
OK init Show response
www.yourkpplan.org/api/ 1 KB
987 B 259ms
259ms XHR
application/json 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/api/init

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/js/app.min.js?v=2021.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3d8c75d58ceec68c0ce63f5e230b9d96e4e2685df1c81d0521f50480cf76d469

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.yourkpplan.org
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: Q9ZQ2uZZASVWETh2P-GCHcEhSgDoJaYg1Wi6YSG8GLQ1jme-p2lRdGdde0FQqbVzt218eN5D53-SWIIxEuVRww==
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Content-Length: 52
Pragma: no-cache
Host: www.yourkpplan.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Sec-Fetch-Site: same-origin
Accept: application/json, text/plain, */*
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
X-CSRF-Token: Q9ZQ2uZZASVWETh2P-GCHcEhSgDoJaYg1Wi6YSG8GLQ1jme-p2lRdGdde0FQqbVzt218eN5D53-SWIIxEuVRww==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 06 Aug 2021 15:32:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000;
Content-Type: application/json; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK Gotham-Medium.woff
www.yourkpplan.org/sites/kp/dist/assets/fonts/ 23 KB
24 KB 343ms
342ms Font
application/font-woff 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/sites/kp/dist/assets/fonts/Gotham-Medium.woff

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

777395e7a3c9af151315c6b5189d2b44fb352431418fefe995ad9b564cae6be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.yourkpplan.org
Accept-Encoding: gzip, deflate, br
Host: www.yourkpplan.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Origin: https://www.yourkpplan.org
Referer: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 15:32:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 01 Nov 2020 07:21:59 GMT
Server: nginx
ETag: "5f9e6217-5ca4"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Connection: keep-alive
Strict-Transport-Security: max-age=63072000;
Accept-Ranges: bytes
Content-Length: 23716
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK counties Show response
www.yourkpplan.org/api/ 622 B
779 B 287ms
287ms XHR
application/json 52.25.115.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yourkpplan.org/api/counties

Requested by

Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/js/app.min.js?v=2021.3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-115-59.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7d17e5bfdb248e7c07619b3d97a2adaddc3ce444214f7f6125ad6b7393341760

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.yourkpplan.org
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: Q9ZQ2uZZASVWETh2P-GCHcEhSgDoJaYg1Wi6YSG8GLQ1jme-p2lRdGdde0FQqbVzt218eN5D53-SWIIxEuVRww==
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: APPSESSID=2u1h76ppq3rkhr2h1ef3nftqj0; urlCode=7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=c2c0867d00bb20bd01649602b6a631db20f62662356030ae308774b6ce4fb24aa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22vX7dA0PQ1LC7oH7nvL6x6fA_G08P3YIw%22%3B%7D
Connection: keep-alive
Content-Length: 2144
Pragma: no-cache
Host: www.yourkpplan.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Sec-Fetch-Site: same-origin
Accept: application/json, text/plain, */*
Referer: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
X-CSRF-Token: Q9ZQ2uZZASVWETh2P-GCHcEhSgDoJaYg1Wi6YSG8GLQ1jme-p2lRdGdde0FQqbVzt218eN5D53-SWIIxEuVRww==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 06 Aug 2021 15:32:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000;
Content-Type: application/json; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Xss-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 piwik.php
dbs-analytics.sourceflowsales.com/ 43 B
445 B 289ms
288ms Image
image/gif 44.240.119.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbs-analytics.sourceflowsales.com/piwik.php?action_name=Marketing%20Microsite&idsite=1&rec=1&r=466071&h=17&m=32&s=1&url=https%3A%2F%2Fwww.yourkpplan.org%2F7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7%3F_aid%3Dquote%23%2Fquote&_id=95cfe4dd5ab5ef4c&_idts=1628263922&_idvc=1&_idn=0&_refts=0&_viewts=1628263922&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22purl_id%22%2C%227434574%22%5D%2C%222%22%3A%5B%22market%22%2C%22CA%22%5D%2C%223%22%3A%5B%22campaign%22%2C%22233050%22%5D%2C%224%22%3A%5B%22agent%22%2C%22%22%5D%2C%225%22%3A%5B%22type%22%2C%22Web%20Purchase%20Lead%20Microsite%22%5D%7D&_cvar=%7B%221%22%3A%5B%22purl_id%22%2C%227434574%22%5D%7D&gt_ms=415&pv_id=PKMbfp
Requested by: Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.119.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-119-239.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 15:32:02 GMT
content-type: image/gif
server: nginx

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 3 KB
2 KB 35ms
34ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 00:47:47 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 19 Apr 2021 22:40:54 GMT
Age: 53055
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1264
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Aug 2021 00:47:47 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
4 KB 45ms
44ms Stylesheet
text/css 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 23:07:45 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 59057
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 Aug 2021 23:07:45 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 81ms
36ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 23:07:40 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 28 Apr 2021 04:42:26 GMT
Age: 59062
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5701
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 Aug 2021 23:07:40 GMT

GET
H/1.1 200
OK Cookie set esw.html Show response
service.force.com/embeddedservice/5.0/ Frame 6875 194 B
1 KB 37ms
36ms Document
text/html 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.yourkpplan.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.yourkpplan.org/

Response headers

Date: Fri, 06 Aug 2021 15:32:02 GMT
Set-Cookie: CookieConsentPolicy=0:0; domain=service.force.com; path=/; expires=Sat, 06-Aug-2022 15:32:02 GMT; Max-Age=31536000 BrowserId=cnfN1_bLEeulxjnmvjT14A; domain=.force.com; path=/; expires=Sat, 06-Aug-2022 15:32:02 GMT; Max-Age=31536000 BrowserId_sec=cnfN1_bLEeulxjnmvjT14A; domain=.force.com; path=/; expires=Sat, 06-Aug-2022 15:32:02 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Sat, 07 Aug 2021 15:32:02 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame 6875 5 KB
2 KB 35ms
35ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 23:07:40 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 Mar 2021 00:36:08 GMT
Age: 59062
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1804
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 Aug 2021 23:07:40 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 6875 2 KB
1 KB 35ms
34ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 23:07:40 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 18:51:46 GMT
Age: 59062
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 768
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 Aug 2021 23:07:40 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 6875 2 KB
1 KB 35ms
35ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 00:47:51 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Age: 53051
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 779
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Aug 2021 00:47:51 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 6875 22 KB
5 KB 35ms
35ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 08:44:46 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 22 Mar 2021 16:55:48 GMT
Age: 24436
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4989
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Aug 2021 08:44:46 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/ 16 KB
4 KB 935ms
151ms Script
text/javascript 13.110.39.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D3h000002B4lb&EmbeddedServiceConfig.configName=KPIF_93708&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.39.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-phx3.la4-c2-ph2.salesforceliveagent.com

Software

Resource Hash

9cc6ed4f8881e490f111860af6ffd7128502b45ab39a2b30469806a621d22d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 18 KB
5 KB 36ms
36ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yourkpplan.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 08:44:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Apr 2021 16:21:22 GMT
Age: 24437
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4477
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Aug 2021 08:44:45 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Origin: https://www.yourkpplan.org
Referer: https://service.force.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 6875 473 B
745 B 35ms
34ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 23:09:37 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 58945
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 231
X-XSS-Protection: 1; mode=block
Expires: Fri, 06 Aug 2021 23:09:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.qumucloud.com
URL: https://analytics.qumucloud.com/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=783&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f&be=283&fe=696&dc=382&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1628263920068,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:94,%22rp%22:274,%22rpe%22:296,%22dl%22:277,%22di%22:382,%22ds%22:382,%22de%22:383,%22dc%22:696,%22l%22:696,%22le%22:696%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22PlayerVersion%22:%222%22,%22userAgentOSVersion%22:%2210%22%7D&jsonp=NREUM.setToken

Domain: analytics.qumucloud.com
URL: https://analytics.qumucloud.com/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=790&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f&be=310&fe=722&dc=397&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1628263920067,%22n%22:0,%22f%22:1,%22dn%22:5,%22dne%22:51,%22c%22:51,%22s%22:70,%22ce%22:95,%22rq%22:95,%22rp%22:297,%22rpe%22:307,%22dl%22:300,%22di%22:397,%22ds%22:397,%22de%22:397,%22dc%22:722,%22l%22:722,%22le%22:723%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22PlayerVersion%22:%222%22,%22userAgentOSVersion%22:%2210%22%7D&jsonp=NREUM.setToken

Domain: analytics.qumucloud.com
URL: https://analytics.qumucloud.com/events/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=915&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f

Domain: analytics.qumucloud.com
URL: https://analytics.qumucloud.com/events/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=917&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js(Line 97) Message: Kollective SDK v1.1.0
console-api	log	URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js(Line 97) Message: Kollective SDK v1.1.0
console-api	error	URL: https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21375&site=production(Line 35) Message: ERR_COBROWSE_NOT_SUPP
console-api	log	URL: https://www.yourkpplan.org/7UM7WKRFQCAWALDU6GEMPAQV9VYPG8R7?_aid=quote(Line 1068) Message: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.qumucloud.com
cdn.qumucloud.com
d.la4-c2-ph2.salesforceliveagent.com
dbs-analytics.sourceflowsales.com
explorekp.secure.force.com
inbox.health-coverage.kp.org
kp.qumucloud.com
s3.amazonaws.com
service.force.com
www.glancecdn.net
www.yourkpplan.org
yourkpplan.org
analytics.qumucloud.com
104.17.202.85
13.110.38.200
13.110.39.212
161.71.8.41
167.89.115.56
3.214.203.0
44.240.119.239
52.216.178.149
52.25.115.59
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0c931d2b034269d829913ac1ebab2336d9ce233781decc27d8473dce831dea78
0f480804b0fc282409817aa01da3ea0a8eb2619637a7816c7dc5afe983d08763
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0
174e6068cb9d5a11e2309723d4fe4a9e5cda81a0fed0a9d14acebca0bd46c2fc
21299cb5fc052c970acd743e5f402bf7cc6bb65ba15af127824680841d60546a
231eaa50571ae9992e33c5acaf5eb4f2aceeb8b50339ad5888f1197e30ff2a1b
23b696bee9d83ce88b273e87cf5d48d268a419ccb98eb45c9884b6961acc520b
27611fad3c4b4c0b6100038f5039d424d0514b0b650f98ea3062f6c0fa92df19
29172437423729b407768e7522483a6b696b9ae40e5d9c8f253d76eb13fa89a2
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
39a2f923f8b5567fa276a80b5cb5ebbec1f2986eddbef0e059b09e5b284b3848
3d8c75d58ceec68c0ce63f5e230b9d96e4e2685df1c81d0521f50480cf76d469
5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
610942fedcc6e61287a3a7fe2224a21598bb5af7c96e812e0f583cc9b1182e9e
62abfa3afc73349f1be1456e1efd7928009ad5df059947b9f11be7d19e0ada8b
6bcf084ca494c57d4efdd83fde0050c4fd2f51c5a7aded2713bdfe7e00c508d0
777395e7a3c9af151315c6b5189d2b44fb352431418fefe995ad9b564cae6be5
7d17e5bfdb248e7c07619b3d97a2adaddc3ce444214f7f6125ad6b7393341760
7d25576d2da63d433c40652e564924d072196b8fb0dfd3c461cdeb6d191ac001
8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b
98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82
9cc6ed4f8881e490f111860af6ffd7128502b45ab39a2b30469806a621d22d0f
aba77af88c8b701c1851112ed8f0a16abe49656afb5b636c7fc641cba8d1b91d
b25dbd3d4a10380d977109869927ea351140040d42cdf60af3e1130d7019c5d2
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
c7343d91144b9629c30f066e7fe3cebd4089a6d8c18d0fdab1b812d782cd4e5f
cdf5869d67369f9cfb3bcb624ca963f08646661018ef1337c8605b4aec26d9ac
d6efd03844b9edbba5d22286e8b2f1f73004f2f5700dd6135deebd4249898aa2
e22a9d0c5a991975ebffc1a2135644872123bee0e4939b3854500bb4037da741
e52bfa31a53e1ebb754935fbacfab8085903eb7b0c94107202021ff18b523b0f
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef9f171cfae1b102b0d5e35e241a2beabd572d1cd27ec708bd021bd46e51e32a
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
f76c2aed837deb6ab5069475e5adedd607f88824f83edf9f775d11dca369b6eb
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

www.yourkpplan.org Open in urlscan Pro 52.25.115.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

93 %HTTPS

0 %IPv6

8 Domains

12 Subdomains

8 IPs

2 Countries

2116 kBTransfer

7180 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.yourkpplan.org Open in urlscan Pro
52.25.115.59 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

93 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

8
IPs

2
Countries

2116 kB
Transfer

7180 kB
Size

0
Cookies

55 HTTP transactions
1 data transactions