urlscan.io logo urlscan.io
SecurityTrails logo

www.yourkpplan.org Open in urlscan Pro
52.25.115.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://inbox.healthcare-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYcD5yLnfspIGIxS7MhxWry...
Effective URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Submission: On August 05 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 59 HTTP transactions. The main IP is 52.25.115.59, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.yourkpplan.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 7th 2021. Valid for: a year.
This is the only time www.yourkpplan.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
2 14 52.25.115.59 16509 (AMAZON-02)
26 104.17.202.85 13335 (CLOUDFLAR...)
1 1 52.3.49.79 14618 (AMAZON-AES)
1 52.217.11.54 16509 (AMAZON-02)
11 161.71.8.44 14340 (SALESFORCE)
2 13.110.38.200 14340 (SALESFORCE)
2 44.236.203.118 16509 (AMAZON-02)
1 13.110.37.212 14340 (SALESFORCE)
59 8
1    167.89.118.52 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net
inbox.healthcare-coverage.kp.org
14    52.25.115.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-115-59.us-west-2.compute.amazonaws.com
www.yourkpplan.org
yourkpplan.org
26    104.17.202.85 (United States)

ASN13335 (CLOUDFLARENET, US)
kp.qumucloud.com
cdn.qumucloud.com
analytics.qumucloud.com
1    52.3.49.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-49-79.compute-1.amazonaws.com
www.glancecdn.net
1    52.217.11.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
11    161.71.8.44 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-lhr4.um2-lo3.force.com
service.force.com
2    13.110.38.200 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl6-ncg0-phx3.na111-ph2.force.com
explorekp.secure.force.com
2    44.236.203.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-203-118.us-west-2.compute.amazonaws.com
dbs-analytics.sourceflowsales.com
1    13.110.37.212 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg0-phx3.la4-c2-ph2.salesforceliveagent.com
d.la4-c2-ph2.salesforceliveagent.com
Domain Requested by
18 cdn.qumucloud.com kp.qumucloud.com
cdn.qumucloud.com
13 www.yourkpplan.org 1 redirects www.yourkpplan.org
11 service.force.com www.yourkpplan.org
service.force.com
4 analytics.qumucloud.com cdn.qumucloud.com
kp.qumucloud.com
4 kp.qumucloud.com www.yourkpplan.org
cdn.qumucloud.com
2 dbs-analytics.sourceflowsales.com www.yourkpplan.org
2 explorekp.secure.force.com www.yourkpplan.org
1 d.la4-c2-ph2.salesforceliveagent.com service.force.com
1 s3.amazonaws.com www.yourkpplan.org
1 www.glancecdn.net 1 redirects
1 yourkpplan.org 1 redirects
1 inbox.healthcare-coverage.kp.org 1 redirects
59 12
Subject Issuer Validity Valid
www.yourkpplan.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-07 -
2022-02-06		 a year crt.sh
qumucloud.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.um2.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-31 -
2022-03-30		 a year crt.sh
*.na111.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-21 -
2022-06-16		 a year crt.sh
*.sourceflowsales.com
Thawte RSA CA 2018		 2021-03-08 -
2022-03-08		 a year crt.sh
la4-c2-ph2.salesforceliveagent.com
DigiCert SHA2 Secure Server CA		 2020-10-27 -
2021-10-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Frame ID: 6E508DA6AA4AFAA01ED0AE0660A0D469
Requests: 23 HTTP requests in this frame

Frame: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Frame ID: 1AFD42F3A39D3F214A3ED403E4E88C2B
Requests: 15 HTTP requests in this frame

Frame: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Frame ID: E2CF89898EFA16B3C8E18C3236503526
Requests: 15 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Frame ID: 3A8A5C5D083BD93CB2D307DBD313E153
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://inbox.healthcare-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYc... HTTP 302
    https://www.yourkpplan.org/email/link?id=323116dd-5c91-4b2b-9875-11d06dccf4e5&url=https%3A%2F%2Fyourkpp... HTTP 302
    https://yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT HTTP 303
    https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

59
Requests

93 %
HTTPS

0 %
IPv6

8
Domains

12
Subdomains

8
IPs

2
Countries

2118 kB
Transfer

7181 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://inbox.healthcare-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYcD5yLnfspIGIxS7MhxWrycj1wPXCqA3hnSlitfrdVLSf5fWCatO9TL81AglOhQ9-2FOxzgL2yfk5U3Bq-2B2JUj-2BhJcJHbA4M2-2FL8rCcIPmrlgOWiU18Ys3NpU1lGOtAaBYRDSBqNjIvz7eOXiKwt89Bzxsg-3D-3DuPtu_OiuGUHS0p-2Fi0FXFKeyRmA9ZUeWWEtRszP88E-2FvIMml3mtk9lUN7ZQdj8nWa4EG3ofJcVlcZbaF9K-2FY44LwivSzqZnAc01PnYK2Uk2oZOm-2FDYAbWMPIiF6wzsS7EmDsSckvk9K8o5vdZ6-2FdNit8keFaM7BUKnr8uLoCG9K1Q5datSPUelhd8a5x7OsLsO-2FZ2HP9UtxdvRPYnGnDN0UozxB-2B10ROllQDi7-2Fo00WDZ1hRVjUH-2BaWfkyvH9Oi6rsjTRwGrgEpxXEoikmNXqZKoXa9aomgtA6ei9KwXwn16C5Kd-2Be0SHzRM1F-2FPnn7WEJPQsWdMftrM3vD967DW8EtetewRjSRHUk8b9PsEHiqkLIibU-3D HTTP 302
    https://www.yourkpplan.org/email/link?id=323116dd-5c91-4b2b-9875-11d06dccf4e5&url=https%3A%2F%2Fyourkpplan.org%2F4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT HTTP 302
    https://yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT HTTP 303
    https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21375&site=production HTTP 302
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
www.yourkpplan.org/
Redirect Chain
  • http://inbox.healthcare-coverage.kp.org/ls/click?upn=vM9nBaJeEc8IrfyEKtbhLQap16Iu14lQTzZzpvQEPxPFmjUqW8admm14lOs7JYcD5yLnfspIGIxS7MhxWrycj1wPXCqA3hnSlitfrdVLSf5fWCatO9TL81AglOhQ9-2FOxzgL2yfk5U3Bq-2...
  • https://www.yourkpplan.org/email/link?id=323116dd-5c91-4b2b-9875-11d06dccf4e5&url=https%3A%2F%2Fyourkpplan.org%2F4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
  • https://yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
  • https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
92 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b950f17e4ad086215123269f34fec3db9e947541a4359516f7b5a6e6fdf8a65b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.yourkpplan.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 05 Aug 2021 00:09:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; expires=Sat, 06-Aug-2022 00:09:11 GMT; Max-Age=31622400; path=/; samesite=None; secure _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; expires=Sat, 06-Aug-2022 00:09:11 GMT; Max-Age=31622399; path=/; httponly _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D; path=/; httponly
Strict-Transport-Security
max-age=63072000;
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 05 Aug 2021 00:09:11 GMT
Content-Type
text/html; charset=utf-8
Content-Length
162
Connection
keep-alive
Location
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Strict-Transport-Security
max-age=63072000;
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
app.min.css
www.yourkpplan.org/sites/kp/dist/assets/css/ 		174 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
231eaa50571ae9992e33c5acaf5eb4f2aceeb8b50339ad5888f1197e30ff2a1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 May 2021 16:10:24 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"60956670-2b74a"
Strict-Transport-Security
max-age=63072000;
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
logo.svg
www.yourkpplan.org/sites/kp/dist/assets/images/2020/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yourkpplan.org/sites/kp/dist/assets/images/2020/logo.svg
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e52bfa31a53e1ebb754935fbacfab8085903eb7b0c94107202021ff18b523b0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Nov 2020 07:21:59 GMT
Server
nginx
ETag
"5f9e6217-183d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Strict-Transport-Security
max-age=63072000;
Accept-Ranges
bytes
Content-Length
6205
X-Xss-Protection
1; mode=block
marketing_hero.jpg
www.yourkpplan.org/sites/kp/assets/images/2021/hero/ 		319 KB
319 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yourkpplan.org/sites/kp/assets/images/2021/hero/marketing_hero.jpg
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6bcf084ca494c57d4efdd83fde0050c4fd2f51c5a7aded2713bdfe7e00c508d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Nov 2020 07:21:59 GMT
Server
nginx
ETag
"5f9e6217-4fac5"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Strict-Transport-Security
max-age=63072000;
Accept-Ranges
bytes
Content-Length
326341
X-Xss-Protection
1; mode=block
ok_icon.png
www.yourkpplan.org/sites/kp/assets/images/2020/icons/ 		286 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yourkpplan.org/sites/kp/assets/images/2020/icons/ok_icon.png
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
aba77af88c8b701c1851112ed8f0a16abe49656afb5b636c7fc641cba8d1b91d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Nov 2020 07:21:59 GMT
Server
nginx
ETag
"5f9e6217-11e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Strict-Transport-Security
max-age=63072000;
Accept-Ranges
bytes
Content-Length
286
X-Xss-Protection
1; mode=block
Wk7iASvP16f
kp.qumucloud.com/view/ Frame 1AFD 		59 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09141d56e66614621aba49a00db221e2199e4b76b08dbd9fc50f5248fc12a513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
kp.qumucloud.com
:scheme
https
:path
/view/Wk7iASvP16f?autoplay=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourkpplan.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourkpplan.org/

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-type
text/html;charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
set-cookie
KV_CLIENT_SESSION_ID=1QZ19qn0pocR0eGWU7d30N; Max-Age=31536000; Expires=Fri, 05-Aug-2022 00:09:12 GMT; Path=/; Secure; HttpOnly; SameSite=None JSESSIONID=34CC85EE849017EEB3F20135E06F862D; Max-Age=1209600; Expires=Thu, 19-Aug-2021 00:09:12 GMT; Path=/; Secure; HttpOnly; SameSite=None i18next=en-US; Max-Age=31536000; Expires=Fri, 05-Aug-2022 00:09:12 GMT; Path=/; Secure; SameSite=None
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Wed, 11 Jan 1984 05:00:00 GMT
vary
accept-encoding
content-language
en-US
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stS6FkrFBCJ1SdVoW9%2Buzelpg18erFrOBTv3NKsP2tHo331%2FIhjnwAOMQ17NdbLqak5OnxLR5xEr96ONLLZEB71SGAis1kWfZtQW16MLZOMRmVXB6ZEbXDFjAcxt78xLBiU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
679bcb9c9c4e402b-CDG
content-encoding
gzip
Wk7iASvP16f
kp.qumucloud.com/view/ Frame E2CF 		59 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fefa4caa308bb70dfcbf2437f97d9df3f4130a65158ea172c974056b43f4532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
kp.qumucloud.com
:scheme
https
:path
/view/Wk7iASvP16f?autoplay=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yourkpplan.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourkpplan.org/

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-type
text/html;charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
set-cookie
KV_CLIENT_SESSION_ID=FS62a2RYxPoi7woru5f0N6; Max-Age=31536000; Expires=Fri, 05-Aug-2022 00:09:12 GMT; Path=/; Secure; HttpOnly; SameSite=None JSESSIONID=AE0349CCAF199B80BFF60BCE0B1AC30E; Max-Age=1209600; Expires=Thu, 19-Aug-2021 00:09:12 GMT; Path=/; Secure; HttpOnly; SameSite=None i18next=en-US; Max-Age=31536000; Expires=Fri, 05-Aug-2022 00:09:12 GMT; Path=/; Secure; SameSite=None
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Wed, 11 Jan 1984 05:00:00 GMT
vary
accept-encoding
content-language
en-US
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1Z%2BUraFJFWP6c6pasP%2BvlzTHUepZVCk%2FB1TMsFweAoJCDYaIRNdxb7q6KiUaFGPir4tY%2Be3PK%2FKpQXMGhVWG0MX4%2BCM89vhDRjbF71T%2FPSagkUNBno1KyD0X2REI4QOToU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
679bcb9c9c4f402b-CDG
content-encoding
gzip
logo.svg
www.yourkpplan.org/sites/kp/assets/images/2020/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yourkpplan.org/sites/kp/assets/images/2020/logo.svg
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e52bfa31a53e1ebb754935fbacfab8085903eb7b0c94107202021ff18b523b0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Nov 2020 07:21:59 GMT
Server
nginx
ETag
"5f9e6217-183d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Strict-Transport-Security
max-age=63072000;
Accept-Ranges
bytes
Content-Length
6205
X-Xss-Protection
1; mode=block
app.min.js
www.yourkpplan.org/sites/kp/dist/assets/js/ 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/sites/kp/dist/assets/js/app.min.js?v=2021.3
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0f480804b0fc282409817aa01da3ea0a8eb2619637a7816c7dc5afe983d08763
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 May 2021 16:10:24 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"60956670-1e6467"
Strict-Transport-Security
max-age=63072000;
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
GlanceCobrowseLoader_4.17.0M.js
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21375&site=production
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js
15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.11.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f76c2aed837deb6ab5069475e5adedd607f88824f83edf9f775d11dca369b6eb

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:14 GMT
Last-Modified
Tue, 08 Dec 2020 22:18:18 GMT
Server
AmazonS3
x-amz-request-id
0A2874G5CA2BZWA8
ETag
"fb5356e1ee52a4b1f35811057486b6c8"
x-amz-version-id
OJneW9yJx3041yNJX.cgKqRdRLcz5c_f
Cache-Control
public, max-age=31556926
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
15095
x-amz-id-2
TSFpdeXZ2nQLpCGgtzZ/ueSc3domcdssPuBMMjnNo4Kokkwg19nZB2nrD8nRL1121xcvwUpcbqM=

Redirect headers

date
Thu, 05 Aug 2021 00:09:12 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
location
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.17.0M.js
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
content-length
195
esw.min.js
service.force.com/embeddedservice/5.0/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
27611fad3c4b4c0b6100038f5039d424d0514b0b650f98ea3062f6c0fa92df19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:26:21 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 19 Apr 2021 22:41:40 GMT
Age
2571
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
8189
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:26:21 GMT
player-v2.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame E2CF 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.css
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7343d91144b9629c30f066e7fe3cebd4089a6d8c18d0fdab1b812d782cd4e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU9rGr7I3yORuN7eu4f4rnVfm6gfLmBwlh42TP0Nj39DLV2ZMdUwLpj4sssF%2BKhgm%2FsQy92bC4nOaEILe0ts30BF4ayy5SAnZohh2u1tjY0t%2BEb%2Bp8wWYkJgy%2FyVI4ji6btP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9dcd92402b-CDG
default.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/ Frame E2CF 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/default.css
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c931d2b034269d829913ac1ebab2336d9ce233781decc27d8473dce831dea78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbBwiiw7QN90G1IDEW9EvSecw%2B8TAQWMbG%2F4btqNdgHsdTDExwtZxR9RVNm7qmdZwAz%2Bviwx%2Ffcq1ExcZJ6FePK1usvpJsyrp20enVUQqV6vDnq5q4UHLjlMX0o1V9SHoVcH"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=ISO-8859-1
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9dcd93402b-CDG
player-v2.loader.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame E2CF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610942fedcc6e61287a3a7fe2224a21598bb5af7c96e812e0f583cc9b1182e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaWCFmZDUThw8LIVajq0nVJ3EvNnNnsT8J6jrPCaPMWU9B5ERdsN682uGUUF%2BoMQ6PNejfp25pWhDViiarR4IA%2FVYpzxYZFCytK9FR%2FOgj8Fx%2Bh4c1BLyPrm7BdCZe2p3XHe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9dcd98402b-CDG
player-v2.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 1AFD 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.css
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7343d91144b9629c30f066e7fe3cebd4089a6d8c18d0fdab1b812d782cd4e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1hI5pt0x7qsAVt78xuFqhNXJkvYFG2jFdxj6GilgynhVO1MrQoUForaoLPkJ1iNTjofOJKQpdCXcCUJKPvk%2BM2v4kjmt2apcelLBVA4kHXm1cMbh9xOLXfBN2dbtwZmEi8O"}],"group":"cf-nel","max_age":604800}
content-type
text/css
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9dcd96402b-CDG
default.css
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/ Frame 1AFD 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/player-themes/default.css
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c931d2b034269d829913ac1ebab2336d9ce233781decc27d8473dce831dea78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmCuvFe67srIZDafZk0M0SbBYwOgMfZp9GrhVkUdv%2F0E9gbYyvIrjUaDVNO5MqFjsfvaAM0zpc%2Fe%2FwXU0eMI9AAVEEYRI%2FOwdlI2KACNOTLc35nZR7ev%2FP0A7P0SoDRuWAca"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=ISO-8859-1
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9dcd94402b-CDG
player-v2.loader.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 1AFD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610942fedcc6e61287a3a7fe2224a21598bb5af7c96e812e0f583cc9b1182e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EThbcxnGUMI5UXZma3EQIToyX2ZcjiLA%2FyWzg7G%2FurtVvQSSvQo9D6yhlxLuJ5oBrqe0ZWZBvk4%2FaaoAHhtJxas2FGq5IF36UBlH34DQm1O%2FijUYgfyk4EoaIHY2B2naajgv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9dcd97402b-CDG
player-v2.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 1AFD 		1 MB
331 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62abfa3afc73349f1be1456e1efd7928009ad5df059947b9f11be7d19e0ada8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaL2m9bHSkgjc5EhWoxEpoLAt6dsXO5gK1RCh8P4Ev798cRsFtEbx8t3KbNYTMge6Jrb7aekEO7ibnf0w5nSOzx2qrFJH5n4gGrWmrNBJD5UXYNKgak2tWPWk2dldLGUOW1C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9e1dc7402b-CDG
player-v2.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame E2CF 		1 MB
331 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62abfa3afc73349f1be1456e1efd7928009ad5df059947b9f11be7d19e0ada8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315490
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 08:31:02 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJYEPnKQjynU2D%2BEL4yda8tKe9jDXD1DxVlthKgyINGseW%2F3%2BrXOZpRZQnsr2ifxxzkj4yJOlXQp38HqFLA3ZXSYtxL724iF505bwkWudBzQRo1ytBdWC4qTBSyThUjflmap"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9e2dd7402b-CDG
Gotham-Book.woff
www.yourkpplan.org/sites/kp/dist/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/sites/kp/dist/assets/fonts/Gotham-Book.woff
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
39a2f923f8b5567fa276a80b5cb5ebbec1f2986eddbef0e059b09e5b284b3848
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.yourkpplan.org
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Origin
https://www.yourkpplan.org
Referer
https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Nov 2020 07:21:59 GMT
Server
nginx
ETag
"5f9e6217-5b1c"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Strict-Transport-Security
max-age=63072000;
Accept-Ranges
bytes
Content-Length
23324
X-Xss-Protection
1; mode=block
Gotham-Bold.woff
www.yourkpplan.org/sites/kp/dist/assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/sites/kp/dist/assets/fonts/Gotham-Bold.woff
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d6efd03844b9edbba5d22286e8b2f1f73004f2f5700dd6135deebd4249898aa2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.yourkpplan.org
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Origin
https://www.yourkpplan.org
Referer
https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Nov 2020 07:21:59 GMT
Server
nginx
ETag
"5f9e6217-7a70"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Strict-Transport-Security
max-age=63072000;
Accept-Ranges
bytes
Content-Length
31344
X-Xss-Protection
1; mode=block
geolocate
cdn.qumucloud.com/ Frame 1AFD 		180 B
635 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/geolocate
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ed5d4a0a62c2836aaf9e399dfaf68c7b370f9256874f1d8e5502272e22ca30

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rng0licyt697GyzvUomXFwDvtUz6gLkRv7AMKM01dErmN%2F4IymhNxRV6Gy6k015cEQtX716iv0AkI%2FP2LLgrS8ZiTijLPjfUBMkBkvoWBWVcbrNZMqb9oPcshPq5jYlg0Ck"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-geo-request
CF
cf-ray
679bcb9f681f3ff5-CDG
adobe-analytics.js
kp.qumucloud.com/430/client/js-lib/ Frame 1AFD 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kp.qumucloud.com/430/client/js-lib/adobe-analytics.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9f171cfae1b102b0d5e35e241a2beabd572d1cd27ec708bd021bd46e51e32a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
206722
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
last-modified
Sun, 02 Aug 2020 14:43:50 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIq2sMlPQTVeNU4LWVxgAAIuO3rUQmKMrZ4Q%2B6hDZLIO24gi6NTltQrGqWln%2Fo6e%2BQnwxftlXN8uy%2F2Or7WZayfwofkTnFbd9B0g6Gb1RgTRX1aJ43nHXyZgPa7W0F4jgy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9f6ef8402b-CDG
1UPztwDRvVQ;wc=1920;hc=1080
cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/ Frame 1AFD 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/1UPztwDRvVQ;wc=1920;hc=1080
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29172437423729b407768e7522483a6b696b9ae40e5d9c8f253d76eb13fa89a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
633955
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
content-length
58927
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jul 2020 16:03:17 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zt7U2i7jDtnrow4j6oZkUNgojuLdTK3bCfWXehhUOlwnY6%2FZcKQBKoz9pFryw0%2BmX4CKbHkN5WkQ86CxkYNioqdA4hMbKW%2BKoDdXfKh%2BnLKJ8CD6WUY9pHOAIG25MaYE7b0K"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
679bcb9f7f09402b-CDG
cf-bgj
h2pri
p-60b54eeb69092161a676.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 1AFD 		246 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-60b54eeb69092161a676.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21299cb5fc052c970acd743e5f402bf7cc6bb65ba15af127824680841d60546a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303207
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 11:55:45 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri%2BBqwQEtQL0%2F4qJDGHBSYXIhddOcS%2BK8ZvZGhwtKgmAbYCbW9Uu2n09J5HY2Y9MO1dgqhklaQoLEPF1rQsJIoKZfceG53MhlNV3ITjNd18Mo4PZdum%2F2US4uyIzSg1ETFnG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9f7f0b402b-CDG
p-f0cf42cf0950ae8e38bd.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame 1AFD 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-f0cf42cf0950ae8e38bd.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf5869d67369f9cfb3bcb624ca963f08646661018ef1337c8605b4aec26d9ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303207
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 11:55:45 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LzIzPjj%2Fhc6mfKcFnzPc7%2BB8iELO3FcUsH8fVdlndFtbdlH2diaPT5mUKKUuxVO4FN4AmrxqZTuZuXX6wPYsLZwwxmaHzAwn0igY%2BqC3QQb2XO8MhhGygfT%2BQQkfabxgahj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcb9f7f0c402b-CDG
geolocate
cdn.qumucloud.com/ Frame E2CF 		180 B
426 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/geolocate
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ed5d4a0a62c2836aaf9e399dfaf68c7b370f9256874f1d8e5502272e22ca30

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwpBxs2caM6PuG9SNocXOiUt%2Bf8x5c8wtnOYAsuktLWae3N2D6GS2B0vkYVUy2aBgoggM%2F13%2Fcq94y5i7TTSN4TcxpSZtEvAKI%2F4QOXzLXuoglNEW%2B%2F%2BPuWxQwlH5XtoHyHO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-geo-request
CF
cf-ray
679bcb9fe8d43ff5-CDG
1UPztwDRvVQ;wc=1920;hc=1080
cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/ Frame E2CF 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/Wk7iASvP16f/1UPztwDRvVQ;wc=1920;hc=1080
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29172437423729b407768e7522483a6b696b9ae40e5d9c8f253d76eb13fa89a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
633955
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
Accept-Encoding
content-length
58927
x-xss-protection
1; mode=block
last-modified
Tue, 28 Jul 2020 16:03:17 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAPMJU5bIyw8b0M8MNrD7F7%2FP8joO%2FKIkG2OzvGKUYuEfyt77IypXlDdJgtzxEF0zoRq68Vqn9lrqzEvnUQXY079c%2FpqIj%2FWpmaGYPLW7lBMNrpHxyXD6aWwDJ6NY%2FZTTHaZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
679bcb9fef91402b-CDG
cf-bgj
h2pri
adobe-analytics.js
kp.qumucloud.com/430/client/js-lib/ Frame E2CF 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kp.qumucloud.com/430/client/js-lib/adobe-analytics.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9f171cfae1b102b0d5e35e241a2beabd572d1cd27ec708bd021bd46e51e32a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
206722
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
last-modified
Sun, 02 Aug 2020 14:43:50 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiPhDcYFX1i%2F94HyWOmx701Bv8Mrj0whD23BmImm99Y0GIjbPnIBTxuYVZ%2BiMD5oUs3kVpF8E1JdB5ZSfMfI8PmcOwyaH4jdoSzYxApDEP9c0p6azEz2n2oU1noVGioB9SY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcba00faf402b-CDG
p-60b54eeb69092161a676.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame E2CF 		246 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-60b54eeb69092161a676.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21299cb5fc052c970acd743e5f402bf7cc6bb65ba15af127824680841d60546a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303207
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 11:55:45 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lHZ3dkdDbGiThjwTyYhcJSBi0BxDJs%2Bda%2BqN4JhNvmli27QzQXlmGciY88Ayeqggw8caIqqFc09fC2NziFKtm4t3X7rdrKyIAYJjASjnk9K4dgKAQp4Yr9DmhugAI0NHHtC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcba00fb0402b-CDG
p-f0cf42cf0950ae8e38bd.js
cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/ Frame E2CF 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/p-f0cf42cf0950ae8e38bd.js
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf5869d67369f9cfb3bcb624ca963f08646661018ef1337c8605b4aec26d9ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
303207
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
vary
accept-encoding
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Sat, 01 Aug 2020 11:55:45 +0000
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7csZtkLcg7%2Bp8Yupkq6iphWXgkzOniFQhQy6HDBJCewbKB7fu6C6S3VnEHv2QRVE80VKW7HlQuxu%2B4myrfNiBv5kWoErD1HxRm1Mx3QrsXrk5kgFVIUYNc2srSe9sHENwJB3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public,max-age=31536000
cf-ray
679bcba00fb1402b-CDG
nr-spa-1208.min.js
cdn.qumucloud.com/ Frame 1AFD 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/nr-spa-1208.min.js
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7064
cf-ray
679bcba05ff9402b-CDG
x-cache
HIT
content-length
15815
x-amz-id-2
SJwlHEEUUvtQ/HmRtBjBXj5CakeCmW1L6aVdz67bZP5N03qcWOw2chDZymJeOlSw92USG3iHDs4=
x-served-by
cache-cdg20725-CDG
last-modified
Wed, 10 Mar 2021 16:24:31 GMT
server
cloudflare
x-timer
S1625676307.245262,VS0,VE0
etag
"d9d4f5c3991c0454eca3e6b2ddfe31d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaqEn2kp9L2LkYXXrwHnAYey3N5YDrxdv3Mp7E48reBS2Dur7i9fMbO3lo0qTRMgNUI9dE1njRYDm6778CrHjJqp0kOkwQY4MkRf%2F9lUYaoHbP%2FsBWO%2F4DqcDgwIwnwHbBOI"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
TVV68QHW35HQH1Q1
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
x-amz-version-id
Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
547
nr-spa-1208.min.js
cdn.qumucloud.com/ Frame E2CF 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.qumucloud.com/nr-spa-1208.min.js
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7064
cf-ray
679bcba08818402b-CDG
x-cache
HIT
content-length
15815
x-amz-id-2
SJwlHEEUUvtQ/HmRtBjBXj5CakeCmW1L6aVdz67bZP5N03qcWOw2chDZymJeOlSw92USG3iHDs4=
x-served-by
cache-cdg20725-CDG
last-modified
Wed, 10 Mar 2021 16:24:31 GMT
server
cloudflare
x-timer
S1625676307.245262,VS0,VE0
etag
"d9d4f5c3991c0454eca3e6b2ddfe31d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPh0RqdKt6Oze%2BNb8WTw1PjGNglXPM%2Biy3MHreRtTThx2%2B2IqR%2F8%2F%2FvtQza%2BNvI5vgRCLF2luQBhb6Uu%2FfYMOGI4Zz3pbZytRHObUi9xEE0LEurK6RItiRmdZ8dcF5dsRDIQ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
TVV68QHW35HQH1Q1
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
x-amz-version-id
Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
547
245c3146b4
analytics.qumucloud.com/1/ Frame 1AFD 		57 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.qumucloud.com/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=802&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f&be=280&fe=701&dc=340&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1628122152311,%22n%22:0,%22f%22:2,%22dn%22:7,%22dne%22:52,%22c%22:52,%22s%22:57,%22ce%22:92,%22rq%22:94,%22rp%22:274,%22rpe%22:276,%22dl%22:276,%22di%22:340,%22ds%22:340,%22de%22:340,%22dc%22:701,%22l%22:701,%22le%22:702%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22PlayerVersion%22:%222%22,%22userAgentOSVersion%22:%2210%22%7D&jsonp=NREUM.setToken
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/nr-spa-1208.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hu01QnH1FyjQqjJ7mBfgiEuDuQP241n3qNrw8%2FC2vK5C5eu7Mh8M%2F0zcudPa6mpgoLJw7ouJJhOf491zTNZqb16UdBsUHj5UFzuwQuTIx3JgwUUhTHyciXyM0h%2FsSl5Uxe35qoQZEuXE"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=ISO-8859-1
cf-ray
679bcba138a9402b-CDG
expires
Thu, 01 Jan 1970 00:00:00 GMT
245c3146b4
analytics.qumucloud.com/1/ Frame E2CF 		57 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.qumucloud.com/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=802&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f&be=266&fe=722&dc=351&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1628122152313,%22n%22:0,%22f%22:3,%22dn%22:3,%22dne%22:3,%22c%22:3,%22ce%22:3,%22rq%22:92,%22rp%22:257,%22rpe%22:263,%22dl%22:261,%22di%22:351,%22ds%22:351,%22de%22:351,%22dc%22:722,%22l%22:722,%22le%22:723%7D,%22navigation%22:%7B%7D%7D&ja=%7B%22PlayerVersion%22:%222%22,%22userAgentOSVersion%22:%2210%22%7D&jsonp=NREUM.setToken
Requested by
Host: cdn.qumucloud.com
URL: https://cdn.qumucloud.com/nr-spa-1208.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcD12iA6FWAnjFTjTFK1Ssjg0VNRKQ%2FNRIianO6nUO89QS3Ul0fRipPbLhEqDId%2B4coOsEzbIdOkNxCQPkbJQVR6hBb7PTao9M%2Fhn9bngGnky0TFDGXn5kG69ZO6qdqpHs0qwSez3M6q"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=ISO-8859-1
cf-ray
679bcba138aa402b-CDG
expires
Thu, 01 Jan 1970 00:00:00 GMT
245c3146b4
analytics.qumucloud.com/ins/1/ Frame 1AFD 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.qumucloud.com/ins/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1007&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLQETjKW0U0AvluXK7ppwmNt8GfmVQnna5iEtxMUmS4KKe5yQ06ys129p4KKxWqiaT%2BlGSIOgoxW5GfrR%2F1EVLSsvKkSTTdl0lRMi730eCnTJGKVM4ZgW6MX2g9zRcvTmGJXlsfmlrHe"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://kp.qumucloud.com
access-control-allow-credentials
true
cf-ray
679bcba24985402b-CDG
245c3146b4
analytics.qumucloud.com/ins/1/ Frame E2CF 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.qumucloud.com/ins/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1008&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f
Requested by
Host: kp.qumucloud.com
URL: https://kp.qumucloud.com/view/Wk7iASvP16f?autoplay=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kp.qumucloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 05 Aug 2021 00:09:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5zUG8Gw6YmqUJ7%2B4Xx6Eg%2BZSCw%2FTyqFbe%2BxCnmx%2B4OiGafqlYo3%2FBRUeGdJqBvNuX82T%2BOlRNhLLBzTn0giUoxX3X%2FZ4bngcAo5jtjfzF2aMEvl3dqJf868U6VtotoOxArAxfndZYQO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://kp.qumucloud.com
access-control-allow-credentials
true
cf-ray
679bcba2498b402b-CDG
chathoop
explorekp.secure.force.com/KPIF/services/apexrest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://explorekp.secure.force.com/KPIF/services/apexrest/chathoop?buttonId=5733h000000DN11
Protocol
HTTP/1.1
Server
13.110.38.200 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-phx3.na111-ph2.force.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.yourkpplan.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 05 Aug 2021 00:09:14 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Access-Control-Allow-Origin
https://www.yourkpplan.org
Access-Control-Allow-Methods
HEAD, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
X-SFDC-Request-Id,content-type
Transfer-Encoding
chunked
chathoop
explorekp.secure.force.com/KPIF/services/apexrest/ 		4 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://explorekp.secure.force.com/KPIF/services/apexrest/chathoop?buttonId=5733h000000DN11
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.38.200 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-phx3.na111-ph2.force.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 05 Aug 2021 00:09:14 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Transfer-Encoding
chunked
Access-Control-Allow-Methods
HEAD, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.yourkpplan.org
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Access-Control-Allow-Credentials
false
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536004; includeSubDomains
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
piwik.js
dbs-analytics.sourceflowsales.com/js/ 		328 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dbs-analytics.sourceflowsales.com/js/piwik.js
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-203-118.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b25dbd3d4a10380d977109869927ea351140040d42cdf60af3e1130d7019c5d2

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:14 GMT
content-encoding
gzip
last-modified
Mon, 20 Aug 2018 05:12:25 GMT
server
nginx
etag
W/"5b7a4db9-51feb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
245c3146b4
analytics.qumucloud.com/events/1/ Frame 1AFD 		0
0
245c3146b4
analytics.qumucloud.com/jserrors/1/ Frame 1AFD 		0
0
245c3146b4
analytics.qumucloud.com/events/1/ Frame E2CF 		0
0
245c3146b4
analytics.qumucloud.com/jserrors/1/ Frame E2CF 		0
0
init
www.yourkpplan.org/api/ 		1 KB
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/api/init
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/js/app.min.js?v=2021.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
33fc73dc628e91f7a6801de3aeaf806e8c6e15ddd7128f92bc812432ef3e3b69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.yourkpplan.org
Accept-Encoding
gzip, deflate, br
X-CSRF-Token
pFKH-L8klxPLwJxd6mOGzkkTRvOsq2anFsIvwnMGWV7sBsGO_BXvRb-S9jrcCdWGE1UAxs_dN8EgkV2rO0o9GQ==
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Content-Length
52
Pragma
no-cache
Host
www.yourkpplan.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
X-CSRF-Token
pFKH-L8klxPLwJxd6mOGzkkTRvOsq2anFsIvwnMGWV7sBsGO_BXvRb-S9jrcCdWGE1UAxs_dN8EgkV2rO0o9GQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 00:09:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000;
Content-Type
application/json; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Gotham-Medium.woff
www.yourkpplan.org/sites/kp/dist/assets/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/sites/kp/dist/assets/fonts/Gotham-Medium.woff
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
777395e7a3c9af151315c6b5189d2b44fb352431418fefe995ad9b564cae6be5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.yourkpplan.org
Accept-Encoding
gzip, deflate, br
Host
www.yourkpplan.org
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Origin
https://www.yourkpplan.org
Referer
https://www.yourkpplan.org/sites/kp/dist/assets/css/app.min.css?2021.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 00:09:13 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 01 Nov 2020 07:21:59 GMT
Server
nginx
ETag
"5f9e6217-5ca4"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Strict-Transport-Security
max-age=63072000;
Accept-Ranges
bytes
Content-Length
23716
X-Xss-Protection
1; mode=block
counties
www.yourkpplan.org/api/ 		622 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yourkpplan.org/api/counties
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/sites/kp/dist/assets/js/app.min.js?v=2021.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.25.115.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-115-59.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7d17e5bfdb248e7c07619b3d97a2adaddc3ce444214f7f6125ad6b7393341760
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.yourkpplan.org
Accept-Encoding
gzip, deflate, br
X-CSRF-Token
pFKH-L8klxPLwJxd6mOGzkkTRvOsq2anFsIvwnMGWV7sBsGO_BXvRb-S9jrcCdWGE1UAxs_dN8EgkV2rO0o9GQ==
Accept-Language
en-US
Sec-Fetch-Dest
empty
Cookie
APPSESSID=fvokr07kvnk2jjjrer6541nq42; urlCode=4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT; _lang=5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D; _csrf=fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
Connection
keep-alive
Content-Length
2141
Pragma
no-cache
Host
www.yourkpplan.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Sec-Fetch-Site
same-origin
Accept
application/json, text/plain, */*
Referer
https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
X-CSRF-Token
pFKH-L8klxPLwJxd6mOGzkkTRvOsq2anFsIvwnMGWV7sBsGO_BXvRb-S9jrcCdWGE1UAxs_dN8EgkV2rO0o9GQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 05 Aug 2021 00:09:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000;
Content-Type
application/json; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
piwik.php
dbs-analytics.sourceflowsales.com/ 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbs-analytics.sourceflowsales.com/piwik.php?action_name=Marketing%20Microsite&idsite=1&rec=1&r=386802&h=2&m=9&s=14&url=https%3A%2F%2Fwww.yourkpplan.org%2F4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT%23%2Fquote&_id=7df99017fc056b10&_idts=1628122155&_idvc=1&_idn=0&_refts=0&_viewts=1628122155&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22purl_id%22%2C%227447531%22%5D%2C%222%22%3A%5B%22market%22%2C%22CA%22%5D%2C%223%22%3A%5B%22campaign%22%2C%22233050%22%5D%2C%224%22%3A%5B%22agent%22%2C%22%22%5D%2C%225%22%3A%5B%22type%22%2C%22Web%20Purchase%20Lead%20Microsite%22%5D%7D&_cvar=%7B%221%22%3A%5B%22purl_id%22%2C%227447531%22%5D%7D&gt_ms=485&pv_id=w90wox
Requested by
Host: www.yourkpplan.org
URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-203-118.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 00:09:14 GMT
content-type
image/gif
server
nginx
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:26:41 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 19 Apr 2021 22:40:54 GMT
Age
2553
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
1264
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:26:41 GMT
esw.min.css
service.force.com/embeddedservice/5.0/ 		8 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:28:58 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Age
2416
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
3946
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:28:58 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:26:24 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 28 Apr 2021 04:42:26 GMT
Age
2570
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
5701
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:26:24 GMT
Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 3A8A 		194 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
service.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.yourkpplan.org/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yourkpplan.org/

Response headers

Date
Thu, 05 Aug 2021 00:09:16 GMT
Set-Cookie
CookieConsentPolicy=0:0; domain=service.force.com; path=/; expires=Fri, 05-Aug-2022 00:09:16 GMT; Max-Age=31536000 BrowserId=Xz1vr_WBEeuIPAPfkve4yQ; domain=.force.com; path=/; expires=Fri, 05-Aug-2022 00:09:16 GMT; Max-Age=31536000 BrowserId_sec=Xz1vr_WBEeuIPAPfkve4yQ; domain=.force.com; path=/; expires=Fri, 05-Aug-2022 00:09:16 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
public,max-age=86400
Expires
Fri, 06 Aug 2021 00:09:16 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Content-Type
text/html;charset=UTF-8
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
eswFrame.min.js
service.force.com/embeddedservice/5.0/ Frame 3A8A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:26:25 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 04 Mar 2021 00:36:08 GMT
Age
2571
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
1804
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:26:25 GMT
session.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 3A8A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:26:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Mar 2021 18:51:46 GMT
Age
2553
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
768
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:26:43 GMT
broadcast.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 3A8A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:26:48 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 18 Feb 2021 00:07:24 GMT
Age
2548
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
779
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:26:48 GMT
chasitor.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 3A8A 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 22 Mar 2021 16:55:48 GMT
Age
3355
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
4989
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:13:21 GMT
EmbeddedServiceConfig.jsonp
d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la4-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D3h000002B4lb&EmbeddedServiceConfig.configName=KPIF_93708&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.37.212 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-phx3.la4-c2-ph2.salesforceliveagent.com
Software
/
Resource Hash
16a0ad3bd7d508a5183d0db0e4ff51ee29c05bf7a1fa4330c47d30b161ab1686
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yourkpplan.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:12:45 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 15 Apr 2021 16:21:22 GMT
Age
3391
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
4477
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:12:45 GMT
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Origin
https://www.yourkpplan.org
Referer
https://service.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/octet-stream
filetransfer.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 3A8A 		473 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.8.44 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr4.um2-lo3.force.com
Software
/
Resource Hash
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 23:13:03 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Age
3373
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
Content-Length
231
X-XSS-Protection
1; mode=block
Expires
Thu, 05 Aug 2021 23:13:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.qumucloud.com
URL
https://analytics.qumucloud.com/events/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1385&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f
Domain
analytics.qumucloud.com
URL
https://analytics.qumucloud.com/jserrors/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1386&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f
Domain
analytics.qumucloud.com
URL
https://analytics.qumucloud.com/events/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1385&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f
Domain
analytics.qumucloud.com
URL
https://analytics.qumucloud.com/jserrors/1/245c3146b4?a=286477547&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=1385&ck=1&ref=https://kp.qumucloud.com/view/Wk7iASvP16f

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| urlCode string| langCode object| fixto function| _ function| moment function| $ function| jQuery object| jQuery1124008601074212220139 function| Spinner object| angular function| require function| jQuery_dbs object| GLANCE object| embedded_svc string| buttonId object| xhttp number| vopen function| togglevis object| _paq object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log

6 Cookies

Domain/Path Name / Value
www.yourkpplan.org/ Name: _pk_id.1.3771
Value: 7df99017fc056b10.1628122155.1.1628122155.1628122155.
www.yourkpplan.org/ Name: _lang
Value: 5b279ad2b22f9116b0c682dde695f3799b4d1b281d39f631555229ea68958efba%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_lang%22%3Bi%3A1%3Bs%3A2%3A%22en%22%3B%7D
www.yourkpplan.org/ Name: _pk_ses.1.3771
Value: *
www.yourkpplan.org/ Name: urlCode
Value: 4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT
www.yourkpplan.org/ Name: _csrf
Value: fcc2f1391869a8b18d613f70cd8e807aa116d4d49e94e44a28c69ae54a1e0835a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22HTFvC1xVtRjg6jSHZFF5cvQf6SriHLdG%22%3B%7D
www.yourkpplan.org/ Name: APPSESSID
Value: fvokr07kvnk2jjjrer6541nq42

4 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js(Line 97)
Message:
Kollective SDK v1.1.0
console-api log URL: https://cdn.qumucloud.com/origin/public/kp.qumucloud.com/staticcontent/430/client/application/player-v2.js(Line 97)
Message:
Kollective SDK v1.1.0
console-api error URL: https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21375&site=production(Line 35)
Message:
ERR_COBROWSE_NOT_SUPP
console-api log URL: https://www.yourkpplan.org/4HLKKWCP6DHKDV8YZZY8CTTENJHBG9QT(Line 1068)
Message:
true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.qumucloud.com
cdn.qumucloud.com
d.la4-c2-ph2.salesforceliveagent.com
dbs-analytics.sourceflowsales.com
explorekp.secure.force.com
inbox.healthcare-coverage.kp.org
kp.qumucloud.com
s3.amazonaws.com
service.force.com
www.glancecdn.net
www.yourkpplan.org
yourkpplan.org
analytics.qumucloud.com
104.17.202.85
13.110.37.212
13.110.38.200
161.71.8.44
167.89.118.52
44.236.203.118
52.217.11.54
52.25.115.59
52.3.49.79
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
09141d56e66614621aba49a00db221e2199e4b76b08dbd9fc50f5248fc12a513
0c931d2b034269d829913ac1ebab2336d9ce233781decc27d8473dce831dea78
0f480804b0fc282409817aa01da3ea0a8eb2619637a7816c7dc5afe983d08763
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0
16a0ad3bd7d508a5183d0db0e4ff51ee29c05bf7a1fa4330c47d30b161ab1686
21299cb5fc052c970acd743e5f402bf7cc6bb65ba15af127824680841d60546a
231eaa50571ae9992e33c5acaf5eb4f2aceeb8b50339ad5888f1197e30ff2a1b
27611fad3c4b4c0b6100038f5039d424d0514b0b650f98ea3062f6c0fa92df19
29172437423729b407768e7522483a6b696b9ae40e5d9c8f253d76eb13fa89a2
33fc73dc628e91f7a6801de3aeaf806e8c6e15ddd7128f92bc812432ef3e3b69
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
39a2f923f8b5567fa276a80b5cb5ebbec1f2986eddbef0e059b09e5b284b3848
4fefa4caa308bb70dfcbf2437f97d9df3f4130a65158ea172c974056b43f4532
5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
610942fedcc6e61287a3a7fe2224a21598bb5af7c96e812e0f583cc9b1182e9e
62abfa3afc73349f1be1456e1efd7928009ad5df059947b9f11be7d19e0ada8b
6bcf084ca494c57d4efdd83fde0050c4fd2f51c5a7aded2713bdfe7e00c508d0
777395e7a3c9af151315c6b5189d2b44fb352431418fefe995ad9b564cae6be5
7d17e5bfdb248e7c07619b3d97a2adaddc3ce444214f7f6125ad6b7393341760
8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b
90ed5d4a0a62c2836aaf9e399dfaf68c7b370f9256874f1d8e5502272e22ca30
98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82
aba77af88c8b701c1851112ed8f0a16abe49656afb5b636c7fc641cba8d1b91d
b25dbd3d4a10380d977109869927ea351140040d42cdf60af3e1130d7019c5d2
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b950f17e4ad086215123269f34fec3db9e947541a4359516f7b5a6e6fdf8a65b
c7343d91144b9629c30f066e7fe3cebd4089a6d8c18d0fdab1b812d782cd4e5f
cdf5869d67369f9cfb3bcb624ca963f08646661018ef1337c8605b4aec26d9ac
d6efd03844b9edbba5d22286e8b2f1f73004f2f5700dd6135deebd4249898aa2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52bfa31a53e1ebb754935fbacfab8085903eb7b0c94107202021ff18b523b0f
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef9f171cfae1b102b0d5e35e241a2beabd572d1cd27ec708bd021bd46e51e32a
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
f76c2aed837deb6ab5069475e5adedd607f88824f83edf9f775d11dca369b6eb
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790