URL: http://rwtcoronavirusupdate.com/
Submission Tags: falconsandbox
Submission: On May 25 via api from US

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 38 HTTP transactions. The main IP is 184.168.131.241, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is rwtcoronavirusupdate.com.
This is the only time rwtcoronavirusupdate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 cdnjs.cloudflare.com pages.kw.com
4 fonts.gstatic.com fonts.googleapis.com
4 storage.googleapis.com pages.kw.com
4 maps.googleapis.com pages.kw.com
maps.googleapis.com
3 s3.amazonaws.com pages.kw.com
2 www.facebook.com pages.kw.com
2 connect.facebook.net pages.kw.com
connect.facebook.net
2 kong.command-api.kw.com pages.kw.com
2 fonts.googleapis.com pages.kw.com
s3.amazonaws.com
1 www.gstatic.com www.google.com
1 www.google.com pages.kw.com
1 unpkg.com pages.kw.com
1 cdn.jsdelivr.net pages.kw.com
1 kw-console-assets.s3.amazonaws.com pages.kw.com
1 d1azc1qln24ryf.cloudfront.net pages.kw.com
1 pages.kw.com rwtcoronavirusupdate.com
1 rwtcoronavirusupdate.com
38 17

This site contains no links.

Subject Issuer Validity Valid
pages.kw.com
R3
2021-05-21 -
2021-08-19
3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-08-04 -
2021-08-09
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-01-11 -
2022-02-11
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-05-18 -
2022-03-26
10 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.command-api.kw.com
RapidSSL RSA CA 2018
2020-04-30 -
2022-05-30
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh

This page contains 2 frames:

Primary Page: http://rwtcoronavirusupdate.com/
Frame ID: C16722FA1E53A2735523D96BC7C893D5
Requests: 1 HTTP requests in this frame

Frame: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Frame ID: 554557360D6E64CFC87275B63E37E30F
Requests: 37 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

97 %
HTTPS

68 %
IPv6

12
Domains

17
Subdomains

19
IPs

3
Countries

1456 kB
Transfer

2693 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rwtcoronavirusupdate.com/
391 B
568 B
Document
General
Full URL
http://rwtcoronavirusupdate.com/
Protocol
HTTP/1.1
Server
184.168.131.241 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-184-168-131-241.ip.secureserver.net
Software
nginx/1.16.1 /
Resource Hash
bab1c049f4578223d747098c5a421b9350d09c92c670d7d86d252af6fa74abbf

Request headers

Host
rwtcoronavirusupdate.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Tue, 25 May 2021 15:29:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
bqabs9r8thc1ke7k0c9g.html
pages.kw.com/renee-white/122704/ Frame 5545
30 KB
31 KB
Document
General
Full URL
https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Requested by
Host: rwtcoronavirusupdate.com
URL: http://rwtcoronavirusupdate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.6.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
176.6.211.130.bc.googleusercontent.com
Software
/
Resource Hash
2bc691d1e61d40a957377cbd815941e583b2d0afc4a09e4a0d8e8de77fda950c

Request headers

:method
GET
:authority
pages.kw.com
:scheme
https
:path
/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
frame
referer
http://rwtcoronavirusupdate.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rwtcoronavirusupdate.com/

Response headers

content-length
31076
content-type
text/html
date
Tue, 25 May 2021 15:29:56 GMT
via
1.1 google
alt-svc
clear
real.css
s3.amazonaws.com/kw-console-assets/css/ Frame 5545
115 KB
115 KB
Stylesheet
General
Full URL
https://s3.amazonaws.com/kw-console-assets/css/real.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.71.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7e7219035199666be957f506333b056672a3ab26d501f56d0d7335e01b54c514

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 25 May 2021 15:29:57 GMT
Last-Modified
Tue, 29 Oct 2019 19:58:00 GMT
Server
AmazonS3
x-amz-request-id
1QZYSR49BBYHGXVQ
ETag
"7b6a63ca9b87e04a45e9df06128197da"
Content-Type
text/css
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
117301
x-amz-id-2
928rMLmnWKtqRNXY3sGI7LTW0a8IOxxMGtz+YpZvHX8GirAJGtd8hBaMERTKvZs7oK5GdaYiBKg=
style-cf.css
d1azc1qln24ryf.cloudfront.net/149221/KW/ Frame 5545
14 KB
3 KB
Stylesheet
General
Full URL
https://d1azc1qln24ryf.cloudfront.net/149221/KW/style-cf.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.161.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-161-10.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84eb98d074673cae335c60426ee1afe80518de30d2814e65d03ee168ea6eabf4

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 14:38:43 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 14:38:12 GMT
server
AmazonS3
age
435074
etag
"32c2ca6345d7608e03d78ea7ef9878c3"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
cache-control
max-age=31000000
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-length
2655
x-amz-cf-id
ZOQhYFDG7jOv_RqXioDLxKA-gMA8sIR0U5kIYLYAweDTs2oi64CesA==
prefixed-consumer-grid.css
kw-console-assets.s3.amazonaws.com/css/ Frame 5545
220 KB
220 KB
Stylesheet
General
Full URL
https://kw-console-assets.s3.amazonaws.com/css/prefixed-consumer-grid.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.142.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fafdf01a280079f8b79ce3183e5b5bffd61b11f1565a376b1886a369dfdffa32

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 25 May 2021 15:29:57 GMT
Last-Modified
Mon, 04 Nov 2019 16:15:18 GMT
Server
AmazonS3
x-amz-request-id
1QZKZPH7GH26PV4X
ETag
"412c974cb7bce2de673607134fbd623f"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
225084
x-amz-id-2
pvL+e7/L16lJuGzh9WkYvgmGukpCj6LSAdJs3iV65dvBDg4aQIv0HRzfd76Nfa2JfhXTWthPZGU=
nouislider.min.css
cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/ Frame 5545
4 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/nouislider.min.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3323ce4a9aebf7fbd1c174d8734b1ac3ceb297318cd8755129651f1c816d6bbe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2826531
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
921
cf-request-id
0a45beab560000175e649b9000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-f0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J9L7RiVv5g9nrbKXJpc7MLsiegQJM6O37Ss6i%2FNP%2BypQGKY7KkPrA4bTmbt%2BipMh6tXw5%2FSCyRQw6OvFtNTxKUdvruAg%2Fgy8ujFxfjAqCmSiI5KgT%2BWDUxpy0U2QAMLE0qb%2Bwb9kN0bJcqVj%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
654fcd588cc8175e-FRA
expires
Sun, 15 May 2022 15:29:56 GMT
tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ Frame 5545
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1709701
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
573
cf-request-id
0a45beab570000175e26ae1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-882"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qQDDuID%2FYdjop9nDVbpCELgMkA6fxSBmSsGq3UCnLx3ymATF7Z4OLk3Bd8xWXG213BbqJXmw%2Fn9ARvMnPpiQhyuhEqMGp1N39%2BJAZqXeEgos4E6JiTt9S%2FmqngmwCLy7oDg5VgWtU%2BF7OfIcbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
654fcd588cca175e-FRA
expires
Sun, 15 May 2022 15:29:56 GMT
css
fonts.googleapis.com/ Frame 5545
33 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8582885481b138fc8e1f7216d4193c5cca91f160cf052f52d23ad4e1c0da6d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 May 2021 15:29:56 GMT
server
ESF
date
Tue, 25 May 2021 15:29:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 May 2021 15:29:56 GMT
js
maps.googleapis.com/maps/api/ Frame 5545
135 KB
44 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
67ff4ab2f45181f16ca8589db84791642343a135f95c3d77e548955b9941cdaa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=14
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45026
x-xss-protection
0
expires
Tue, 25 May 2021 15:59:56 GMT
es5-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.9/ Frame 5545
25 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.9/es5-shim.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1020414
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7596
cf-request-id
0a45beab570000175edd8ab000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-636d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u1DdowGT5vkHs90QjE%2B3%2BSmek3R99o%2Fx6sta4lKzvRaRAkOnLDGbU4RrJfsJIaznoxvuRc6Rg5tEGFf4jpJ52l91xrPaannqnKnYNc%2BUv4oxdyNHyQ4Jms3qALX6jnTxwZYNaazHsgziLV3ZtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
654fcd588ccc175e-FRA
expires
Sun, 15 May 2022 15:29:56 GMT
es6-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.9.3/ Frame 5545
16 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.9.3/es6-shim.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88523d4d96f0cc7b8fc1846963d2122ad4fc7e72d9fa6a3b4bb164a96e702d48
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3083951
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4820
cf-request-id
0a45beab570000175e19bf2000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-3ecd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PzxWwqfkGt1EH38Zf6Ir0tf9FcMf7vAB6yIRPLubd8hF4R79EASz%2Ffne9w2SSxhYH8nuydTZPij3CyVw66Sb32aqeT3DwQ1Ne9mKSeirDeXpS1ZOUZjAvsoAwukXx9oyXaa0WUfVWwQ0nmaPeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
654fcd588cd0175e-FRA
expires
Sun, 15 May 2022 15:29:56 GMT
nouislider.min.js
cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/ Frame 5545
22 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/nouislider.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57bebe1420e09ea56a69f510ef8728891eea03719de99955b8581dc1c1821a57
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3264223
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6961
cf-request-id
0a45beab580000175e68a01000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-5740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MLjEmrGvadXp3qtRCasi4z34KsMBlSCGe0KyRx2JHfcvL7mzbf9aDZmsm5dGC4rBrIjTJnlaLGOrRpzZrN5dbUscuxseATiXsZCL1%2BamAph4P8%2FC3TORytEK4GJFadyhvmhYhM2zO%2FLxKMQRfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
654fcd588cd2175e-FRA
expires
Sun, 15 May 2022 15:29:56 GMT
Chart.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/ Frame 5545
205 KB
55 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/Chart.bundle.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
377106
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55786
cf-request-id
0a45beab580000175e08bd2000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:03:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cee-335f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I8k01%2B7KfRLpDTsPX%2BiMrQUi17b6YvsKSDghSH12FV8Jffsci8B3nfcffuF6DYixAWRTm4lrpTXkKcxd5pGE%2BHsbl%2FRyHHNBxuPI4MRLF7mRwDxGhu%2FdRxLAY5mH6S1Z3jdpqNC01eXI0QWdtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
654fcd588cd5175e-FRA
expires
Sun, 15 May 2022 15:29:56 GMT
tiny-slider.js
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/min/ Frame 5545
31 KB
12 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/min/tiny-slider.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5abbe1236a010bbe65bb5e80ce833e0308a1dea741ae0be930e94f0640aa3de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1715001
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11348
cf-request-id
0a45beab5c0000175e05032000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffd-7bf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=obSWtH3zQBkOLqSkwiI3m87leDAio%2BGplSAbt6piOoV%2BuWrCEZBV39nlR6duVmcx6Pql%2BBkSrQ6QltO%2FUmONz2VqcyutFhe79Y5D97HWSuUiJflP0p3EkFJnJzfNyY1BipTJMAwdDEwKHVdCsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
654fcd588cd9175e-FRA
expires
Sun, 15 May 2022 15:29:56 GMT
lodash.min.js
cdn.jsdelivr.net/npm/lodash@4.17.11/ Frame 5545
72 KB
24 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/lodash@4.17.11/lodash.min.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3770273
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
24378
etag
W/"11e0d-3OXT28m77PLKdI3jgbSD65CA5Po"
x-served-by
cache-fra19161-FRA, cache-hhn4022-HHN
date
Tue, 25 May 2021 15:29:56 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
libphonenumber-max.js
unpkg.com/libphonenumber-js@1.7.25/bundle/ Frame 5545
191 KB
51 KB
Script
General
Full URL
https://unpkg.com/libphonenumber-js@1.7.25/bundle/libphonenumber-max.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e623d04e8a834a3b7f7db612864db46c8804ae9fde647bb5ef897373b8266c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
3110546
fly-request-id
01F3NBWQEFDNC4WYHD3CEMHK84
content-encoding
br
vary
Accept-Encoding
cf-request-id
0a45beab5900001772891d5000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"2faad-K2kqRDH6GxMiJZ7v2NWbIJY0iJM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
654fcd588fef1772-FRA
informal.svg
s3.amazonaws.com/kw-console-assets/images/kw-logos/ Frame 5545
705 B
1 KB
Image
General
Full URL
https://s3.amazonaws.com/kw-console-assets/images/kw-logos/informal.svg
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.71.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8604d3eec7c80801fd4b09422bf218549e84ac8cc78a24d6af061502958a1726

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 25 May 2021 15:29:58 GMT
Last-Modified
Tue, 11 Sep 2018 19:00:55 GMT
Server
AmazonS3
x-amz-request-id
XHG0QYG613667H2S
ETag
"d6216ae032abe8f49988b7554ffeea69"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
705
x-amz-id-2
NBk/1bTzC02XazuSa0/KBbJN2ElW3Ewkhx4vRWcqbox5IfaWZ/22UZqUQ8ijLX2xWBtFFHQppT8=
bqbm32sm2er9fo3d6600
storage.googleapis.com/attachment-prod-e2ad/ Frame 5545
97 KB
98 KB
Image
General
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/bqbm32sm2er9fo3d6600
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e828c7295eea88df254f0ec87f91e458e2959ad4c2dd9a5ff0774a0bfb345df9

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:57 GMT
x-guploader-uploadid
ABg5-UzjxKvPKT-SJ8Y9S-DDp0HTbGEgpqweYeJqJK8swfTstfrT5qQPtU1zamJJIaXtQgc_15ObPRcJCsAGqFvOKyZgp3WHjw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=Copy of Copy of Copy of COVID-19 Website Page.png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99642
x-goog-meta-file-name
Copy of Copy of Copy of COVID-19 Website Page.png
last-modified
Wed, 15 Apr 2020 19:33:31 GMT
server
UploadServer
etag
"f42a414ec98e45156940ea313df00fa0"
x-goog-hash
crc32c=eUzFZQ==, md5=9CpBTsmORRVpQOoxPfAPoA==
x-goog-generation
1586979211623965
access-control-allow-origin
*
cache-control
Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length
99642
accept-ranges
bytes
content-type
image/png
expires
Tue, 25 May 2021 15:29:57 GMT
primary.svg
s3.amazonaws.com/kw-console-assets/images/kw-logos/ Frame 5545
3 KB
3 KB
Image
General
Full URL
https://s3.amazonaws.com/kw-console-assets/images/kw-logos/primary.svg
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.71.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
dea27875291d291aa06e8924d16bf8f2ff6754ea6d2c2cf4ffe4bc8da2b90cdc

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 25 May 2021 15:29:58 GMT
Last-Modified
Tue, 11 Sep 2018 19:01:05 GMT
Server
AmazonS3
x-amz-request-id
XHG0K2T3PWPGS88K
ETag
"47b93eaf62770c73a9f4e323d8741ef6"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2659
x-amz-id-2
Pop7/3LxYpWlh5W8KkWZSGA/ZArVpBTJAxt2Og7G04HZIEbt8F8vB3wYNgbef4+GP/IVXdumKNU=
api.js
www.google.com/recaptcha/ Frame 5545
909 B
676 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f28099a1e0001e3576234df6ffbd94b0996cad3a8e45208f7f261bfcf1b8ce0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Tue, 25 May 2021 15:29:57 GMT
css
fonts.googleapis.com/ Frame 5545
3 KB
547 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,700
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/kw-console-assets/css/real.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
799a5961762fd15a4e5d7c845389f280a791a018bae59eb0aeacffde0a33a416
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 25 May 2021 14:57:27 GMT
server
ESF
date
Tue, 25 May 2021 15:29:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 May 2021 15:29:57 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 5545
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pages.kw.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 07:13:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
age
29775
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
expires
Wed, 25 May 2022 07:13:42 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 5545
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pages.kw.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 10:13:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
age
364590
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
expires
Sat, 21 May 2022 10:13:27 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 5545
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pages.kw.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 02:03:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
age
480402
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
expires
Fri, 20 May 2022 02:03:15 GMT
bqbm02pauv2njvm4rqd0
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ Frame 5545
575 B
442 B
Fetch
General
Full URL
https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/bqbm02pauv2njvm4rqd0
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.253.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
ea36a29042398f18e508f61a742e67ecff3ea9e410d302b79be5b6b5f5cc4f51

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:58 GMT
content-encoding
gzip
server
nginx/1.15.6
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-kong-upstream-latency
7
alt-svc
clear
via
1.1 google
bqbmo44m2er22hsikgf0
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ Frame 5545
886 B
717 B
Fetch
General
Full URL
https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/bqbmo44m2er22hsikgf0
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.253.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.15.6 /
Resource Hash
13c2670d0c5331a85e669a4a53b4aa5726a9cfbd064020b708398488901448f6

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:58 GMT
content-encoding
gzip
server
nginx/1.15.6
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-kong-upstream-latency
5
alt-svc
clear
via
1.1 google
fbevents.js
connect.facebook.net/en_US/ Frame 5545
92 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
iJrKxG5Fc5RZdcBztqY3/LtjuCB9ro8O6nUcXmMtHxEFhC+bBmmgDv4rZDaIqZUHjvnv0a93Hsqw3F1L026wMA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 25 May 2021 15:29:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/ Frame 5545
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pages.kw.com
Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 14:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2563
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133858
x-xss-protection
0
last-modified
Mon, 17 May 2021 02:05:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 May 2022 14:47:14 GMT
1349076498498506
connect.facebook.net/signals/config/ Frame 5545
254 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1349076498498506?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8119700418d77184ecaa911c97f88ffc611fecf759ad3b297817bad6d366619d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
lxgyUS7YUKVOpYWjMBa+gQHGXN0TgSILFQmwnMGeceLAhAUtEHAAUmqDPO3j0S/McKc64Tb6X/DA9sdGk+2xmQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 25 May 2021 15:29:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bk21jp7cdmq8fg7j58tg
storage.googleapis.com/attachment-prod-e2ad/ Frame 5545
23 KB
23 KB
Image
General
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/bk21jp7cdmq8fg7j58tg
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8dd7b45e21ac99319f1aa146735bda7c194defbc6e81f47840af0251e3aaeba2

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:58 GMT
x-guploader-uploadid
ABg5-Ux_QLwRHO_ZigvG0Gm1UfFEakJTd2-Gxq2TjxRQb1danbkEljk0GgNcvVsl4Vkn28tNope7zs5QEFdXtBtVJg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=bk21jp7cdmq8fg7j58t0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23099
last-modified
Fri, 14 Jun 2019 22:04:21 GMT
server
UploadServer
etag
"dde541fc6156ebdc09d78576caee2bf6"
x-goog-hash
crc32c=PT/HXQ==, md5=3eVB/GFW69wJ14V2yu4r9g==
x-goog-generation
1560549861009465
access-control-allow-origin
*
cache-control
public, max-age=3600
x-goog-stored-content-length
23099
accept-ranges
bytes
content-type
image/png
expires
Tue, 25 May 2021 16:29:58 GMT
bk21jp7cdmq8fg7j58sg
storage.googleapis.com/attachment-prod-e2ad/ Frame 5545
36 KB
36 KB
Image
General
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/bk21jp7cdmq8fg7j58sg
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cf00c760a538570eb4612fb0c5dd5040cb5b0f578231bcd1e2bf2f16e71bb6f7

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:58 GMT
x-guploader-uploadid
ABg5-UzJMY6VqVjvW75EXC-m1xnmyohGEA9o_WdzOyItsZBPbzIAmo-LckrfpsQA6QETabQFJZcbaFo-A7kYh14wPGk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=bk21jp7cdmq8fg7j58s0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36506
last-modified
Fri, 14 Jun 2019 22:04:20 GMT
server
UploadServer
etag
"ec77bef9af7bf6e8dc4dfdd7bd27302b"
x-goog-hash
crc32c=MNJF2A==, md5=7He++a979ujcTf3XvScwKw==
x-goog-generation
1560549860921459
access-control-allow-origin
*
cache-control
public, max-age=3600
x-goog-stored-content-length
36506
accept-ranges
bytes
content-type
image/png
expires
Tue, 25 May 2021 16:29:58 GMT
bk21jp7cdmq8fg7j58rg
storage.googleapis.com/attachment-prod-e2ad/ Frame 5545
291 KB
292 KB
Image
General
Full URL
https://storage.googleapis.com/attachment-prod-e2ad/bk21jp7cdmq8fg7j58rg
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bb5f0e640db319e35da5f36e336d35af9039e97cfcf4c412c13200e8bee31ba2

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:58 GMT
x-guploader-uploadid
ABg5-UxtzTCxQT1WsX1WA4P0xn7XpRdJPsUFVHBnnZo9Ul5JBq2QJcq-XrIUTe0j9tplI_pH7XwWVzwpQuVbtU8X-w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename=bk21jp7cdmq8fg7j58r0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298470
last-modified
Fri, 14 Jun 2019 22:04:20 GMT
server
UploadServer
etag
"3e14043ef744c3e9aa70829a47933baa"
x-goog-hash
crc32c=FGMzOg==, md5=PhQEPvdEw+mqcIKaR5M7qg==
x-goog-generation
1560549860672785
access-control-allow-origin
*
cache-control
public, max-age=3600
x-goog-stored-content-length
298470
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 25 May 2021 16:29:58 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 5545
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pages.kw.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
age
192380
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
expires
Mon, 23 May 2022 10:03:38 GMT
/
www.facebook.com/tr/ Frame 5545
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1349076498498506&ev=PageView&dl=https%3A%2F%2Fpages.kw.com%2Frenee-white%2F122704%2Fbqabs9r8thc1ke7k0c9g.html&rl=http%3A%2F%2Frwtcoronavirusupdate.com%2F&if=true&ts=1621956598716&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&it=1621956598041&coo=false&exp=l0&rqm=GET
Requested by
Host: pages.kw.com
URL: https://pages.kw.com/renee-white/122704/bqabs9r8thc1ke7k0c9g.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 25 May 2021 15:29:58 GMT
/
www.facebook.com/tr/ Frame 5545
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1349076498498506&ev=Microdata&dl=https%3A%2F%2Fpages.kw.com%2Frenee-white%2F122704%2Fbqabs9r8thc1ke7k0c9g.html&rl=http%3A%2F%2Frwtcoronavirusupdate.com%2F&if=true&ts=1621956599223&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22COVID-19%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%3Awidth%22%3A%221600%22%2C%22og%3Aimage%3Aheight%22%3A%22900%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&it=1621956598041&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 15:29:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 25 May 2021 15:29:59 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame 5545
85 KB
31 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 07:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 18:12:04 GMT
server
sffe
age
29349
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31670
x-xss-protection
0
expires
Wed, 25 May 2022 07:20:53 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame 5545
280 KB
86 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 13:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 18:12:04 GMT
server
sffe
age
7825
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87588
x-xss-protection
0
expires
Wed, 25 May 2022 13:19:37 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 5545
62 B
83 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fpages.kw.com%2Frenee-white%2F122704%2Fbqabs9r8thc1ke7k0c9g.html&4sAIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&callback=_xdc_._4a0wsg&key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&token=24737
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
626585d0fae970fa052d229d4b522824c9b5c85db8058e4956456870a66b56a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pages.kw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 May 2021 15:30:02 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=7
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
d1azc1qln24ryf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
kong.command-api.kw.com
kw-console-assets.s3.amazonaws.com
maps.googleapis.com
pages.kw.com
rwtcoronavirusupdate.com
s3.amazonaws.com
storage.googleapis.com
unpkg.com
www.facebook.com
www.google.com
www.gstatic.com
130.211.6.176
184.168.131.241
2606:4700::6810:125e
2606:4700::6810:7aaf
2a00:1450:4001:800::2010
2a00:1450:4001:801::200a
2a00:1450:4001:808::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::200a
2a00:1450:4001:827::2010
2a00:1450:4001:82f::2003
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
2a04:4e42:1b::621
35.227.253.245
52.216.142.20
52.217.71.38
52.222.161.10
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13c2670d0c5331a85e669a4a53b4aa5726a9cfbd064020b708398488901448f6
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2bc691d1e61d40a957377cbd815941e583b2d0afc4a09e4a0d8e8de77fda950c
319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb
3323ce4a9aebf7fbd1c174d8734b1ac3ceb297318cd8755129651f1c816d6bbe
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
57bebe1420e09ea56a69f510ef8728891eea03719de99955b8581dc1c1821a57
626585d0fae970fa052d229d4b522824c9b5c85db8058e4956456870a66b56a1
67ff4ab2f45181f16ca8589db84791642343a135f95c3d77e548955b9941cdaa
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
799a5961762fd15a4e5d7c845389f280a791a018bae59eb0aeacffde0a33a416
7e7219035199666be957f506333b056672a3ab26d501f56d0d7335e01b54c514
8119700418d77184ecaa911c97f88ffc611fecf759ad3b297817bad6d366619d
84eb98d074673cae335c60426ee1afe80518de30d2814e65d03ee168ea6eabf4
8604d3eec7c80801fd4b09422bf218549e84ac8cc78a24d6af061502958a1726
88523d4d96f0cc7b8fc1846963d2122ad4fc7e72d9fa6a3b4bb164a96e702d48
8dd7b45e21ac99319f1aa146735bda7c194defbc6e81f47840af0251e3aaeba2
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
97e623d04e8a834a3b7f7db612864db46c8804ae9fde647bb5ef897373b8266c
a5abbe1236a010bbe65bb5e80ce833e0308a1dea741ae0be930e94f0640aa3de
a8582885481b138fc8e1f7216d4193c5cca91f160cf052f52d23ad4e1c0da6d2
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bab1c049f4578223d747098c5a421b9350d09c92c670d7d86d252af6fa74abbf
bb5f0e640db319e35da5f36e336d35af9039e97cfcf4c412c13200e8bee31ba2
cf00c760a538570eb4612fb0c5dd5040cb5b0f578231bcd1e2bf2f16e71bb6f7
dea27875291d291aa06e8924d16bf8f2ff6754ea6d2c2cf4ffe4bc8da2b90cdc
e828c7295eea88df254f0ec87f91e458e2959ad4c2dd9a5ff0774a0bfb345df9
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ea36a29042398f18e508f61a742e67ecff3ea9e410d302b79be5b6b5f5cc4f51
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
f28099a1e0001e3576234df6ffbd94b0996cad3a8e45208f7f261bfcf1b8ce0f
f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb
fafdf01a280079f8b79ce3183e5b5bffd61b11f1565a376b1886a369dfdffa32