urlscan.io logo urlscan.io
SecurityTrails logo

www.sonomanews.com Open in urlscan Pro
107.154.114.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more
Effective URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Submission: On August 08 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 11 countries across 90 domains to perform 482 HTTP transactions. The main IP is 107.154.114.220, located in United States and belongs to INCAPSULA, US. The main domain is www.sonomanews.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 18th 2019. Valid for: 2 years.
This is the only time www.sonomanews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 7 107.154.114.220 19551 (INCAPSULA)
7 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
23 192.237.253.150 19994 (RACKSPACE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2606:2800:233... 15133 (EDGECAST)
1 44.232.216.209 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
19 13.224.96.31 16509 (AMAZON-02)
2 184.30.24.121 16625 (AKAMAI-AS)
1 13.224.96.80 16509 (AMAZON-02)
7 192.237.183.80 19994 (RACKSPACE)
3 23.47.209.80 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
22 142.250.184.226 15169 (GOOGLE)
10 13.224.90.44 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2.18.235.40 16625 (AKAMAI-AS)
1 52.160.40.218 8075 (MICROSOFT...)
17 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 151.101.193.26 54113 (FASTLY)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 52.22.56.164 14618 (AMAZON-AES)
8 18.214.172.53 14618 (AMAZON-AES)
1 104.26.5.15 13335 (CLOUDFLAR...)
1 199.232.196.134 54113 (FASTLY)
2 34.199.28.94 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.89.182 16509 (AMAZON-02)
1 52.216.152.116 16509 (AMAZON-02)
3 2600:9000:219... 16509 (AMAZON-02)
1 151.101.0.134 54113 (FASTLY)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2a04:4e42:3::485 54113 (FASTLY)
2 3 2620:116:800d... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2.16.107.122 20940 (AKAMAI-ASN1)
7 2606:4700::68... 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
29 2600:9000:205... 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
4 13.85.16.224 8075 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2600:1f18:44f... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.208 8075 (MICROSOFT...)
3 3.226.102.122 14618 (AMAZON-AES)
1 13.82.152.48 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.14.137 54113 (FASTLY)
6 3.208.219.24 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:b60... 20940 (AKAMAI-ASN1)
3 18.232.230.29 14618 (AMAZON-AES)
21 2.16.186.146 20940 (AKAMAI-ASN1)
6 54.172.246.227 14618 (AMAZON-AES)
1 3.224.226.7 14618 (AMAZON-AES)
1 18.159.140.98 16509 (AMAZON-02)
3 2.18.233.180 16625 (AKAMAI-AS)
2 6 2.18.234.21 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 7 34.98.64.218 15169 (GOOGLE)
6 18.195.75.70 16509 (AMAZON-02)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 213.19.147.42 26120 (RHYTHMONE)
2 185.64.190.78 62713 (AS-PUBMATIC)
9 10 142.250.185.130 15169 (GOOGLE)
1 2 209.54.178.82 16509 (AMAZON-02)
3 5 13.248.242.197 16509 (AMAZON-02)
1 34.240.223.28 16509 (AMAZON-02)
3 4 54.93.69.146 16509 (AMAZON-02)
1 1 18.210.180.232 14618 (AMAZON-AES)
2 3 3.126.56.137 16509 (AMAZON-02)
1 44.194.158.136 14618 (AMAZON-AES)
1 69.173.144.138 26667 (RUBICONPR...)
10 2a00:1450:400... 15169 (GOOGLE)
7 216.58.212.162 15169 (GOOGLE)
5 6 37.157.2.235 198622 (ADFORM)
2 2 213.155.156.166 1299 (TELIANET ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
13 185.64.189.110 62713 (AS-PUBMATIC)
2 3 54.246.13.173 16509 (AMAZON-02)
1 1 162.55.6.213 24940 (HETZNER-AS)
3 3 213.19.147.45 3356 (LEVEL3)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 94.23.171.206 16276 (OVH)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 38.91.45.7 398989 (DEEPINTENT)
3 3 185.29.135.234 30419 (MEDIAMATH...)
3 185.64.189.114 62713 (AS-PUBMATIC)
2 2 51.210.112.236 16276 (OVH)
2 2 34.253.109.165 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.253.128.183 36351 (SOFTLAYER)
2 2 185.33.220.243 29990 (ASN-APPNEX)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 51.255.68.171 16276 (OVH)
1 1 2001:678:cb4:... 56396 (TURN)
2 2 151.101.14.49 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 34.98.107.212 15169 (GOOGLE)
2 2 185.33.221.53 29990 (ASN-APPNEX)
1 1 52.208.41.69 16509 (AMAZON-02)
482 102
7    107.154.114.220 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.220.ip.incapdns.net
www.sonomanews.com
7    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
23    192.237.253.150 (United States)

ASN19994 (RACKSPACE, US)
code.sonomanews.com
img.sonomanews.com
code.pressdemocrat.com
api.pressdemocrat.com
feeds.sonomanews.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
14    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.cityspark.com
cdn.sbgsodufuosmmvsdf.info
az416426.vo.msecnd.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
cdn.czx5eyk0exbhwp43ya.biz
1    44.232.216.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-216-209.us-west-2.compute.amazonaws.com
prod.ew.srp.navigacloud.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
19    13.224.96.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-31.zrh50.r.cloudfront.net
imengine.prod.srp.navigacloud.com
2    184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
1    13.224.96.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-80.zrh50.r.cloudfront.net
nextdoor.com
7    192.237.183.80 (United States)

ASN19994 (RACKSPACE, US)
privacy.sonomanews.com
newsletter.sonomanews.com
3    23.47.209.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-80.deploy.static.akamaitechnologies.com
s.ntv.io
2    2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)
tru.am
22    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
10    13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:2190:4c00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
17    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
www.gravatar.com
2    151.101.193.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
15    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    52.22.56.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-56-164.compute-1.amazonaws.com
www.i.matheranalytics.com
8    18.214.172.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-172-53.compute-1.amazonaws.com
jadserve.postrelease.com
1    104.26.5.15 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
sonoma-index-tribune.disqus.com
2    34.199.28.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-28-94.compute-1.amazonaws.com
ping.chartbeat.net
1    2606:4700:20::ac43:4af5 (United States)

ASN13335 (CLOUDFLARENET, US)
beacon.tru.am
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.89.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-182.zrh50.r.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
1    52.216.152.116 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
3    2600:9000:2190:a800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
1    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
11    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
15    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
4    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
2    2.16.107.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-122.deploy.static.akamaitechnologies.com
ntvcld-a.akamaihd.net
7    2606:4700::6810:d735 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.adventive.com
21    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
29    2600:9000:2057:3800:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
7    2606:4700::6812:1640 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.adventivecdn.com
4    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-smi-proxy-connext.azurewebsites.net
2    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
5    2600:1f18:44f0:4864:9fd9:9aa3:29d1:ddae (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    13.69.106.208 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
3    3.226.102.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-102-122.compute-1.amazonaws.com
i.viafoura.co
1    13.82.152.48 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prodmg2.blob.core.windows.net
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
2    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.ex.co
6    3.208.219.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-219-24.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:b600:188::2c79 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    18.232.230.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-230-29.compute-1.amazonaws.com
atrack.avplayer.com
21    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
mcd.ex.co
6    54.172.246.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    3.224.226.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
premiumsrv.aniview.com
1    18.159.140.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
6    18.195.75.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-server.rubiconproject.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
2    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    34.240.223.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
4    54.93.69.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    18.210.180.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    44.194.158.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
10    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
pubads.g.doubleclick.net
6    37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
13    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    54.246.13.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu
pixel.onaudience.com
2    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
dsp.nrich.ai
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
2    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    52.208.41.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
43 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
207 KB
35 googlesyndication.com
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
397 KB
33 sonomanews.com
www.sonomanews.com
code.sonomanews.com
img.sonomanews.com
privacy.sonomanews.com
feeds.sonomanews.com
newsletter.sonomanews.com
183 KB
30 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
46 KB
29 ex.co
player.ex.co
prd-collector-anon.ex.co
mcd.ex.co
2 MB
29 viafoura.net
cdn.viafoura.net
414 KB
20 navigacloud.com
prod.ew.srp.navigacloud.com
imengine.prod.srp.navigacloud.com
932 KB
19 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
2 MB
17 gravatar.com
www.gravatar.com
56 KB
15 google-analytics.com
www.google-analytics.com
77 KB
15 gstatic.com
fonts.gstatic.com
275 KB
14 2mdn.net
s0.2mdn.net
243 KB
12 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
40 KB
10 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
prebid-server.rubiconproject.com
token.rubiconproject.com
13 KB
10 aniview.com
player.aniview.com
track1.aniview.com
premiumsrv.aniview.com
sync.aniview.com
191 KB
10 google.com
adservice.google.com
www.google.com
2 KB
10 cloudflare.com
cdnjs.cloudflare.com
136 KB
8 viafoura.co
api.viafoura.co
i.viafoura.co
7 KB
8 postrelease.com
jadserve.postrelease.com
9 KB
8 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
42 KB
8 azureedge.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
csp.azureedge.net
267 KB
7 openx.net
playbuzzltd-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
7 adventivecdn.com
assets.adventivecdn.com
162 KB
7 googletagservices.com
www.googletagservices.com
253 KB
7 adventive.com
ads.adventive.com
100 KB
6 adform.net
c1.adform.net
3 KB
6 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
7 KB
5 adsrvr.org
match.adsrvr.org
2 KB
4 adnxs.com
ib.adnxs.com
secure.adnxs.com
4 KB
4 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
3 KB
4 bidswitch.net
x.bidswitch.net
1 KB
4 1rx.io
tag.1rx.io
sync.1rx.io
2 KB
4 avplayer.com
player.avplayer.com
atrack.avplayer.com
71 KB
4 azurewebsites.net
prod-smi-proxy-connext.azurewebsites.net
2 KB
4 pressdemocrat.com
code.pressdemocrat.com
api.pressdemocrat.com
9 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 google.dk
adservice.google.dk
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 disquscdn.com
c.disquscdn.com
238 KB
3 ayc0zsm69431gfebd.xyz
cdn.ayc0zsm69431gfebd.xyz
451 KB
3 moatads.com
z.moatads.com
s-jsonp.moatads.com
57 KB
3 tru.am
tru.am
beacon.tru.am
12 KB
3 ntv.io
s.ntv.io
111 KB
3 googletagmanager.com
www.googletagmanager.com
121 KB
2 everesttech.net
sync-tm.everesttech.net
746 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
903 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 onaudience.com
pixel.onaudience.com
883 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 visualstudio.com
dc.services.visualstudio.com
533 B
2 createjs.com
code.createjs.com
125 KB
2 akamaihd.net
ntvcld-a.akamaihd.net
250 KB
2 chartbeat.net
ping.chartbeat.net
401 B
2 disqus.com
sonoma-index-tribune.disqus.com
disqus.com
37 KB
2 czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz
12 KB
2 polyfill.io
polyfill.io
776 B
2 msecnd.net
az416426.vo.msecnd.net
44 KB
2 sbgsodufuosmmvsdf.info
cdn.sbgsodufuosmmvsdf.info
3 KB
2 cityspark.com
cdn.cityspark.com
p.cityspark.com
7 KB
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
487 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 nrich.ai
dsp.nrich.ai
489 B
1 simpli.fi
um.simpli.fi
611 B
1 deepintent.com
match.deepintent.com
44 B
1 contextweb.com
bh.contextweb.com
462 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
326 B
1 ad4m.at
ad4m.at
974 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
212 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
338 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
379 B
1 demdex.net
dpm.demdex.net
1 advertising.com
pixel.advertising.com
1 windows.net
prodmg2.blob.core.windows.net
65 KB
1 jsdelivr.net
cdn.jsdelivr.net
37 KB
1 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
1 KB
1 cloudfront.net
d1wa9546y9kg0n.cloudfront.net
7 KB
1 db-ip.com
api-mg2.db-ip.com
881 B
1 addthisedge.com
v1.addthisedge.com
325 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 nextdoor.com
nextdoor.com
778 B
1 addthis.com
s7.addthis.com
114 KB
482 90
Domain Requested by
29 cdn.viafoura.net ajax.googleapis.com
cdn.viafoura.net
21 mcd.ex.co az416426.vo.msecnd.net
21 tpc.googlesyndication.com 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
www.sonomanews.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
21 securepubads.g.doubleclick.net code.sonomanews.com
securepubads.g.doubleclick.net
az416426.vo.msecnd.net
www.sonomanews.com
www.googletagservices.com
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
19 imengine.prod.srp.navigacloud.com www.sonomanews.com
17 www.gravatar.com www.sonomanews.com
17 code.sonomanews.com www.sonomanews.com
code.sonomanews.com
15 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.sonomanews.com
az416426.vo.msecnd.net
15 fonts.gstatic.com fonts.googleapis.com
14 s0.2mdn.net 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
code.createjs.com
imasdk.googleapis.com
13 simage2.pubmatic.com ads.pubmatic.com
10 imasdk.googleapis.com player.aniview.com
10 cm.g.doubleclick.net 9 redirects u.openx.net
10 pagead2.googlesyndication.com az416426.vo.msecnd.net
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
10 c.amazon-adsystem.com code.sonomanews.com
c.amazon-adsystem.com
az416426.vo.msecnd.net
10 cdnjs.cloudflare.com www.sonomanews.com
cdnjs.cloudflare.com
ajax.googleapis.com
newsletter.sonomanews.com
ads.adventive.com
8 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
8 jadserve.postrelease.com s.ntv.io
www.sonomanews.com
7 image2.pubmatic.com ads.pubmatic.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 assets.adventivecdn.com srcdoc
7 www.googletagservices.com securepubads.g.doubleclick.net
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
7 ads.adventive.com securepubads.g.doubleclick.net
ads.adventive.com
www.sonomanews.com
srcdoc
7 fonts.googleapis.com www.sonomanews.com
csp.azureedge.net
newsletter.sonomanews.com
tpc.googlesyndication.com
7 www.sonomanews.com 3 redirects www.sonomanews.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 prebid-server.rubiconproject.com az416426.vo.msecnd.net
6 track1.aniview.com az416426.vo.msecnd.net
6 prd-collector-anon.ex.co player.ex.co
az416426.vo.msecnd.net
6 www.i.matheranalytics.com www.sonomanews.com
5 match.adsrvr.org 3 redirects ssum.casalemedia.com
u.openx.net
5 api.viafoura.co az416426.vo.msecnd.net
5 newsletter.sonomanews.com ajax.googleapis.com
newsletter.sonomanews.com
4 x.bidswitch.net 3 redirects ssum.casalemedia.com
4 prod-smi-proxy-connext.azurewebsites.net cdn.ayc0zsm69431gfebd.xyz
4 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 csp.azureedge.net cdn.cityspark.com
csp.azureedge.net
3 sync.mathtag.com 3 redirects
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 2 redirects ssum.casalemedia.com
3 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
3 ads.pubmatic.com player.aniview.com
ads.pubmatic.com
3 atrack.avplayer.com
3 i.viafoura.co cdn.viafoura.net
3 adservice.google.dk securepubads.g.doubleclick.net
3 pixel.quantserve.com 2 redirects cdn.cityspark.com
3 c.disquscdn.com sonoma-index-tribune.disqus.com
3 cdn.ayc0zsm69431gfebd.xyz loader-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
3 stats.g.doubleclick.net www.google-analytics.com
3 code.pressdemocrat.com ajax.googleapis.com
newsletter.sonomanews.com
3 s.ntv.io www.sonomanews.com
s.ntv.io
3 www.googletagmanager.com www.sonomanews.com
g2insights-cdn.azureedge.net
newsletter.sonomanews.com
2 us-u.openx.net u.openx.net
2 eu-u.openx.net u.openx.net
2 secure.adnxs.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ib.adnxs.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 u.openx.net 1 redirects player.aniview.com
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 image6.pubmatic.com ads.pubmatic.com
2 tag.1rx.io az416426.vo.msecnd.net
2 hbopenbid.pubmatic.com az416426.vo.msecnd.net
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 player.aniview.com player.ex.co
player.aniview.com
2 player.ex.co www.sonomanews.com
player.ex.co
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 googleads.g.doubleclick.net 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
2 code.createjs.com s0.2mdn.net
2 ntvcld-a.akamaihd.net www.sonomanews.com
2 ping.chartbeat.net www.sonomanews.com
2 cdn.czx5eyk0exbhwp43ya.biz cdn.ayc0zsm69431gfebd.xyz
2 polyfill.io loader-cdn.azureedge.net
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
2 z.moatads.com s7.addthis.com
s.ntv.io
2 cdn.sbgsodufuosmmvsdf.info ajax.googleapis.com
2 js.matheranalytics.com 1 redirects www.sonomanews.com
2 tru.am www.sonomanews.com
tru.am
2 privacy.sonomanews.com www.sonomanews.com
ajax.googleapis.com
2 loader-cdn.azureedge.net www.sonomanews.com
newsletter.sonomanews.com
2 ajax.googleapis.com www.sonomanews.com
newsletter.sonomanews.com
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 bh.contextweb.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 sync.aniview.com ssum.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 dpm.demdex.net ssum.casalemedia.com
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 playbuzzltd-d.openx.net az416426.vo.msecnd.net
1 secure-assets.rubiconproject.com 1 redirects
1 pixel.advertising.com player.aniview.com
1 premiumsrv.aniview.com az416426.vo.msecnd.net
1 player.avplayer.com player.ex.co
1 prodmg2.blob.core.windows.net www.sonomanews.com
1 s-jsonp.moatads.com www.sonomanews.com
1 cdn.jsdelivr.net cdn.cityspark.com
1 disqus.com sonoma-index-tribune.disqus.com
1 paywall-ad-bucket.s3.amazonaws.com www.sonomanews.com
1 d1wa9546y9kg0n.cloudfront.net cdn.ayc0zsm69431gfebd.xyz
1 beacon.tru.am tru.am
1 sonoma-index-tribune.disqus.com code.sonomanews.com
1 feeds.sonomanews.com ajax.googleapis.com
1 api.pressdemocrat.com ajax.googleapis.com
1 api-mg2.db-ip.com fp-cdn.azureedge.net
1 v1.addthisedge.com s7.addthis.com
1 g2insights-cdn.azureedge.net loader-cdn.azureedge.net
1 fp-cdn.azureedge.net loader-cdn.azureedge.net
1 p.cityspark.com cdn.cityspark.com
1 static.chartbeat.com www.sonomanews.com
1 cdn.cityspark.com www.sonomanews.com
1 nextdoor.com www.sonomanews.com
1 s7.addthis.com www.sonomanews.com
1 img.sonomanews.com www.sonomanews.com
1 prod.ew.srp.navigacloud.com www.sonomanews.com
482 141
Subject Issuer Validity Valid
pressdemocrat.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-18 -
2021-09-15		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
sni22a5dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-03 -
2021-11-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
imengine.stage.srp.navigacloud.com
Amazon		 2020-10-23 -
2021-11-22		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
nextdoor.com
Amazon		 2021-04-29 -
2022-05-28		 a year crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-19 -
2021-11-22		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-19		 a year crt.sh
sni22a5egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-03 -
2021-11-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.cityspark.com
Go Daddy Secure Certificate Authority - G2		 2020-02-13 -
2022-04-13		 2 years crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
sni1ad09gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-12-01		 2 years crt.sh
sni1ad03gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-12-01		 2 years crt.sh
sni9642gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-20 -
2022-03-22		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
snibe7egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-03-31		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
a.disquscdn.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.azureedge.net
DigiCert SHA2 Secure Server CA		 2020-11-21 -
2021-11-30		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.google.dk
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
adventive.com
Cloudflare Inc ECC CA-3		 2021-06-03 -
2022-06-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
viafoura.com
Amazon		 2020-11-05 -
2021-12-05		 a year crt.sh
adventivecdn.com
Cloudflare Inc ECC CA-3		 2021-06-09 -
2022-06-08		 a year crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01		 2020-09-28 -
2021-09-28		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2021-07-22 -
2022-07-22		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2021-05-17 -
2022-05-17		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2020-12-27 -
2022-01-28		 a year crt.sh
outstreamedia.com
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-07-26 -
2022-01-19		 6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh

This page contains 53 frames:

Primary Page: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Frame ID: 781067B67543CF47BAE82446C4511949
Requests: 280 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 9D0AC9A1FEAC515FFF280D809EBF707F
Requests: 12 HTTP requests in this frame

Frame: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0FEFB156B43E9B1732634D8DED221F3D
Requests: 1 HTTP requests in this frame

Frame: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Frame ID: 08AE9D112A17099D302283646B78EF50
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm4wXoerAwK_GyXyB0o5CLJEylq_lrrIsYqCXphuOTUBDkjcyolFYu1unfaA7qTFanWlJiwrxZR9jljieRYHQjFKApQ8XDOp4WAxvSQCIG3TzF8766yjpHVUT3zLxvGvYb36QvV8siipPTj1vO2wLTkevp2LzIk4UL38s3oXKhD3UrRPy7-ISNTauSyb9v5tLlsrF-D5bcCDHbbNZ0JaFob3JVl7zcgadHaeWzwMauNe1_IzzhYJoVy_dyu7mEJSNZ-yxkQ0RcqfmdVAOD62mW-Q9aAymeWkLao2ssne3c6yA-mfBLvWQ2Cxxi-IAbu55Os6egkfNg9P8g&sai=AMfl-YQP7jPHYKosG-VDZx0aLjk5kjFr_pIzsOGBXRxhnEBz7RjOZALB5KzcHxmeQo3kmZHQaZ0-nAicsumE_kXYKW_G74gB0uOSRhXR62UVHshp02XEIbTxCRpDQ7cJtSo&sig=Cg0ArKJSzGRq4LLaTZ_nEAE&urlfix=1&adurl=
Frame ID: 728816DBE3185001E14F76637C5AF059
Requests: 7 HTTP requests in this frame

Frame: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 758CE158D4ED24E5756D38F2EF4235C7
Requests: 7 HTTP requests in this frame

Frame: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D728135802480A8694BE21E91CEE1ADF
Requests: 8 HTTP requests in this frame

Frame: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FEAD64527BD60909AC976C347D4A75E9
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Frame ID: 1FE5777A22DE9E2FB0B9E3C845E67F8C
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Frame ID: 56EEB785A20D6513C85DE33CD47FD720
Requests: 15 HTTP requests in this frame

Frame: https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=970/164/dda7b6f9-3d49-41da-b63c-33d8870f49d2
Frame ID: 2CE8ECF31F7CDC2978ED413D6A04AAEB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3D531937960B21322231B8EBD0D2D12E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Frame ID: CAEBD6BE47D97D973548EB77D9488048
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 39C9B2F916961E6D0CC1D6A88F006A65
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9CCDF8B00805CA915A4A35BF061811C6
Requests: 1 HTTP requests in this frame

Frame: https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=970/164/dda7b6f9-3d49-41da-b63c-33d8870f49d2
Frame ID: CE793FA0BC99D3C8DADB2890125DF81B
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8-ytyjW9ld62fqD3OUdyolwX7PF36eAouMjwBQBfBPJcg22Ap54f7nMxbLSN25Lzsjkne8Ijl6rIsHVCUEw6_03LogSKja-sKFJ97RuaOZmjRrhC3P3aSqp70r9usTkKBFtIHof9MHrZNWM_S41av1sGRDEJaIN-S824cRP13jQ1nFa6CT7AIzkZgOhyZo4wKcvhX3QbZ4xTWnRX3hj502JNuB3Y7cPIcHe9-viNQvSrG5mEigODmK5kU6gJU4QMDdaeRyaQ4lR3lXiDTBnyQpgz0yTiLwDPFrSS3e8pFDOuBZdgXlMpkGdooDQ&sig=Cg0ArKJSzA5chlNvUALyEAE&urlfix=1&adurl=
Frame ID: 93B99D06CAA2BEE03651AFB59FDDB534
Requests: 6 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 6BD33845C6B6B2F6D013F2DF35E5764C
Requests: 2 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 2D0771E94746663B0E148300021EF270
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D1%26key%3D
Frame ID: 530EB6CE3B2FC5584C89103EB810041B
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: 3ADA7AE220718D63FAD086D3BBCF417D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: F19B543B6C07999E3832147C72FFEF91
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4D1EEAC42074D031C2C11DE58C99B94A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E7658DD0E22E39CEBC05D70E55ED5AE4
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FA1962F97546F4E051D865EAE0E407DD
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: CFED9ADCB8B1DE8314B26A4B11CCD1D6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: DE82A500614B8DA76B17B5054B067375
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: D027320394BA71F9761C4CE312267BE0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 9DC950073056050C819337144D9D0470
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: ADBEE2F2B397225D330700A05455CADC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 38CBCF1650A568464AB6C6F14801594D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D73E55ED47A83D3A3171DE43939700AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AF5493B5CC4C92724C5701E3E4C54BE4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 48A35117F4ABBE5B770DF133D6697D27
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 7C1FAFFB4229F62EBFCFEBEFEE8D3A25
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5B8ADFED20F54EDCBC84F27AC7D8B72A
Requests: 24 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
Frame ID: 6623054D8314D234F398EF6F69173E0C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4118481453551269746
Frame ID: C3FB2276A6EB6DF9FFDAB01818E6D26A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9EA2F08D8E2641F596AE68E2467624F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994080927023691927
Frame ID: 6A2A89E40F409D10EB7E947575CCC7C4
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 590859CA1C75CC264AAB2858F915C48B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 8510E18AA35B9822507CF5506AE92937
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003
Frame ID: 347E7FE82A242E426D73F97302B3EE7A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 061FFFCA3ACD7EC9CD185BA196C1A30C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y56In7tz1xUo6UbWaFbEXRy-
Frame ID: BBA0161093970842A95AE99CC4766338
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4E8C363D632F8652AB38411A493D95B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=uaAhYvgopE3O&pid=557219
Frame ID: B93CFF64EE3AE11552068B5FB676B5AC
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6BB5682791FA610077064943858EC0E3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 5482DB9850962C60279A2B32D3D6EAC9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulF9DEkrXahExEUyeUXekVMQ39d5p6FSoEE72fnDrFS2-bYEoC6cGGalsDAdRk_5Kykgnrqrd3eIATS11jrr8va0BSIqJ3chVAUf1QkFqU8UGAvbpfgxDVo_CpeqxshhZcsEAkhIfyUaxyghmb-5COJ2kYKLsDkNgayDA8NNy9qxqtTlEt9PaKloXxobGXErT8L5J21j-Hse6W16J5U4aUlSq0g0fFVOy3qwjqSSglAHYg_B1iaebGTqCtEYxz0uGXhIR7WBDBZwDTMfpcDGSMGSXvRAILd8YysyZIKimCKivq7KqY-DwXfu3yfQ&sig=Cg0ArKJSzCuegcoKf7LvEAE&adurl=
Frame ID: F13F45F33233B243B8FCCC827297A158
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1413012F6BB1535F2105763A35285F8C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 92803F0BABAFECAE165210C1547347E7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A3573A58FFF190E175ECEB78E6E715DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more HTTP 301
    https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more HTTP 301
    http://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/ HTTP 301
    https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

482
Requests

100 %
HTTPS

35 %
IPv6

90
Domains

141
Subdomains

102
IPs

11
Countries

9059 kB
Transfer

21932 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more HTTP 301
    https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more HTTP 301
    http://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/ HTTP 301
    https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1571 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma16916/901956900/16/ml.br.js
Request Chain 242
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 339
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 340
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 357
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQ-3jA9cvfXEs5k2IpmmqwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YQ-3jA9cvfXEs5k2IpmmqwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMStkRydDy1ntMIImIQelF0&google_cver=1&gdpr=1
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEH2sOpuWWA8MUKtadB30ZTY&google_cver=1
Request Chain 359
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB&dcc=t
Request Chain 363
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8f9214bf-008e-46dd-a29e-6667033c3716&expiration=1659972364
Request Chain 396
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1
Request Chain 403
  • https://c1.adform.net/serving/cookie/match?party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
Request Chain 404
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4118481453551269746
Request Chain 406
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994080927023691927
Request Chain 407
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCU2gwN0NILThBQUVTbWRIS0x0UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 408
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 409
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8525320796 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/365d2ebd-a211-43b5-8b5a-892cfa759404 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003
Request Chain 411
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y56In7tz1xUo6UbWaFbEXRy-
Request Chain 413
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=uaAhYvgopE3O&pid=557219
Request Chain 414
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XsO6RZnnRA6dsl9D8ewZTQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 417
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3467610f-f78c-4a00-9e94-a3214e937601
Request Chain 418
  • https://pixel.onaudience.com/?partner=214&mapped=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=96d091fd26a95442d85a6c419f3ab6fb HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=41da6fe19851e9c5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5987a588-5e93-4df3-426e-2311d05bab99&reqId=472c52ec-43e4-4119-6fa7-5dbb774e4aac&zcluid=41da6fe19851e9c5&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKK6dgojlm9Fxi1ePJRVdWA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5987a588-5e93-4df3-426e-2311d05bab99&reqId=472c52ec-43e4-4119-6fa7-5dbb774e4aac&zcluid=41da6fe19851e9c5&zdid=1332
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUVDM0JBNDUtOTlFNy00NDBFLTlEQjItNUY0M0YxRUMxOTRE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv7V_ODaDpGTNgXiKbUsTQ&google_cver=1
Request Chain 422
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:affc610f-f78c-4a00-814f-ca40fadd9e70&gdpr=0&gdpr_consent=
Request Chain 423
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6448242630412783773
Request Chain 424
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=365d2ebd-a211-43b5-8b5a-892cfa759404
Request Chain 425
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1165535154586201709&gdpr=0&gdpr_consent=
Request Chain 427
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BKmTpe9E2uWR6D.8uAM1uLyf.uo76cU-~A&gdpr=0&gdpr_consent=
Request Chain 428
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ea3f2161-cae0-49ec-9a88-fc31b9f036c2&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=ec045913-5e47-472f-be64-41bd09c85aa0&expires=1&user_group=5&ssp=pubmatic&bsw_param=ea3f2161-cae0-49ec-9a88-fc31b9f036c2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea3f2161-cae0-49ec-9a88-fc31b9f036c2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 429
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iPVlCtjzbQ-Tp2xbh6d4VI6lNg-T_GwPjqKWlHCq
Request Chain 430
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2600130840653368554&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 431
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YQ-3kAADUBJYRQBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQ-3kAADUBJYRQBg&gdpr=0&gdpr_consent=&_test=YQ-3kAADUBJYRQBg
Request Chain 433
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c61ede2c-e554-43d3-b90b-cbd86494886b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 434
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 435
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2653631648784106663
Request Chain 436
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2a69b44e-e6e5-4293-bad6-d69b691d6b9b
Request Chain 437
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8185610f-f78c-4e00-9361-d86c631a7d93
Request Chain 438
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VhYdrAYQFalNRBT9WUQA8lBGTqlNHxSpUEEvTYDQ
Request Chain 439
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8535679572810067262
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9XZZ3Mektnax6veN5_ZmM&google_cver=1

482 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Redirect Chain
  • http://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more
  • https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more
  • http://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
  • https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
313 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
imio /
Resource Hash
3f3e7b370db7cbaa7060ccd922c5730433db9fa3aea7b9975b746cffae107a54

Request headers

:method
GET
:authority
www.sonomanews.com
:scheme
https
:path
/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visid_incap_813078=weuOsIz6Si6ox9hfEVf9iIP3D2EAAAAAQUIPAAAAAAD6AlmDpHAh4fYCV1KhThjJ; nlbi_813078=Dy+pHbrxiTbtMjGrdG/KRAAAAACyEFrtFKwuwX124wEtLK5W; incap_ses_1309_813078=eX6CSuOr8jvX3CLO0YAqEoT3D2EAAAAAog0uZ+q97DIxVPbaXAIk4w==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:56 GMT
content-type
text/html; charset=UTF-8
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1628436366
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
link
<https://www.sonomanews.com/wp-json/>; rel="https://api.w.org/" <https://www.sonomanews.com/?p=28767>; rel=shortlink
content-encoding
gzip
warning
110 e56e19fed757 "Response is stale"
pragma
no-cache
via
1.1 e56e19fed757
x-cache
HIT from e56e19fed757
age
4577
server
imio
expires
0
x-cdn
Imperva
x-iinfo
11-169993506-169993380 PNNN RT(1628436356295 0) q(0 0 0 -1) r(2 4) U12

Redirect headers

Location
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Content-Length
0
Connection
close
css
fonts.googleapis.com/ 		10 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbfaf064614ba157ec76c38ed0d17a235e880e2959cd3fdba0f5e408fe416689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 15:25:57 GMT
server
ESF
date
Sun, 08 Aug 2021 15:25:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 15:25:57 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1030783
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiEB9X9BQJa7CdgComMFZBUEWCwMLsmEjEaSma4r6UDi1KsRjsNCCE%2BEhAA%2FwflN4u%2BPbvvOCs8ZFL1fa8pIl9RdKbuhnUdu1I6IOby467gbprWlCLjV9Uw89d94fpJG6e%2F0HDJB4kbEPwgOouQgZOtF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2a0cffa1f4d-FRA
expires
Fri, 29 Jul 2022 15:25:57 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170339
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
633
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf7ecpUbzN7oOmKMgQFdtWAOg33rpS2Knxg%2BFcXreivPm%2BtUVSIg5hPM7u8IqvfR%2FCdpn1boiLcOGhh693p89nbHPFOZTsP09%2FcKzewEIX3INgimbZkz%2BkXOrTBDs4RPcbY%2Bc%2FALKkyn8bz%2Bj1rrvbnY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2a0cffb1f4d-FRA
expires
Fri, 29 Jul 2022 15:25:57 GMT
base.css
code.sonomanews.com/shared/2020/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/css/base.css?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c0309e8a18729cbedd0a1f0a2ed11db097d1cb2807bfc1d5b7d8c4baecd0fbfe

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jun 2021 22:48:37 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"85c3-5c4fe01f31b40-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
6543
helpers.css
code.sonomanews.com/shared/2020/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/css/helpers.css?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
42e339dbca79f2cc9d6baa24c1b4d2a1ee889f844a2b591c53d381d57da67a88

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 16:08:50 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"563d-5c07dc7422880-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
4116
templates.css
code.sonomanews.com/shared/2020/css/ 		49 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/css/templates.css?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2f253b954e778d837fd7dcc289f92d9fee395b81096f4b07c9226354eb69cfe6

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jun 2021 20:57:17 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"c5a7-5c4fc73ca6540-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
6191
article.css
code.sonomanews.com/shared/2020/css/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/css/article.css?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7c27599b76a80d009363290ac75999ff455ab4027a7dc6d78f92c99b49e1e1b7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Jul 2021 18:52:44 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"abc3-5c72df9ebf700-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
7047
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Aug 2022 15:18:58 GMT
template7.min.js
cdnjs.cloudflare.com/ajax/libs/template7/1.4.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/template7/1.4.0/template7.min.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df50c87ff6b4e0c622a5aee48157b6d0ded3ba4c78c3923500f255ba0cee1118
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6377592
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3285
cf-request-id
0a4bd5a40a00004e6d92bbe000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff9-2f4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQB0L%2F069YmwVVqpQZi%2Fku43Z9tGi40qwEL%2Bh%2FHiK5%2FC4Baovxh7%2FNZ12WE7cR295tv%2BloNTnIIJAujzxK3F0ET7ZLlciRFMCvyJH9bX9Titeu627plSos1EyY0bi5vdCMdIEeBYfEd7j5AmQaTYleCd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2a0d8011f4d-FRA
expires
Fri, 29 Jul 2022 15:25:57 GMT
adsectionoverrides.js
code.sonomanews.com/shared/2020/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/adsectionoverrides.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
850931fcaea80e7b1561deda0b929ec097e33e52df386ce746c4204d454fd427

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Jun 2021 15:56:04 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"da1-5c570f19a8d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
815
dfploader.js
code.sonomanews.com/shared/2020/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/dfploader.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
174bbbb5f964fdc29bec4311ca257334843a4687fcb985a8d7edc4eb0650fe19

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jul 2021 21:06:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"88a9-5c7946d1911c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
9143
sit.js
code.sonomanews.com/shared/2020/js/widgets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/widgets/sit.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
5309d8544d349e2650136da2909d604fe44cd47e938b7066580a9ede10d765fe

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Jun 2021 17:45:38 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a61-5c5727971d480-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
655
blockloader.js
code.sonomanews.com/shared/2020/js/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/blockloader.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3a95d2a195854249735bba836b135983a5542f58ed47c6368184ebd92d2563d8

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Feb 2021 00:07:45 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7ed5-5bc320eb9d640-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
8542
base.js
code.sonomanews.com/shared/2020/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/base.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6a3228f9f4284eeb498133210d0c3a1658778955a64510fb5911a6037e8a11da

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Jul 2021 22:12:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6c4d-5c730c2da5740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
8313
scripts.js
code.sonomanews.com/shared/2020/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/scripts.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
89aa829cef754dbeaa10b6953f9ee5d79f522325b462c6fb7faccb50f4e96b51

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jun 2021 20:48:24 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3be9-5c4fc54057600-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
5136
sit.js
code.sonomanews.com/shared/2020/js/pub/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/pub/sit.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
89511b37628291c235e6eec067d6c2f24c07ea9bda9228a7a065fbaa181eea8c

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 18:48:30 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"40f-5c7ced9833b80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
495
article.js
code.sonomanews.com/shared/2020/js/ 		51 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/js/article.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6e1089cb9e94ac8049a65c329e9521f9dc847b1b5247566166c988baf1b18c82

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jul 2021 19:08:37 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"cb88-5c7425090f740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
9673
george.js
code.sonomanews.com/2020/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/2020/js/george.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c4ae4ce27bb586d22f2717ad56d0386f683520b33d1f3ce7de2d267d032ddcc4

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Feb 2020 19:50:48 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"ff4-59e01b4beae86-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
1597
loader.min.js
loader-cdn.azureedge.net/prod/smi/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF3) /
Resource Hash
7815b0e52a41baae1d87367912d436d113669ce50ee1cfe9a52021ddc2098601

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:57 GMT
content-encoding
gzip
content-md5
4sFw+xFqa/Mr/vUwNl6xAQ==
age
7033
x-cache
HIT
content-length
9628
x-ms-lease-status
unlocked
last-modified
Tue, 02 Mar 2021 08:53:02 GMT
server
ECAcc (frc/8FF3)
etag
0x8D8DD58963C1C69
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
83696f08-b01e-009a-4859-8caaba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
/
prod.ew.srp.navigacloud.com/ 		0
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.ew.srp.navigacloud.com/?dm=57c9b89633572b02cc3fff738d631684&action=load&blogid=8&siteid=1&t=796741044&back=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.216.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-216-209.us-west-2.compute.amazonaws.com
Software
imio /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:57 GMT
content-encoding
gzip
server
imio
age
4576
vary
Accept-Encoding
x-cache
HIT from 53d29a479125
content-type
text/html; charset=UTF-8
via
1.1 53d29a479125
x-ratelimit-remaining
999
cache-control
no-cache, no-store, must-revalidate
warning
110 53d29a479125 "Response is stale"
x-ratelimit-reset
1628436367
x-ratelimit-limit
1000
expires
0
gtm.js
www.googletagmanager.com/ 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WFZ86PJ
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e547d379636bea811226e86cd61c7fbe5e86f7042e04a84ef1b1928cd48a89f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36519
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 15:25:58 GMT
print.css
code.sonomanews.com/shared/2020/css/ 		779 B
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/shared/2020/css/print.css?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bd3e001cb80ab806b186286d5942444cd4e7a566e862db1a98b483da24a8f60c

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 18:48:25 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"30b-58257cd7f7040-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
378
/
imengine.prod.srp.navigacloud.com/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=dd522f94-a99e-5702-ab18-aac9093d4a16&type=primary&q=72&width=1600
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
79bb2692f4c7f1a8d434e0401b0963fcf36682368c7ac65ef0a3724ce0fa016e

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Aug 2021 14:09:42 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sun, 08 Aug 2021 14:09:42 +0000
server
nginx
age
4576
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Eoj3ZjNso870-foSAF7oopnE7N2NkatIRrTFQ5o9_HYXFS7GOOsj8A==
expires
Fri, 04 Feb 2022 14:09:42 GMT
nextdoor.png
img.sonomanews.com/shared/social/32/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sonomanews.com/shared/social/32/nextdoor.png
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7ba7d2e45f0f982339af039e10e99300c759eb0a78e946f357fa8b82dd009b38

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Last-Modified
Wed, 07 Feb 2018 23:54:14 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"5af-564a8032b3580"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1455
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Sun, 08 Aug 2021 15:25:58 GMT
x-host
s7.addthis.com
content-length
116325
share.js
nextdoor.com/static/widgets/ 		653 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nextdoor.com/static/widgets/share.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-80.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
57f2307b8e823f173f76d04fddf39771a5282649ca337be3144634ae3f976c74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 00:58:56 GMT
content-encoding
gzip
last-modified
Fri, 06 Aug 2021 17:25:34 GMT
server
nginx
age
52021
etag
W/"610d708e-28d"
vary
Accept-Encoding
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
M3q9WX9LjG4FOIqrZ2qpgZxVvfRL2KPgRuINamhlvkFivolSbMmH0A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF7) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
483352
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (frc/8FF7)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f3bb46e1-f01e-0070-6e04-8841fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
cookie.js
privacy.sonomanews.com/banner/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.sonomanews.com/banner/cookie.js?ver=20210723
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.237.183.80 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0b6e506bcfb98732190b8305693c60ef43d022a9a5e7d403710ac88d92225538

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jan 2020 21:32:31 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4cab-59c488fff39c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
5801
load.js
s.ntv.io/serve/ 		371 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ad39c6a1b09e253bd1b3a9e89ec01e9e5016648d3b47a7f5f0b93ae52e69d811

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Content-Encoding
gzip
x-amz-request-id
4SJAT15HPMNDNKAZ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
KeU95i3mm5/1v2JXYRLKNXe8o5N9dG8A44K+vUvLxzya2YGf8sEbU1YBQP0RYSInoMUozjKgFnY=
Last-Modified
Wed, 04 Aug 2021 14:17:16 GMT
Server
AmazonS3
ETag
"2961bf28a7d4c32f1b84975c0cd9b1e7"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
sonomamedia.js
tru.am/scripts/custom/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/custom/sonomamedia.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc58176d281ddc0caa4af91ba0154a26d901cf3481ba9964c1e4804a4075c12

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=G1tUAw==, md5=emflid4Yi7U9awEGHelmCQ==
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1405396
x-guploader-uploadid
ABg5-Uw6N5M_brLgY4wVpN5P3r14OHrfeCSzW0iXeFAw8IL0l5Wc0E7i8bPLKuX1Dd49OHEUpJsEAsIumjNZpSRAC9S-o85UNQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 20 Nov 2020 03:52:27 GMT
server
cloudflare
etag
W/"7a67e589de188bb53d6b01061de96609"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SR4MDYw8tzi1ADIrRW0qydHKr1iAsg1fCw3PwnJZ%2BU0bMpoZ69dHtI0Ydrh1ylCXPR%2BVWo23DT9d3vLk5kWbgPpwmkdrTv8UufaYeyQbuoRQOeOLc9xLtL9O2XX2qdwhfqD2%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605844347006942
content-type
text/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
1039
cf-ray
67b9c2a8bbb24a56-FRA
expires
Fri, 23 Jul 2021 10:02:42 GMT
wp-embed.min.js
www.sonomanews.com/wp-includes/js/ 		1 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sonomanews.com/wp-includes/js/wp-embed.min.js?ver=4.9.4
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
/
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.9.4
pragma
no-cache
cookie
visid_incap_813078=weuOsIz6Si6ox9hfEVf9iIP3D2EAAAAAQUIPAAAAAAD6AlmDpHAh4fYCV1KhThjJ; nlbi_813078=Dy+pHbrxiTbtMjGrdG/KRAAAAACyEFrtFKwuwX124wEtLK5W; incap_ses_1309_813078=eX6CSuOr8jvX3CLO0YAqEoT3D2EAAAAAog0uZ+q97DIxVPbaXAIk4w==; SIT_free=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sonomanews.com
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:57 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2016 13:38:33 GMT
x-cdn
Imperva
etag
W/"58359bd9-576"
content-type
application/javascript
x-iinfo
11-169993738-0 0CNN RT(1628436357937 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=25710102, public
content-length
751
expires
Thu, 02 Jun 2022 05:07:39 GMT
_Incapsula_Resource
www.sonomanews.com/ 		130 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sonomanews.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=24197650
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
/
Resource Hash
6f97108a584cf78cd88bc80be0b5aa74297734812fdc242a6b31915b63bd72da

Request headers

:path
/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=24197650
pragma
no-cache
cookie
visid_incap_813078=weuOsIz6Si6ox9hfEVf9iIP3D2EAAAAAQUIPAAAAAAD6AlmDpHAh4fYCV1KhThjJ; nlbi_813078=Dy+pHbrxiTbtMjGrdG/KRAAAAACyEFrtFKwuwX124wEtLK5W; incap_ses_1309_813078=eX6CSuOr8jvX3CLO0YAqEoT3D2EAAAAAog0uZ+q97DIxVPbaXAIk4w==; SIT_free=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.sonomanews.com
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
18869
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: code.sonomanews.com
URL: https://code.sonomanews.com/shared/2020/js/dfploader.js?ver=20210723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
ba2bbdce8c5fa34cbb914216efe4fe93361c094210f96f8877bbdec566569479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"952 / 133 of 1000 / last-modified: 1628287791"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25129
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:25:58 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: code.sonomanews.com
URL: https://code.sonomanews.com/shared/2020/js/dfploader.js?ver=20210723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:23:17 GMT
content-encoding
gzip
server
Server
age
160
etag
f8520ea4ebd91256d6b4f461d472242a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
x-amz-cf-id
pwZAq-6tavaQeppb_tMclQd0WXrr1pz3Sv2dlRSgtJuu9dFBj8XBOQ==
index.php
code.pressdemocrat.com/getip/ 		23 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.pressdemocrat.com/getip/index.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
37672193f9c20b8c647338d6824b4620da80adc0d047c016ebd25b9f840c40ec

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Aug 2021 15:25:58 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
close
Content-Length
23
Content-Type
text/html; charset=UTF-8
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:4c00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 16:13:32 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 00:11:37 GMT
server
nginx
age
83546
etag
W/"60e79439-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
1c7m6aTf1MpuQe-G5sA5E1jVXjGA6u95NAyjSlNPga_2HoAC85w-dQ==
expires
Sun, 08 Aug 2021 16:13:32 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma16916/901956900/16/
Redirect Chain
  • https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1571
  • https://js.matheranalytics.com/static/ltm/ma16916/901956900/16/ml.br.js
139 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma16916/901956900/16/ml.br.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
288b8ce02bde35c83a8f570982fa895b655b9f0b05d7c64e7112da1e92e484aa

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 19:16:38 GMT
content-encoding
br
last-modified
Wed, 03 Jun 2020 18:26:37 GMT
server
nginx
age
72560
etag
"b694517d8177a65c9a66efd1d3ead13e"
vary
Accept-Encoding
x-cache
HIT Wed, 03 Jun 2020 18:39:44 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
41575

Redirect headers

date
Sun, 08 Aug 2021 15:25:58 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma16916/901956900/16/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
6-gc-euw1-10929
loader-config.json
cdn.sbgsodufuosmmvsdf.info/prod/smi/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.sbgsodufuosmmvsdf.info/prod/smi/loader-config.json?_=1628436357796
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7A) /
Resource Hash
d73088906945f5443bcf75f31d6ba821ec4c6034ac6c36bf2398ff4949ebf815

Request headers

Accept
*/*
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
content-md5
3FCtiCLueSwF8DWRoif3hQ==
age
30624
x-cache
HIT
content-length
1262
x-ms-lease-status
unlocked
last-modified
Tue, 02 Mar 2021 08:57:32 GMT
server
ECAcc (frc/8F7A)
etag
0x8D8DD59374E080E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d7f36da3-301e-0003-3422-8c2578000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
newspaper.png
code.sonomanews.com/shared/2020/css/image/newspaper/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.sonomanews.com/shared/2020/css/image/newspaper/newspaper.png
Requested by
Host: code.sonomanews.com
URL: https://code.sonomanews.com/shared/2020/css/base.css?ver=20210723
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b817dc11f25f1066fa60bced66d1ae1d4b0bceadef2bd614ecbf5ad35306247c

Request headers

Referer
https://code.sonomanews.com/shared/2020/css/base.css?ver=20210723
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Last-Modified
Wed, 26 Sep 2018 18:47:48 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"757-576caa89ebd00"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801, public
Connection
close
Accept-Ranges
bytes
Content-Length
1879
sit-logo-header.png
code.sonomanews.com/shared/2020/css/image/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.sonomanews.com/shared/2020/css/image/logo/sit-logo-header.png
Requested by
Host: code.sonomanews.com
URL: https://code.sonomanews.com/shared/2020/css/base.css?ver=20210723
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
eb012d35873cf2682901744c3e07e98ad0aa6f3e5f24abf362c98bae3ebe48c4

Request headers

Referer
https://code.sonomanews.com/shared/2020/css/base.css?ver=20210723
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:58 GMT
Last-Modified
Thu, 21 Feb 2019 00:05:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3a80-5825c3a673e00"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801, public
Connection
close
Accept-Ranges
bytes
Content-Length
14976
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.sonomanews.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42321
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQ3TvSMWsfJ3YuiBFvhQusABYxyHRZJgxRxVCVJormB9LVbGo5m3xJYcMvg8e3Glt3EdI2QsPhzjDoYNHGA5F82btliEsUhL%2F2c2riN9fY7QgK1Pj3mA%2FVrVx42M1giJK5THWDKgrXADUXaUxtBpmsQ0"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2a8aaf12c52-FRA
expires
Fri, 29 Jul 2022 15:25:58 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:42:40 GMT
x-content-type-options
nosniff
age
420198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 18:42:40 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v22/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:03:30 GMT
x-content-type-options
nosniff
age
170548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:53:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:03:30 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:03:58 GMT
x-content-type-options
nosniff
age
170520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:53:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:03:58 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30002
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
widgetinfo
p.cityspark.com/api/widgets/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9773&callback=jsonp1628436851130
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a8c60d32af60f9fa58c959b10196747b785590a93fb7761983ae9f25556af59

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
null
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/null?s=50&d=identicon
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3259920e18ea0f84eadaef00ee3a09a26ca9b1693b15c15175f22c746122dfad

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/null?s=50&d=identicon>; rel="canonical"
content-length
3309
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul0
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul0?s=50&d=identicon
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3259920e18ea0f84eadaef00ee3a09a26ca9b1693b15c15175f22c746122dfad

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul0?s=50&d=identicon>; rel="canonical"
content-length
3309
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul1
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul1?s=50&d=identicon
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3259920e18ea0f84eadaef00ee3a09a26ca9b1693b15c15175f22c746122dfad

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul1?s=50&d=identicon>; rel="canonical"
content-length
3309
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul2
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul2?s=50&d=identicon
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3259920e18ea0f84eadaef00ee3a09a26ca9b1693b15c15175f22c746122dfad

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul2?s=50&d=identicon>; rel="canonical"
content-length
3309
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul3
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul3?s=50&d=identicon
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3259920e18ea0f84eadaef00ee3a09a26ca9b1693b15c15175f22c746122dfad

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul3?s=50&d=identicon>; rel="canonical"
content-length
3309
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul0
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul0?s=50&d=monsterid
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
58e91e83d0901f31ba8ba9db2bf1de76ca63097aab0d3c8dea160a2e15c8d8f7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul0?s=50&d=monsterid>; rel="canonical"
content-length
3186
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul1
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul1?s=50&d=monsterid
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
58e91e83d0901f31ba8ba9db2bf1de76ca63097aab0d3c8dea160a2e15c8d8f7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul1?s=50&d=monsterid>; rel="canonical"
content-length
3186
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul2
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul2?s=50&d=monsterid
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
58e91e83d0901f31ba8ba9db2bf1de76ca63097aab0d3c8dea160a2e15c8d8f7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul2?s=50&d=monsterid>; rel="canonical"
content-length
3186
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul3
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul3?s=50&d=monsterid
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
58e91e83d0901f31ba8ba9db2bf1de76ca63097aab0d3c8dea160a2e15c8d8f7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul3?s=50&d=monsterid>; rel="canonical"
content-length
3186
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul0
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul0?s=50&d=wavatar
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c21d344a02e8830a1696fb0fcdd2f2ee6db4b7ae33a790ef0a90a71d29a55b2f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul0?s=50&d=wavatar>; rel="canonical"
content-length
3054
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul1
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul1?s=50&d=wavatar
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c21d344a02e8830a1696fb0fcdd2f2ee6db4b7ae33a790ef0a90a71d29a55b2f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul1?s=50&d=wavatar>; rel="canonical"
content-length
3054
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul2
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul2?s=50&d=wavatar
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c21d344a02e8830a1696fb0fcdd2f2ee6db4b7ae33a790ef0a90a71d29a55b2f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul2?s=50&d=wavatar>; rel="canonical"
content-length
3054
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul3
www.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul3?s=50&d=wavatar
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c21d344a02e8830a1696fb0fcdd2f2ee6db4b7ae33a790ef0a90a71d29a55b2f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul3?s=50&d=wavatar>; rel="canonical"
content-length
3054
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul0
www.gravatar.com/avatar/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul0?s=50&d=robohash
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
778394d82d69dddc2c2885bc1f6a5b6997b6769f845ee1ce5aae912db4765a05

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul0?s=50&d=robohash>; rel="canonical"
content-length
3578
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul1
www.gravatar.com/avatar/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul1?s=50&d=robohash
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
778394d82d69dddc2c2885bc1f6a5b6997b6769f845ee1ce5aae912db4765a05

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul1?s=50&d=robohash>; rel="canonical"
content-length
3578
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul2
www.gravatar.com/avatar/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul2?s=50&d=robohash
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
778394d82d69dddc2c2885bc1f6a5b6997b6769f845ee1ce5aae912db4765a05

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul2?s=50&d=robohash>; rel="canonical"
content-length
3578
expires
Sun, 08 Aug 2021 15:30:58 GMT
nul3
www.gravatar.com/avatar/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gravatar.com/avatar/nul3?s=50&d=robohash
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
778394d82d69dddc2c2885bc1f6a5b6997b6769f845ee1ce5aae912db4765a05

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 08 Aug 2021 15:25:58 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/nul3?s=50&d=robohash>; rel="canonical"
content-length
3578
expires
Sun, 08 Aug 2021 15:30:58 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1502
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
709fb383-901e-008c-1766-8c807b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sun, 08 Aug 2021 15:55:58 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.sonomanews.com
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1236501
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Sat, 24 Jul 2021 21:34:25 GMT
date
Sun, 08 Aug 2021 15:25:58 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZ86PJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6564
date
Sun, 08 Aug 2021 13:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 15:36:34 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:58 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.sonomanews.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
bnTuoL58ID-L0DhV9OQcHLYBfoJU6dIXWLorekaf9P30e6FbkBB-tQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
39457
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Sun, 08 Aug 2021 04:28:22 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
zFD61zMW0u7uCvyfHFcKeS7AqCmuuAFxRtjdqc88i298161GigmBwQ==
pubads_impl_2021080501.js
securepubads.g.doubleclick.net/gpt/ 		328 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Aug 2021 08:37:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116820
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:25:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		141 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
141da9a07cf53f3c17262cc386e861fbde16b0c1894a6cea78a4a6b61badc576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:25:58 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1801361826&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dp=%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=974225141&gjid=767511546&cid=299918025.1628436359&tid=UA-39519010-1&_gid=723143851.1628436359&_r=1&gtm=2wg840WFZ86PJ&z=509291713
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1801361826&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dp=%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=155365535&gjid=1061903079&cid=299918025.1628436359&tid=UA-55293627-1&_gid=723143851.1628436359&_r=1&gtm=2wg840WFZ86PJ&z=941577153
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1801361826&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dp=%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=213030520&gjid=1052601941&cid=299918025.1628436359&tid=UA-44780506-1&_gid=723143851.1628436359&_r=1&gtm=2wg840WFZ86PJ&z=109614389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1801361826&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dp=%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=175490200&gjid=2065674136&cid=299918025.1628436359&tid=UA-37401929-2&_gid=723143851.1628436359&_r=1&gtm=2wg840WFZ86PJ&z=379460319
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1801361826&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dp=%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=367305732&gjid=885367711&cid=299918025.1628436359&tid=UA-37401929-3&_gid=723143851.1628436359&_r=1&gtm=2wg840WFZ86PJ&z=173761694
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-39519010-1&cid=299918025.1628436359&jid=974225141&gjid=767511546&_gid=723143851.1628436359&_u=YEBAAEAAAAAAAC~&z=51099945
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Aug 2021 15:25:58 GMT
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-55293627-1&cid=299918025.1628436359&jid=155365535&gjid=1061903079&_gid=723143851.1628436359&_u=YEDAAEABAAAAAC~&z=676200508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Aug 2021 15:25:58 GMT
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp.min.js
fp-cdn.azureedge.net/prod/smi/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp-cdn.azureedge.net/prod/smi/fp.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF7) /
Resource Hash
678ba3b30abc8363927f1f706435fb1502722a2525007767d05b1b5a8652f13e

Request headers

Origin
https://www.sonomanews.com
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
content-md5
vU8nkZRNnn2OJ2o2PJ2Q0g==
age
1307
x-cache
HIT
content-length
20554
x-ms-lease-status
unlocked
last-modified
Tue, 02 Mar 2021 08:14:56 GMT
server
ECAcc (frc/8FF7)
etag
0x8D8DD53443E42B7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
67afd107-901e-0041-3466-8c0e6c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
g2insights-cdn.azureedge.net/prod/smi/ 		1 MB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g2insights-cdn.azureedge.net/prod/smi/g2i.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6F) /
Resource Hash
af290d929f67b216ac0f00ab9136f417a7eb949f791b67b3cab245a24197705e

Request headers

Origin
https://www.sonomanews.com
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
content-md5
5OOPJDB2lBpLO3A8ifJwvA==
age
41969
x-cache
HIT
content-length
221901
x-ms-lease-status
unlocked
last-modified
Tue, 02 Mar 2021 08:15:26 GMT
server
ECAcc (frc/8F6F)
etag
0x8D8DD5355956543
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e33e1a84-201e-013a-1c07-8c2389000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.ayc0zsm69431gfebd.xyz/prod/smi/ 		650 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7C) /
Resource Hash
dbe1d7f9952899ee4f2ccac42616d4d5557969a15e3ab2911db119bafd4bf293

Request headers

Origin
https://www.sonomanews.com
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
content-md5
9BltCf9yV5idC/KMXgRM8A==
age
20982
x-cache
HIT
content-length
139076
x-ms-lease-status
unlocked
last-modified
Mon, 10 May 2021 08:59:58 GMT
server
ECAcc (frc/8F7C)
etag
0x8D91391FCD6C5F6
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d93d14c8-701e-00ea-7338-8cd97e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/smi/ 		347 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.css
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA3) /
Resource Hash
c132b9e55bc0fde269d8b42052b41fccb4484e35ed87574df63d2a40fc0d2cea

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
gzip
content-md5
0I/00dOoKREDAz1fuq7qXg==
age
20186
x-cache
HIT
content-length
35261
x-ms-lease-status
unlocked
last-modified
Mon, 10 May 2021 08:59:58 GMT
server
ECAcc (frc/8EA3)
etag
0x8D91391FCD42D4B
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
30201bd4-b01e-0134-483a-8ccf82000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&wrdcnt=1765&sec=lifestyle&pubname=The%20Sonoma%20Index-Tribune&paracnt=53&ptype=article&metered=1&hier=lifestyle%7Cfood&cms=Naviga%20Web&chrcnt=10648&auth=KATHLEEN%20HILL&artupt=1598633334&arttype=article&artsrc=Sonoma%20Index-Tribune&artpubt=1598574660&artid=81861018-d511-49a1-956a-d2af403880b0&tv=js-3.0.108&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=16&tid=4efc19cb-163a-42d3-99e6-16be26af0c53&pid=0de4b440-3001-44ef-bebb-8c3c7e0e3350&dtm=1628436358819&qnm=_matherq&visible=1&tabid=7a0a680d-8337-4f5e-96ed-092a6f9a2e08&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vp=1600x1200&ds=1600x6634&tofa=1628436359&vid=1&lvidt=1628436359&duid=a4690ef6120d032e&fp=1072425006&cid=ma16916&mrk=901956900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYyODQzNjM1NTkyMCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIyNjQwIiwiZmV0Y2hTIjoiOTI1IiwiZG9tYWluUyI6IjkyNSIsImRvbWFpbkUiOiI5MjUiLCJjb25uUyI6IjkyNSIsImNvbm5FIjoiOTI1IiwicmVxdVMiOiI5MjYiLCJyZXNwUyI6IjEzMjEiLCJyZXNwRSI6IjE0OTciLCJkb21Mb2FkIjoiMTMyNCJ9LCJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJsaWZlc3R5bGUiXV19fQ
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-56-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
fontawesome-webfont.woff2
cdn.czx5eyk0exbhwp43ya.biz/prod/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/fonts/fontawesome-webfont.woff2?98120622
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F40) /
Resource Hash
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a

Request headers

Origin
https://www.sonomanews.com
Referer
https://cdn.ayc0zsm69431gfebd.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:25:58 GMT
content-md5
4KZHfCb3p1RwzI0cUtcF7g==
age
369474
x-cache
HIT
content-length
1720
x-ms-lease-status
unlocked
last-modified
Thu, 17 Dec 2020 10:16:38 GMT
server
ECAcc (frc/8F40)
etag
0x8D8A274D72F017A
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
51a78471-b01e-003b-2b0d-896421000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
t
jadserve.postrelease.com/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
f89bb174916bd0cceca4a00ba586ffe8d7cdb9f9f4d4265d3018b60b9174f45a

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
5584
expires
Mon, 1 Jan 1990 12:00:00 GMT
ta-pagesocial-sdk.js
tru.am/scripts/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/sonomamedia.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date
Sun, 08 Aug 2021 15:25:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1415631
x-guploader-uploadid
ADPycds3KPTPdVNm8yXAdhrxfxRaYeTBnqIG2lrLotae4bxik3egrwkU4sqIQYBG1Cq65fowFX9NakssUdZKBm01N5g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 11 Nov 2020 17:32:38 GMT
server
cloudflare
etag
W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2289SId1fhfmIU3n8zW9LTKeQDZH2T0AU8vtRmWksV1cHBpAmelXwdvINx%2BxLZiD%2FGIsesJyYcf22wIeLRt2WrzecVXkqxxHWimEPDZrzRSSHoby1Bu03mAnkpF2acy5vg2SKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605115958819708
content-type
text/javascript
cache-control
public, max-age=2678400
x-goog-stored-content-length
27827
cf-ray
67b9c2ab6b712bb9-FRA
expires
Fri, 23 Jul 2021 07:12:07 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5460f089073e7021/ 		166 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5460f089073e7021/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
etag
659743217
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=37, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
154
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		599 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1628436358996
Requested by
Host: fp-cdn.azureedge.net
URL: https://fp-cdn.azureedge.net/prod/smi/fp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412a9b5e75e3672ee7467bc51ab795fa199a9708d107b1fbe2f74e63b4ad6983

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4IVlMjQB8w2BYQcgpxM4mHu8OUP8245KFwVO7m7WUpoV3BFHkA7aIYTezptQoV6W23a8wB0zFQNTcxY7uBWZ0sgqPNFCkbea5VK0onxqE1SrjND24wCcvx2kdXxvYSugJhg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
67b9c2ac2ed610c1-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
_Incapsula_Resource
www.sonomanews.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sonomanews.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6171540593207621
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/_Incapsula_Resource?SWKMTFSR=1&e=0.6171540593207621
pragma
no-cache
cookie
visid_incap_813078=weuOsIz6Si6ox9hfEVf9iIP3D2EAAAAAQUIPAAAAAAD6AlmDpHAh4fYCV1KhThjJ; nlbi_813078=Dy+pHbrxiTbtMjGrdG/KRAAAAACyEFrtFKwuwX124wEtLK5W; incap_ses_1309_813078=eX6CSuOr8jvX3CLO0YAqEoT3D2EAAAAAog0uZ+q97DIxVPbaXAIk4w==; SIT_free=1; _cb_ls=1; _ga=GA1.2.299918025.1628436359; _gid=GA1.2.723143851.1628436359; _gat_UA-39519010-1=1; _gat_UA-55293627-1=1; _gat_UA-44780506-1=1; _gat_UA-37401929-2=1; _gat_UA-37401929-3=1; ai_user=GB+Wc|2021-08-08T15:25:58.775Z; _sp_id.35b1=a4690ef6120d032e.1628436359.1.1628436359.1628436359; _sp_ses.35b1=*; _matheriSegs=MATHER_U2I_FIRSTTIME_20200522; _matherSegments=MATHER_U2I_FIRSTTIME_20200522; __atuvc=1%7C32; __atuvs=610ff786610826ca000; _cb=DJvFEABR92ADB7LpIl; _chartbeat2=.1628436358943.1628436358943.1.BzfbddBWErjCBt4N_dCCHR1aCdON0F.1; _cb_svref=null; ___utmvc=pJe8Dy8QxU0lZsrZsb60TSYCcnNOFhuYPUJ5LClKVEnph+UFL0enedM88ql5FoGKUVmt4fnZf0O7rnIKbgTyv+bzdR/y+6Ni7E8T7DyaEImCRozvFSqx61ENtyIpjAXu95a+ywqn/dMGnN00Mu3l3fdvbcCnHbze9pPy6r/HOAeiWilQFArnT/GIB52Kdpc/o0nutxKXmqshLDJpF/5SGr322F+wmyU8CjfOYniVBDJlZP+P9TGzpteqepCZwvOMZF8YcMLuodyrUzO1TXFpCZmbcSui+WYBksB6TPbD9jY7/4IpdykRCUx9fABVlAantYxbZV+rIF/tDFTkB8/l3nmyrdM3z+4Qsp+ooLtocffusLkl+C+p/BextNaAzjalA+tcJn+g3pOOJ4XgqI+TGX12Y5zBAmduV5YDizaH+AyxbEPOT90ZtoCdfwUz+1C9g337i1x2FWloqSLg2WQw/jRRts6D3t+OQTA3bNB1F4Rpc61QV5gM3AWQVz6xNNemtUWWLIYZo+MXqMkqWeOmQtGj0G5fXi6cjUMBpboR859Qz7cd/gwBZPQfATvoduqBdNKCtAcYrQ6b5aly86t+KhYToGb37XI8QCK7QOE0YdgW3Nheke/nPwV/f85VGq/I7q3pWOYY+BuiMRkSW2boIMq6AdDlVeDMfOHdZ1w8tSsX0kyow72KYL2OmkGkmEdBXVL312Z7gklqFbgP0a7Pi+Ed6HR0HPqoE0PZo7xX0EIcQccBZKj+BpYlssx1egQLOaUUd4gbQzZ10nv5FsAgIgOfdgzi7yNs+SATE/FYRy0y1UXPIUv3jsgKGuSceTeDeCAgfPvjoUCTcvfXPBTU4ivzEFYbFUZjHvuPNIVs2OWp11TsFsnuXLBSAA1f6cWYUsyvIAmfzd5+zOKWfMfdzgiVRPk4yLsie/3RdNAMPQPkPJyOQy4LjEeVzfxcoGggkYBtFbZ9928iq0RWalCiRPOVumtm/AvkroUW4oTJw5Xzr3ObUmuQsUudS8VONmSgp1zRZ+X0GmTpvGmMARh7zvoco1R4U518+ulJDGnNAQ7xRvUfBUFCf0Yja56GT9EU76wWyg9lEvC1rGU7M3iCpjpXxhFvQVZIV/LPnd+VA2im6TcTXuOnodVGtJ7kProGLyoSju1PrTRi0OKBelBLGhuHdIV+4vb8854M6+R0kh9rCM7vfrvqPVScw80LLUi+uXjk8FiXJ4TUA0mFsJ2DQpg3G/ChVo4ZlD80xiNuORvZdQ/fsfoxRvBLAe1kZlLrmhF/vWyap6reuBQa8y3Etit8F8foUlMlWGeMn/bgtfO8nq/yAzAvQayZCpy6PgtGGVo8P+SE9pktBOoWV+NpkNCL/QeyjLzbixqTNVYw9V0pMociqnxvU6Mten36D+2nbHpmEMDePnGY3GTzOYh7CJiIMJ6byzfuDC+fhycUbVwFHsXWDftRULe1wXsdMLAp8H35FbIAxhwQF8HubozP+2EiDJMO4Tv11FbVTVrpiCdCRLC82biLVS8iZBIItDMvQcrF7TzdB6n0l7cZ2l+vsQabfDQGckyUbEfj+GeitZAY+RDZ9lnGbTe8Fpzpn31nphBnqAe0STnAsrAl4Dpp6QHY7ZU/Abtd9UaYLxvp8rtpIA4b0D+kz7RppEtyQhDX3h5Eci35Oqn/naDiNEG0nkPyZFq0fpHhJEEVww5jId/LKCRMbbzNz+JI1SZkorHVe9wGscO7i1kfECaZmU292XzrUV22DkjDThAWuMFil+5CdS+rK4D84opD67ESJEbTIFgG4OhuR9m+QrC818XXnCxXwTRJgk9qhAYdPYTYQ1/MyG0LqzBXm1F6t5BAfs6gLWLiP2D5cowTxzCxJUduxsUvia3lbZ5H/gWP0Ln2NCXn3rW4K0vi9DE6oziUHDoRQOGAol4kzYyKDMyL6bQg2eTsX9O6LIaE6VbgM5r79B0gIlBq8GW7CYrIGR9K8qZuj2fzHxQPDTvogpCk2IGlOnyE4ZXht2czoMzGc7v4d7PEx/zw8l0GHDWM/qh25q7JLGRpZ2VzdD0xNDA4NzAscz05N2FiOTFhZTk5Nzk4NmE4OTQ4YjhlODA5NzY5ODdiMDg1Nzk2NzY5NjM5OThmYTQ3YTc5OWY2OGFkNjZhYWFkNjM4MWE2NzI5N2FiNmQ3NQ==
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.sonomanews.com
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
sit-live.json
api.pressdemocrat.com/_data/notifications/ 		2 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pressdemocrat.com/_data/notifications/sit-live.json?cache=5
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Last-Modified
Fri, 16 Apr 2021 18:29:30 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2-5c01b292ba91a"
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Content-Length
2
feed.json
feeds.sonomanews.com/sit2018/wex/ 		561 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feeds.sonomanews.com/sit2018/wex/feed.json?cache=5
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
957f1f7672c9f8b7935f9f7ab4c41a63c01b8f014bd47ab37b276b741bd5743f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 08 Aug 2021 15:15:02 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"231-5c90dbb90f7e2-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, public
Connection
close
Accept-Ranges
bytes
Content-Length
344
jquery.ba-throttle-debounce.js
cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/jquery.ba-throttle-debounce.js?_=1628436357797
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df0bb4f2d98e441a6c420464184d5a0dd5f800934a2bd30cc0bc7dfd35613ca3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6375421
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2431
cf-request-id
0a4bf6cb2100002c4ebb9df000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-280e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x704PEjKda3R3YG13T9vHLiSm8lPFLPzrWmNuoKVe2e7eGArjGkSMAjx0NoMsqqrgRIZPAzADUVmqImJVURdfJ9xIhPkuc%2B4mVE0S14WIYr74h24imDgq7e2yDTQ0hZZ0FSs2Ub6k3xhawVHUoGFZ%2F9z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2ac5da105e4-FRA
expires
Fri, 29 Jul 2022 15:25:59 GMT
index.php
code.pressdemocrat.com/getip/ 		23 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.pressdemocrat.com/getip/index.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
37672193f9c20b8c647338d6824b4620da80adc0d047c016ebd25b9f840c40ec

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Aug 2021 15:25:59 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
close
Content-Length
23
Content-Type
text/html; charset=UTF-8
single.js
newsletter.sonomanews.com/widget/ 		944 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/widget/single.js?hideImage=1&pid=61
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.237.183.80 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6441dae97ea8bc2de4563a9657aaf344a912e2396dea78bfb61ec7339595d19a

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:25:59 GMT
Server
Apache/2.4.18 (Ubuntu)
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Length
944
Expires
Thu, 19 Nov 1981 08:52:00 GMT
swiper-bundle.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/swiper-bundle.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401d5c523f0d2dd193df65b0c6f3115f94a8c7c305129df8570072cb05ccff8c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2836290
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3605
timing-allow-origin
*
last-modified
Fri, 23 Apr 2021 19:42:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6083232c-3631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOUejWGRiPZTnuhGYzNTKQjCmKbqPaRfhahLBtAoVpAUyLdGQC3H5wf59edfD%2FAsxSQQk2BY8cdAmmMjyXWfPdzZeajCb1N9HcGD3MuXtz6nYE17AAKOMtKaaF3n7mu7B6pMTGC3VfyxVJchs2cU41H1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2ac8e3305e4-FRA
expires
Fri, 29 Jul 2022 15:25:59 GMT
swiper-bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/ 		139 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/swiper-bundle.min.js?_=1628436357798
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e9bb24ae7c06f8c03e85e337e60442ed5a57d2b7aa5482b3fd4e641baae335
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331917
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
32882
timing-allow-origin
*
last-modified
Fri, 23 Apr 2021 19:42:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6083232c-22b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH5pkl6Gb1tCpDZzjAI9YimSFQH5AyJVuGHKTfM5yGQ99DS1wC11EWRlJ7KAGOkniKlXYetjVYj7BJ%2B8bNsjKjjCp0EnSyeac5zywyd%2FlIx52NjJZuXFoDfPZe3bsqBaKAyAVk2%2Bkw3ZED59GiRUULZa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2ac8e3805e4-FRA
expires
Fri, 29 Jul 2022 15:25:59 GMT
embed.js
sonoma-index-tribune.disqus.com/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sonoma-index-tribune.disqus.com/embed.js
Requested by
Host: code.sonomanews.com
URL: https://code.sonomanews.com/2020/js/george.js?ver=20210723
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
f65482805ba45c86f49a2591962171fb1b137b76679725a93f9c71bff1c8badd
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router_nr
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24789
sonomanews.json
privacy.sonomanews.com/banner/config/ 		324 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.sonomanews.com/banner/config/sonomanews.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.237.183.80 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
62481370ed59087d216e2d8d8e3142ef08a2dc7ebdf73b13afc94e5a642ad21c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Last-Modified
Thu, 16 Jan 2020 16:45:27 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"144-59c448d5dd7c0"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
close
Accept-Ranges
bytes
Content-Length
324
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sonomanews.com&p=%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&u=DJvFEABR92ADB7LpIl&d=sonomanews.com&g=60036&g0=lifestyle&g1=KATHLEEN%20HILL&n=1&f=00001&c=0&x=0&m=0&y=7134&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3208&t=D7TFImBhIkU2CznCRC8cRDeC3Rt5g&V=128&i=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&tz=-120&_acct=anon&sn=1&sv=BzfbddBWErjCBt4N_dCCHR1aCdON0F&sd=1&im=067b2ffb&_
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.28.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-28-94.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
/
imengine.prod.srp.navigacloud.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=309097EF-FB62-4400-A103-E24DF8E27E93&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
e675bf3324e8f677eb0cd05aa10859e2f49020f30581e3466f93338d62590fbe

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 07 Aug 2021 21:09:04 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sat, 07 Aug 2021 21:09:04 +0000
server
nginx
age
65815
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
X_A3g54jI7Wu85bVRIoRKuSvEb3_I_LoXUz8_mSu8SlmszeLgPUHOg==
expires
Thu, 03 Feb 2022 21:09:04 GMT
/
imengine.prod.srp.navigacloud.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=BB73A46F-FFED-48CD-A961-2BC7247DED3B&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
54c106a4d8074e0a57a6b439a93c6af2f9b21bf1e77e8ff62f38c09c05cfb2b9

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 07 Aug 2021 09:00:10 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sat, 07 Aug 2021 09:00:10 +0000
server
nginx
age
109549
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
gD2D_S2DDAM2yqUpPD2euNyDRsOocW4wA2vtkxyg2TbbnrDD7umrPg==
expires
Thu, 03 Feb 2022 09:00:10 GMT
/
imengine.prod.srp.navigacloud.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=eae9c2fb-5935-535f-87e5-087044e41800&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
7561e71302a8ebf23501274dbb04ae2927d2b7c9161ab301c5cbd284cf55e178

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Aug 2021 13:17:00 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sun, 08 Aug 2021 13:17:00 +0000
server
nginx
age
7739
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
d08vQz9PePb9js9k54lGoS9iZ6Rp06fTTY7_F-BS6X7_vilC9BPWaw==
expires
Fri, 04 Feb 2022 13:17:00 GMT
/
imengine.prod.srp.navigacloud.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=c8fd74ee-3010-5410-9dda-969aa34dfca6&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
b1cc41d34e072c2875f4e9b8ccab71fd0564c2a7fcf6819ed6025fff95400b6c

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 19:49:12 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Aug 2021 19:49:12 +0000
server
nginx
age
157007
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
yah5pMeXQ4czdnRXwH3B0R_ZqP0LqNLFWNeGuDRy_Qfi61XFtc6q5Q==
expires
Wed, 02 Feb 2022 19:49:12 GMT
/
imengine.prod.srp.navigacloud.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=37346637-6265-436c-b073-2d3335303830&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
a318e42000dacc0a95a42f31d04797eecd14807b4ce87f8a973132c3b7ed4f37

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Aug 2021 19:29:55 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 19:29:55 +0000
server
nginx
age
244564
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
3VDYA74AM6tiylWK70bwA2_A7OM6JPJHSbYSC8xt13VmwcyUJtzNzw==
expires
Tue, 01 Feb 2022 19:29:55 GMT
/
imengine.prod.srp.navigacloud.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=716665df-5cde-58b5-84db-3604517e103e&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
4389eb4567e4e9953c6932bf957f49955e5b841e1d18028a2daab9a1db629330

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Aug 2021 19:29:54 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 19:29:54 +0000
server
nginx
age
244564
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
hJbZF7AtGivbZZqV2dmpRkVw9mUq5jmprx2M7QjrsDcPMeGId5SiGA==
expires
Tue, 01 Feb 2022 19:29:54 GMT
/
imengine.prod.srp.navigacloud.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=2ebe5715-1b15-531f-9fbc-f3e07560f8a5&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
ecb0f53b76d0c4de3337d40c679fbc4cfeb58fc99cfb49760c61f64d01c7f17e

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 03 Aug 2021 23:06:57 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Tue, 03 Aug 2021 23:06:57 +0000
server
nginx
age
404342
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
LJLVpxi0nPSU8VNg-DkN82mvdoxwVxeDc-B6YgS4bsl29ng1o9kfwQ==
expires
Sun, 30 Jan 2022 23:06:57 GMT
/
imengine.prod.srp.navigacloud.com/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=2f89e03c-46bf-51ab-9937-081e1b6834d4&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
c065075ef6b6f42942d896ecb14430eeaa35a21746b1ae7a4e5397b885792f1b

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 03 Aug 2021 12:26:02 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Tue, 03 Aug 2021 12:26:02 +0000
server
nginx
age
442797
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
pZwL-4NuYlnagjiGN23wMQocSb24Il7sEK62hs-KLkd00fpYP1tbFQ==
expires
Sun, 30 Jan 2022 12:26:02 GMT
/
imengine.prod.srp.navigacloud.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=2d8f91d2-3038-5823-a2ad-d1be02b055b1&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
25b1bf3801d70b288d1fd96dabbb0924e5d3348e682bd620fb8baca0db8214ad

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 30 Jul 2021 19:04:18 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Jul 2021 19:04:18 +0000
server
nginx
age
764501
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
zkn_DexRSPiUYT8jhI6s6eVK_VCwDN44veFaucg1qGodZQd7pp8RqQ==
expires
Wed, 26 Jan 2022 19:04:18 GMT
/
imengine.prod.srp.navigacloud.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=98c35119-4592-5790-b2ae-b739a4b4ce08&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
e98baa4b78e46bb258e826b9f05d568fb65178457cee632c0423ce399c83cf70

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 30 Jul 2021 13:57:29 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Fri, 30 Jul 2021 13:57:29 +0000
server
nginx
age
782910
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
FalnY1zrbVkXlQ4WBvheYavwPBPsAMKguU_vuwUNTYHq3g_Hj9bx1w==
expires
Wed, 26 Jan 2022 13:57:29 GMT
/
imengine.prod.srp.navigacloud.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=18722A18-A424-44BF-8801-7D5512131DD6&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
f797a4bb500d8e8946929d6e108ec12659fa74388a4df86ecb53e56859e26b0b

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 16 Jul 2021 04:23:35 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Fri, 16 Jul 2021 04:23:35 +0000
server
nginx
age
2026944
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
500aEgLK5Ul5gl4mjXGTGm8_bb05gZhMlYjImLV8aGEhWw8RMsBCFQ==
expires
Wed, 12 Jan 2022 04:23:35 GMT
/
imengine.prod.srp.navigacloud.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=16f53aa4-6baa-5b0a-997e-634b5fd82ec4&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
03e610f69371c78da7b88ed4402def879db9f363326aa72c2b9de9fee434aebe

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 07 Aug 2021 20:21:10 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sat, 07 Aug 2021 20:21:10 +0000
server
nginx
age
68689
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
DItQ8e7qO0EvI4ljdilXhknpLlkV6yHjaybJucuBFP0zK2hoebCqkg==
expires
Thu, 03 Feb 2022 20:21:10 GMT
/
imengine.prod.srp.navigacloud.com/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=ecb9bc62-76ba-5cb7-af1a-ea58b52ac561&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
ae37fee1d2ad3a982c6eecd83c8dbbc0c7318374fff1f05d4dbe683417d3dea7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 06:36:35 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Aug 2021 06:36:35 +0000
server
nginx
age
204564
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Y7M75Jdi2_K0P00pETdp07458hsorcraAV6Grwk3XhBPdABTdDinNQ==
expires
Wed, 02 Feb 2022 06:36:35 GMT
/
imengine.prod.srp.navigacloud.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=c8fd74ee-3010-5410-9dda-969aa34dfca6&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
0e0368f7db79a8140d794c4e7ff6a311baca4c600a09fc3e6dac216d58bd74cf

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Aug 2021 02:14:48 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sun, 08 Aug 2021 02:14:48 +0000
server
nginx
age
47471
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
akmnxfedQY6U0yBV-GuhM5K0M4ThtfxFqBQ17XrETW0MHjCY4236LA==
expires
Fri, 04 Feb 2022 02:14:48 GMT
/
imengine.prod.srp.navigacloud.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=f2425ed7-4c70-57cb-b6cc-da30c623353e&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
378a0d8d443eb6196fa42cfbc52259e84fcc2b66fa75167bc3087ba80e4553a4

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sat, 07 Aug 2021 00:55:35 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sat, 07 Aug 2021 00:55:35 +0000
server
nginx
age
138624
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
hY3rEOAZe5Gw-cFAc5W1dl7gSPMrwcjuXZT2qihu14-pdA4myLAVyw==
expires
Thu, 03 Feb 2022 00:55:35 GMT
beacon
beacon.tru.am/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://beacon.tru.am/beacon
Requested by
Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
surrogate-control
no-store
vary
Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIZQT2qmPZlA2%2FS22sAzNIAXCzo5dw9iN9bWCx%2FiSGw%2FjHI3HrJ1z2z7TJHMCXJ2BwmDhGB7Q6FjBwVgMNQow7oB148rlAnJUi29hVpH1uf8CDTUeg%2F3WcC5WUCjfsWeEWkxIi7CSSc%2BcYg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
67b9c2ad4d6064f1-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 UTC
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Origin
https://www.sonomanews.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
/
imengine.prod.srp.navigacloud.com/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=dd522f94-a99e-5702-ab18-aac9093d4a16&type=primary&q=72&width=1024
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
628c7ba9e6e74db2ae605d4b9b37bae527d862fe410d5a61dbe05c73dfbd6b5c

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Aug 2021 10:14:19 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Fri, 06 Aug 2021 10:14:19 +0000
server
nginx
age
191500
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
defkbm8b8VXjNmEDD7uZPcuLVcKx2VOF4YGtsn85u-CesRPEC0jecQ==
expires
Wed, 02 Feb 2022 10:14:19 GMT
/
imengine.prod.srp.navigacloud.com/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=9e79e085-22a5-56a2-a719-7f04d9844cc2&type=primary&q=72&width=1024
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
3f819b55d39ffd5996ec878ceb96729a9ae912083dce40a1edf0f6943adf1516

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Aug 2021 14:09:43 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sun, 08 Aug 2021 14:09:43 +0000
server
nginx
age
4576
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
oeLKjMedWxIp-ybgTSJLPuR0w7bOQ2_apTgf1hLj83sb3CmKryC33w==
expires
Fri, 04 Feb 2022 14:09:43 GMT
/
imengine.prod.srp.navigacloud.com/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=110f9486-995d-5ed0-8dac-30d861a21492&type=primary&q=72&width=1024
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-31.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
27e838138000eada704b4d9b61bf71e9bc1f8041559c50a3f9cdb9cf8add6faa

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Aug 2021 14:09:43 GMT
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
last-modified
Sun, 08 Aug 2021 14:09:43 +0000
server
nginx
age
4576
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
eqWr-K5cuZwoPgLohvWrldhMiKYNSlXZ2Qlid2i_wKMQaf9H6lUVOg==
expires
Fri, 04 Feb 2022 14:09:43 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pid=mvfex4zAqdmAs&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Flifestyle%22%7D%5D&cfgv=0&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BGAqCAB87Nnj5uWn4KRlLO6poV5X8WPfrSzVpNinh6sb4mgbVluHQg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pid=mvfex4zAqdmAs&cb=1&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Flifestyle%22%7D%5D&cfgv=0&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
fknVqXxQH-Rj53WzrDiekUw9Kunyk6eFMruEUa4iF7IyseBy25BYRw==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pid=mvfex4zAqdmAs&cb=2&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Flifestyle%22%7D%5D&cfgv=0&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
d23qm-GdEkT9OxNcAVyxPFlZjNyrn0niq9-RgjwMnTg7VmlD8mErmg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pid=mvfex4zAqdmAs&cb=3&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Flifestyle%22%7D%5D&cfgv=0&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
DVbO7NdYvYbO5OroYGIP758LrY1QEcIHlqHV2Y2phxmGwVI85ptb0w==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pid=mvfex4zAqdmAs&cb=4&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Flifestyle%22%7D%5D&cfgv=0&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
_Uovts7whoMJH_OIizuMhIMrHxXUfZLRfnjNQuhDVt3rCSk51IXyoA==
gtm.js
www.googletagmanager.com/ 		140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T89FCNT&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/smi/g2i.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8210a20a3c11b2b55b9965551be9f7c2b6f45a9c3b85b4b2cd7ad76aea29bfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46928
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 15:25:59 GMT
index.js
d1wa9546y9kg0n.cloudfront.net/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-182.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 07:16:43 GMT
Via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
29357
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
TwenD4eILkb6XmPAmzXOPRbIvEI6wdvnoW_LrYwulp7Ut0F8-HDbdg==
SIT__SIT.json
cdn.ayc0zsm69431gfebd.xyz/prod/data/smi/ 		280 KB
280 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/data/smi/SIT__SIT.json?_=1628436359519
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6465011a3d124936db1c36d44adaafedd6306810439abd1f1471e66aafa3302c

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Sun, 08 Aug 2021 15:25:59 GMT
last-modified
Thu, 01 Jul 2021 16:00:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8D93CA94FE3BE5F
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
f503e512-701e-0122-7d69-8c0e1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
286539
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.152.116 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:00 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
PB19HSN7YVME5EYT
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
2yolxGMw5mOPMdN5RSINXOgmPTgsafJah8FNrUXj4rMtLCa2WgvJINJQaVp8itkfgrFjgTTEjWo=
x-amz-meta-s3b-last-modified
20191015T134358Z
lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 19:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2318692
x-cache
Hit from cloudfront
content-length
25871
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 08 Jul 2021 22:07:43 GMT
server
nginx
etag
"60e7772f-650f"
content-type
text/css; charset=utf-8
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
expires
Tue, 12 Jul 2022 19:21:07 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ZRH50-C1
timing-allow-origin
*
x-amz-cf-id
SoAv-524QhfDdKczp8Qj02TGUBcCPuMefX5okX5Uf5MhD36MKDYiUQ==
x-cache-hits
0
common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1711126
x-cache
Hit from cloudfront
content-length
94790
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 19 Jul 2021 19:39:06 GMT
server
nginx
etag
"60f5d4da-17246"
content-type
application/javascript; charset=utf-8
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
expires
Tue, 19 Jul 2022 20:07:13 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ZRH50-C1
timing-allow-origin
*
x-amz-cf-id
k1jZmR9uGbRarAOKh-4-MiqgbFrUQwshB-nL2qmV3MzSzlpdTq5XaA==
x-cache-hits
0
lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js
c.disquscdn.com/next/embed/ 		0
119 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1629587
x-cache
Hit from cloudfront
content-length
120690
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 20 Jul 2021 18:26:52 GMT
server
nginx
etag
"60f7156c-1d772"
content-type
application/javascript; charset=utf-8
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
expires
Wed, 20 Jul 2022 18:46:12 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
ZRH50-C1
timing-allow-origin
*
x-amz-cf-id
vsKO38s8QD1JmSd4MrXkDO_m-yfVr08IZj5sZx7xRcfKajOD0PinlQ==
x-cache-hits
0
config.js
disqus.com/next/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
19
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12225
X-XSS-Protection
1; mode=block
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 21:52:56 GMT
x-content-type-options
nosniff
age
495183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 21:52:56 GMT
cloudy.png
code.sonomanews.com/shared/2020/css/image/weather/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.sonomanews.com/shared/2020/css/image/weather/cloudy.png
Requested by
Host: code.sonomanews.com
URL: https://code.sonomanews.com/shared/2020/css/base.css?ver=20210723
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
5503be625fb65018a2a5f60c61660b6af6bfc6a96a35217a0c506f1e5e83db6c

Request headers

Referer
https://code.sonomanews.com/shared/2020/css/base.css?ver=20210723
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Last-Modified
Tue, 25 Sep 2018 22:30:05 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6ce-576b9a5b9d540"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801, public
Connection
close
Accept-Ranges
bytes
Content-Length
1742
analytics.js
www.google-analytics.com/ Frame 9D0A 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6565
date
Sun, 08 Aug 2021 13:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 15:36:34 GMT
WidgetTemplate2.min.css
csp.azureedge.net/cdn/widget/ Frame 9D0A 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 22:52:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d758cb2e5a6c41"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1712
jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
cdn.jsdelivr.net/g/ Frame 9D0A 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
901753
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
38019
etag
W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
x-served-by
cache-fra19141-FRA
date
Sun, 08 Aug 2021 15:25:59 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.fireSlider.min.js
csp.azureedge.net/cdn/js/ Frame 9D0A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/js/jquery.fireSlider.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
etag
"1d758cb2e5a5753"
last-modified
Thu, 03 Jun 2021 22:52:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4442
rad.js
csp.azureedge.net/cdn/js/ Frame 9D0A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/js/rad.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 22:52:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d758cb2e5a70ea"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1892
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 9D0A 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.dk/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		446 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791868478038275&correlator=322262151340311&output=ldjh&impl=fifs&eid=31060437%2C31062192%2C31062193%2C31062195%2C20211866%2C31062171&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=94238257%2Csit%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=loggedin%3Dfalse%26keyword%3Dfires%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1628436359&dt=1628436359583&dlt=1628436357244&idt=1912&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7192&adks=3615529208&ucis=1&color_bg=FFFFFF&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=299918025.1628436359&ga_sid=1628436360&ga_hid=1801361826&ga_fc=false&fws=128&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f01764a6dbb4c60440ddd0827114d8f178097f3abdc51ef6655e6ed6733a057e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0FEF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 08 Aug 2021 15:25:59 GMT
expires
Mon, 08 Aug 2022 15:25:59 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791868478038275&correlator=1231591264573502&output=ldjh&impl=fifs&eid=31060437%2C31062192%2C31062193%2C31062195%2C20211866%2C31062171&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=94238257%2Csit%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=loggedin%3Dfalse%26keyword%3Dfires%26type%3Darticle%26loc%3D1%26position%3DATF%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1628436359&dt=1628436359607&dlt=1628436357244&idt=1912&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=378&adks=1973253847&ucis=2&color_bg=FFFFFF&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=299918025.1628436359&ga_sid=1628436360&ga_hid=1801361826&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
963945fd59e5837979695eef6f14a7751b0b42af4787964f9e82b85eebf13de5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8378
x-xss-protection
0
google-lineitem-id
5742400216
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358241885
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791868478038275&correlator=2983623942642399&output=ldjh&impl=fifs&eid=31060437%2C31062192%2C31062193%2C31062195%2C20211866%2C31062171&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=94238257%2Csit%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&prev_scp=loggedin%3Dfalse%26keyword%3Dfires%26position%3DATF%26loc%3D1%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1628436359&dt=1628436359615&dlt=1628436357244&idt=1912&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=261&adks=2150666482&ucis=3&color_bg=FFFFFF&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=299918025.1628436359&ga_sid=1628436360&ga_hid=1801361826&ga_fc=false&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
887c01d08fc56b829edaf80102797278a2b2e526524db88339068929cc0bc38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5600
x-xss-protection
0
google-lineitem-id
5751298999
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358120926
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		90 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791868478038275&correlator=1156783067029114&output=ldjh&impl=fifs&eid=31060437%2C31062192%2C31062193%2C31062195%2C20211866%2C31062171&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=94238257%2Csit%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=loggedin%3Dfalse%26keyword%3Dfires%26type%3Darticle%26loc%3D1%26position%3DATF%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1628436359&dt=1628436359624&dlt=1628436357244&idt=1912&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=940&adks=2013505814&ucis=4&color_bg=FFFFFF&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=299918025.1628436359&ga_sid=1628436360&ga_hid=1801361826&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e80d68720775596e8c4160e285582dcd8ee1e0095ca85cfa875155cdbce28e7a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNDth5beofICFTXXuwgdFrkHYQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNDth5beofICFTXXuwgdFrkHYQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28358
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sun, 08 Aug 2021 15:26:00 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791868478038275&correlator=1219571620681530&output=ldjh&impl=fifs&eid=31060437%2C31062192%2C31062193%2C31062195%2C20211866%2C31062171&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=94238257%2Csit%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=loggedin%3Dfalse%26keyword%3Dfires%26type%3Darticle%26loc%3D1%26vendor%3Dcitysparksit%26position%3DBTF%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1628436359&dt=1628436359641&dlt=1628436357244&idt=1912&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=1327&adks=1509178147&ucis=5&color_bg=FFFFFF&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=299918025.1628436359&ga_sid=1628436360&ga_hid=1801361826&ga_fc=false&fws=128&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b099273ee952152ff978f7fb433181ff44ea35e514564eafa490f5e0fafca294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8371
x-xss-protection
0
google-lineitem-id
5742400216
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358241885
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
click-out-icon.css
s.ntv.io/css/ 		618 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/css/click-out-icon.css
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Last-Modified
Wed, 13 Sep 2017 22:37:26 GMT
Server
AmazonS3
x-amz-request-id
AACB98B9B3806F32
ETag
"43c31858c9aac81661d142577cb1fc68"
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
618
x-amz-id-2
QwZ2bHduXxfQJCx1hF94Q0uTuO8SBtQ5KqCiDKWIydrQgY6tuB2asVniFtWfCyW9EOqFbEEJmjY=
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=9621
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
541CA3CB462144FD
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=30186
accept-ranges
bytes
content-length
55696
x-amz-id-2
WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3e2726fa-2a19-4b20-b832-0600f5e3aaef&ntv_fl=CF4se3gYGjAPzQcMJoAeWeyjkBzc6-FCVPAlN30fLXI8UufFq2Is_i6Hc-yLVg4ICcE9lY3wBarSpSqEF-FPg8VNmBn95zBtkNvpi9mxrUJfGL_gXKLUy0m0jWBa_-BaR2AtilDR4-IDaz6Uo-NVeq7p0KNfY5NXhPxms_-E4V3deYILbMzYApoSCRFkENMGJgpMyQKMEz74bxfM-puoqJoKfd76YPRmh-uc-E9epJk=&ntv_ht=h_cPYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAAvwQA&ord=1628436359650&ntv_dpl=1011,1050,1051,1003,1019,101951,1006,1007&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
644498C358FD41DFACFEB5D86F03BF6A.jpg
ntvcld-a.akamaihd.net/image/upload/w_435,h_290,c_pad,f_auto/assets/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntvcld-a.akamaihd.net/image/upload/w_435,h_290,c_pad,f_auto/assets/644498C358FD41DFACFEB5D86F03BF6A.jpg
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-122.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8782f62e2cacc11d603697a3917c918888aa663e7a9dd079f5cddbc1b0314e88

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
X-Check-Cacheable
YES
X-Serial
167
ETag
"44921f5aba9759dfbc033ba4d07d5199"
Content-Type
image/png
Cache-Control
private, no-transform, max-age=614760
Last-Modified
Thu, 05 Aug 2021 18:07:22 GMT
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
152438
Server
Akamai Image Manager
Expires
Sun, 15 Aug 2021 18:11:59 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=46&ntv_ui=560d203d-498d-45f5-847c-d38249cc4195&ntv_a=qLsGA6uxMApRAPA&ntv_fl=CF4se3gYGjAPzQcMJoAeWZ7hj9Siv0vPL5tAneJOKJY-HKZPi4KlYHXPydCrgYRk0zph1X8QoEPuSH3vtluYyClnx4B6fpgYL7lJnbPrK58quvEzhmEt5XTLAiLJHerxX9U5W6Kh-_g7YwqVhbBfXyYM2noOuJInAq5QXZnxT4PI_UiWWLcdjd85uWsBh7YsKls9hypGIkQ4_eh8A9xa3sK_L7nXbiRX0pBVo_iFLSI=&ord=706081564&ntv_ht=h_cPYQA&ntv_tad=16&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
8892DB09B2354AA69FD693D1E4C03DCF.png
ntvcld-a.akamaihd.net/image/upload/w_533,h_325,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntvcld-a.akamaihd.net/image/upload/w_533,h_325,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/8892DB09B2354AA69FD693D1E4C03DCF.png
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.107.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-122.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a1752e38bdb98eae0d4c37b8c8004eeb80fad6b28493ac29941f24f2a1f78d3d

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Last-Modified
Fri, 12 Mar 2021 14:58:02 GMT
Server
Akamai Image Manager
ETag
"dd194daf2bb3d7ca6f03ebc67ecbb897"
Content-Type
image/jpeg
Cache-Control
private, no-transform, max-age=1426245
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
102497
Expires
Wed, 25 Aug 2021 03:36:44 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=46&ntv_ui=c022899b-61c0-4cdc-9610-24d3e79f5865&ntv_a=b4wGA5OBKA88cMA&ntv_fl=CF4se3gYGjAPzQcMJoAeWf24u-FixaVR__VK9ar2t-mWbowtNMeoo2-jfojCSBnCAUlHMy5HFtS7dmY3HYqK-gqoZbzv6PXJNAyDKSI_M4jsc_tmo9ui7n8HfUdeAXxMO_jkbya3dC6UrGij0vux_07ixCGswF8jiW6zxiN2B16xLvjyEVlTdOOIuj65OTaDdiDLxSnuHQgQ3Yt1SPs86PJ500cRXYL4gwV4O12guYo=&ord=1791037144&ntv_ht=h_cPYQA&ntv_tad=16&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1113090&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
css
fonts.googleapis.com/ Frame 9D0A 		12 KB
826 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 15:25:59 GMT
server
ESF
date
Sun, 08 Aug 2021 15:25:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 15:25:59 GMT
css
fonts.googleapis.com/ Frame 9D0A 		7 KB
694 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 14:57:12 GMT
server
ESF
date
Sun, 08 Aug 2021 15:25:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 15:25:59 GMT
single
newsletter.sonomanews.com/framed/ Frame 08AE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.237.183.80 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c297470d815c7c491b3752390789cfd8411ecbaa269ba2a73632b2b30b086612

Request headers

Host
newsletter.sonomanews.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
visid_incap_813078=weuOsIz6Si6ox9hfEVf9iIP3D2EAAAAAQUIPAAAAAAD6AlmDpHAh4fYCV1KhThjJ; nlbi_813078=Dy+pHbrxiTbtMjGrdG/KRAAAAACyEFrtFKwuwX124wEtLK5W; incap_ses_1309_813078=eX6CSuOr8jvX3CLO0YAqEoT3D2EAAAAAog0uZ+q97DIxVPbaXAIk4w==; SIT_free=1; _ga=GA1.2.299918025.1628436359; _gid=GA1.2.723143851.1628436359; _gat_UA-39519010-1=1; _gat_UA-55293627-1=1; _gat_UA-44780506-1=1; _gat_UA-37401929-2=1; _gat_UA-37401929-3=1; _sp_id.35b1=a4690ef6120d032e.1628436359.1.1628436359.1628436359; _sp_ses.35b1=*; _matheriSegs=MATHER_U2I_FIRSTTIME_20200522; _matherSegments=MATHER_U2I_FIRSTTIME_20200522; IsSubscriber=Unknown; userType=user; PHPSESSID=i9p2cpde9g57730l008a2gddq7; __gads=ID=184373884cb43ffd-224b46c798c800f2:T=1628436359:S=ALNI_MaEOlKYJ8kA26oYldjl-C-L3mj0nw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Server
Apache/2.4.18 (Ubuntu)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Content-Length
3239
Connection
close
Content-Type
text/html; charset=UTF-8
click-out-icon.ttf
s.ntv.io/font/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/font/click-out-icon.ttf?sjshwd
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/css/click-out-icon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.209.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-80.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d

Request headers

Origin
https://www.sonomanews.com
Referer
https://s.ntv.io/css/click-out-icon.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:25:59 GMT
Last-Modified
Tue, 04 Oct 2016 00:20:40 GMT
Server
AmazonS3
x-amz-request-id
4E2728108C6A99B7
ETag
"f587575d5d6dc5e7dc296da77fb11396"
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
1092
x-amz-id-2
EmmnTw/lPfW5YrN68uyJo2qBdUJ8yzfzh5RpYkgXx1El5sCKxqhvsM7l0Pyt02mz/4tw97vRLBg=
view
securepubads.g.doubleclick.net/pcs/ Frame 7288 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm4wXoerAwK_GyXyB0o5CLJEylq_lrrIsYqCXphuOTUBDkjcyolFYu1unfaA7qTFanWlJiwrxZR9jljieRYHQjFKApQ8XDOp4WAxvSQCIG3TzF8766yjpHVUT3zLxvGvYb36QvV8siipPTj1vO2wLTkevp2LzIk4UL38s3oXKhD3UrRPy7-ISNTauSyb9v5tLlsrF-D5bcCDHbbNZ0JaFob3JVl7zcgadHaeWzwMauNe1_IzzhYJoVy_dyu7mEJSNZ-yxkQ0RcqfmdVAOD62mW-Q9aAymeWkLao2ssne3c6yA-mfBLvWQ2Cxxi-IAbu55Os6egkfNg9P8g&sai=AMfl-YQP7jPHYKosG-VDZx0aLjk5kjFr_pIzsOGBXRxhnEBz7RjOZALB5KzcHxmeQo3kmZHQaZ0-nAicsumE_kXYKW_G74gB0uOSRhXR62UVHshp02XEIbTxCRpDQ7cJtSo&sig=Cg0ArKJSzGRq4LLaTZ_nEAE&urlfix=1&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:25:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 08 Aug 2021 15:25:59 GMT
ad
ads.adventive.com/ Frame 7288 		173 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adventive.com/ad?j&pid=9e3c70b3-566c-49b4-96aa-c20176b38ed8&type=4&cb=51258153&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuygDPnvmVzr8_Ppcujeez--zfY2fzvR5zsjKgAU10qygm1WcZrt-vOUQqVMIv8UE4cXJAQ6zF3JR5ah3jPOXxWbSqv79M0fzAUIBugh-IXa8uJSN3Vkl7a8K33y0F2UsJLQa7OI1l0xBlIUlHiviAxz_osOc8T1KIYcHyAa3u2cX7BV91LKL728yaq6kPfBiUSsenn87WvHr50wLVN_73tu8zHbwXMC0uYlFkTb1NXyqy1OPMp9QJURF7VzydB1Jw0avF7Vg2jJsJ0wElk-q_eEF0lTtu_nItc3muQqVLlZfFjWayvhiPTjQ%2526sai%253DAMfl-YQndEHdRBIt6DcmlJgBUTquUdfLiWoSds1IjNkw-Z40fLMfftsDykMSCyn1d8m-Uzp2pjUs2mPCVhb0jgqQLtiwtMYbcnKE6UpnFfPWNwHvorskwjA1aUD1d8RZnjA%2526sig%253DCg0ArKJSzLGaJyc_BwzaEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=sonomanews.com&gdpr=&addtl_consent=&oop=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c7b617c3181cd31da9e520a79c81a31a4e0915a7a2ce8c4cb5c22e344ae9a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-ray
67b9c2b0b8e42bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Sun, 08 Aug 2021 15:25:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7288 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249295356546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38372
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:25:59 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249289658065"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28112
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:25:59 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9D0A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options
nosniff
age
444358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 12:00:01 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 9D0A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 00:57:00 GMT
x-content-type-options
nosniff
age
484139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 00:57:00 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 9D0A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 21:52:56 GMT
x-content-type-options
nosniff
age
495183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 21:52:56 GMT
icomoon.woff
csp.azureedge.net/cdn/widget/fonts/ Frame 9D0A 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27

Request headers

Origin
https://www.sonomanews.com
Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:25:59 GMT
last-modified
Thu, 03 Jun 2021 22:52:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1d758cb2e5a645c"
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
2012
9621
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		319 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/9621?t=202178175
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
21ac7a12b331ab755404b5663ed65f4c24786fd2543165318ed92b77538c2337

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
K8WcmG0OXhfqQoPon.BBEt_BV6AT4Fdc
last-modified
Sun, 08 Aug 2021 15:18:05 GMT
server
AmazonS3
x-amz-request-id
PB12SYSRFH9CYX81
etag
"70f6dbfd6b46d5c3f74307ea1fd29201"
content-type
application/octet-stream
date
Sun, 08 Aug 2021 15:26:00 GMT
accept-ranges
bytes
content-length
319
x-amz-id-2
mbkQtPCvRDQEWu+1WPtHr9caVk1aGc8PlpErd0uTjKVIn/l+l9edyn4QDm8pm3uKlZY/O+VvtOA=
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=28&ntv_ui=560d203d-498d-45f5-847c-d38249cc4195&ntv_a=qLsGA6uxMApRAPA&ntv_fl=CF4se3gYGjAPzQcMJoAeWZ7hj9Siv0vPL5tAneJOKJY-HKZPi4KlYHXPydCrgYRk0zph1X8QoEPuSH3vtluYyClnx4B6fpgYL7lJnbPrK58quvEzhmEt5XTLAiLJHerxX9U5W6Kh-_g7YwqVhbBfXyYM2noOuJInAq5QXZnxT4PI_UiWWLcdjd85uWsBh7YsKls9hypGIkQ4_eh8A9xa3sK_L7nXbiRX0pBVo_iFLSI=&ord=801322453&ntv_ht=h_cPYQA&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:25:59 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ad
ads.adventive.com/ 		172 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adventive.com/ad?j&pid=9e3c70b3-566c-49b4-96aa-c20176b38ed8&type=4&cb=51258153&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuygDPnvmVzr8_Ppcujeez--zfY2fzvR5zsjKgAU10qygm1WcZrt-vOUQqVMIv8UE4cXJAQ6zF3JR5ah3jPOXxWbSqv79M0fzAUIBugh-IXa8uJSN3Vkl7a8K33y0F2UsJLQa7OI1l0xBlIUlHiviAxz_osOc8T1KIYcHyAa3u2cX7BV91LKL728yaq6kPfBiUSsenn87WvHr50wLVN_73tu8zHbwXMC0uYlFkTb1NXyqy1OPMp9QJURF7VzydB1Jw0avF7Vg2jJsJ0wElk-q_eEF0lTtu_nItc3muQqVLlZfFjWayvhiPTjQ%2526sai%253DAMfl-YQndEHdRBIt6DcmlJgBUTquUdfLiWoSds1IjNkw-Z40fLMfftsDykMSCyn1d8m-Uzp2pjUs2mPCVhb0jgqQLtiwtMYbcnKE6UpnFfPWNwHvorskwjA1aUD1d8RZnjA%2526sig%253DCg0ArKJSzLGaJyc_BwzaEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=sonomanews.com&gdpr=&addtl_consent=&oop=&fb=adventive_htmlx_yy944905_frame&forceFallback=1
Requested by
Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=9e3c70b3-566c-49b4-96aa-c20176b38ed8&type=4&cb=51258153&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuygDPnvmVzr8_Ppcujeez--zfY2fzvR5zsjKgAU10qygm1WcZrt-vOUQqVMIv8UE4cXJAQ6zF3JR5ah3jPOXxWbSqv79M0fzAUIBugh-IXa8uJSN3Vkl7a8K33y0F2UsJLQa7OI1l0xBlIUlHiviAxz_osOc8T1KIYcHyAa3u2cX7BV91LKL728yaq6kPfBiUSsenn87WvHr50wLVN_73tu8zHbwXMC0uYlFkTb1NXyqy1OPMp9QJURF7VzydB1Jw0avF7Vg2jJsJ0wElk-q_eEF0lTtu_nItc3muQqVLlZfFjWayvhiPTjQ%2526sai%253DAMfl-YQndEHdRBIt6DcmlJgBUTquUdfLiWoSds1IjNkw-Z40fLMfftsDykMSCyn1d8m-Uzp2pjUs2mPCVhb0jgqQLtiwtMYbcnKE6UpnFfPWNwHvorskwjA1aUD1d8RZnjA%2526sig%253DCg0ArKJSzLGaJyc_BwzaEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=sonomanews.com&gdpr=&addtl_consent=&oop=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f0791d8ad199cfcfd11f01fe36ea7c2dafb86a525ccf536536d04e473669f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-ray
67b9c2b1cc264e80-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Sun, 08 Aug 2021 15:26:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
stats
ads.adventive.com/api/ Frame 7288 		43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adventive.com/api/stats?acc=164&adv=8310&atid=4&auid=134645&cache=1&cid=59841&gid=0&pcid=78663&pid=146948&sid=565&tag=9e3c70b3-566c-49b4-96aa-c20176b38ed8&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=1&ckid=b00598fe-ae85-4022-a47c-2d58028abe55&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&clk=0&dat=%7B%7D&dh=1200&dw=1600&eng=0&grp=0&hc=eaisgwsy&iid=c29d0c751f5f4a9ebd128721cb55fa69&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&type=serve_impression&hov=0
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
none
cf-cache-status
DYNAMIC
timing-allow-origin
*
p3p
CP="CAO PSA OUR"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
x-ua-compatible
IE=edge
pragma
cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=86400, must-revalidate
cf-ray
67b9c2b1cc224e80-FRA
expires
Mon, 09 Aug 2021 15:26:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTc1MTI5ODk5OSIsImVidXkiOiIyODg1NTkyNDY5IiwiZWFkdiI6IjUwNDg2NTA5NDUiLCJlY2lkIjoiMTM4MzU4MTIwOTI2IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMDE1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.108&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=16&tid=b2606d69-b3f6-4228-9417-3f2750aba7d9&pid=0de4b440-3001-44ef-bebb-8c3c7e0e3350&dtm=1628436359996&qnm=_matherq&visible=1&tabid=7a0a680d-8337-4f5e-96ed-092a6f9a2e08&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vp=1600x1200&ds=1600x7491&tofa=1628436359&vid=1&lvidt=1628436359&duid=a4690ef6120d032e&fp=1072425006&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-56-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:00 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
truncated
/ Frame 7288 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b24d927bbabcc57d474af737cc6dcb9094d1681231e5fef86e397841abae1e4

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 758C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 08 Aug 2021 15:25:59 GMT
expires
Mon, 08 Aug 2022 15:25:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 758C 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Aug 2021 15:23:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 758C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 12:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 12:25:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 758C 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249295356546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38372
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:00 GMT
js
www.googletagmanager.com/gtag/ Frame 08AE 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-37668716-1
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65d668dcf48e621ddd25d0d34142224bab0cd31fd2968cb319482d4fd6d81bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40772
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 15:26:00 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ Frame 08AE 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170342
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
633
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6wgLm0XXplHy47jSQt7eCR%2BZkyQr3gAeNMNIAlkTNircp5%2F1Kd6RuJlOIMwEBQmj2p%2BUzDIcdp0ju%2FdOD1kNquWUrXTme29hwB2yNj5LDXj6hB6oj7AviQaAJcvHTVaYch5MXoSy6WMr5cN8WHRe0Q5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2b26d7f05e4-FRA
expires
Fri, 29 Jul 2022 15:26:00 GMT
css
fonts.googleapis.com/ Frame 08AE 		10 KB
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbfaf064614ba157ec76c38ed0d17a235e880e2959cd3fdba0f5e408fe416689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 15:26:00 GMT
server
ESF
date
Sun, 08 Aug 2021 15:26:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 15:26:00 GMT
style.css
newsletter.sonomanews.com/css/ Frame 08AE 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/css/style.css?v=20210730
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.237.183.80 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a61ac6c484a8c27270b9c0baf2b20e0c6519ad084c3d4eb4e36a4f5f472ecd87

Request headers

Referer
https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 19:05:54 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4e40-5c85be8a10880-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
3679
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame 08AE 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 08:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 08:13:26 GMT
lightbox.min.js
code.pressdemocrat.com/shared/2020/vendor/cph/lightbox/3.0.2/ Frame 08AE 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.pressdemocrat.com/shared/2020/vendor/cph/lightbox/3.0.2/lightbox.min.js
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.237.253.150 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e21385fc29fecdcb0cce90fda03d4d4929475c1a9c3701cd058561e816873373

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Mar 2021 20:09:56 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"77db-5be39c419ed00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
7954
base.js
newsletter.sonomanews.com/js/ Frame 08AE 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/js/base.js?v=20191209
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.237.183.80 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e990cdf1ddefda0d99e457090303e081ead72557e33eab64b17709ba2ab69c0a

Request headers

Referer
https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 15:45:38 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"2388-5c7cc4b87cc80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
2094
loader.min.js
loader-cdn.azureedge.net/prod/smi/ Frame 08AE 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF3) /
Resource Hash
7815b0e52a41baae1d87367912d436d113669ce50ee1cfe9a52021ddc2098601

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
content-md5
4sFw+xFqa/Mr/vUwNl6xAQ==
age
7036
x-cache
HIT
content-length
9628
x-ms-lease-status
unlocked
last-modified
Tue, 02 Mar 2021 08:53:02 GMT
server
ECAcc (frc/8FF3)
etag
0x8D8DD58963C1C69
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
83696f08-b01e-009a-4859-8caaba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
mg2-auth.js
newsletter.sonomanews.com/js/ Frame 08AE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/js/mg2-auth.js?v=20191209
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.237.183.80 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
257510b2eb0c53ee0321d6e1fa3b5055b6190c06eeb73f5ac9493f6c284a4a57

Request headers

Referer
https://newsletter.sonomanews.com/framed/single?pref=smag_at-home&hideImage=1&fid=1238
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jul 2021 17:15:51 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1105-5c7cd8e2b9fc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
close
Accept-Ranges
bytes
Content-Length
1288
container.html
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D728 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 08 Aug 2021 15:25:59 GMT
expires
Mon, 08 Aug 2022 15:25:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 758C 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 14:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Aug 2021 14:53:41 GMT
a749066f-76e8-4876-9d8b-05b8c21595c6
https://www.sonomanews.com/ 		131 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sonomanews.com/a749066f-76e8-4876-9d8b-05b8c21595c6
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
131
Content-Type
text/javascript
container.html
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FEAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 08 Aug 2021 15:25:59 GMT
expires
Mon, 08 Aug 2022 15:25:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vf-v2.js
cdn.viafoura.net/ 		639 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
223d37ca70440c629a33ce0013081965b124c5a18bd605850babca1cfbb77310

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
db7qORUVlDK6uHhOdxOZWlQ_5MsLwLNh
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:29 GMT
server
AmazonS3
age
243
etag
W/"a80259341aca4cf88547bdcc88462ad7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Sun, 08 Aug 2021 15:21:57 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
_hS_NkYQb8Zol9fpivI2hGlKe27bGkP0Eprrb8gZ7mpgkr4iDGOQRw==
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame D728 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Aug 2021 15:23:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D728 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 12:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 12:25:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D728 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249295356546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38372
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7288 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzUEAPz0qXmwGpoTlow7vx2a6XOVQaI862MplDdEIaJ6h6u8BF-ND0X4GEDHWNRXdKpaeHW_aNgABc_SnMbebaRg_YZPEAi7HuGzM3JHYPbuE51nhvPViJi5QpI5dBzC_n6PhVA3g1XV3ART-nc9eo69MfUc6zNZP48ejbnkthwcYpSn3XbP4GEKsa03N1eMjC2Tl2BnSyNsLGIYl7FQ2PA_pP3KETVMcYvy5HDiY5qXzHkHP0TmPIKJRHsPG5DVfEcZaJ-V2GzeP8Xaxn_irmMPSLYKyW7lN2RF5sIkqv6o5HmthjPnWTgE2Lk203&sai=AMfl-YRKeUAmR1ZJuidIBZhuSqS_yItraDHSAGSKSwKgbrG8zMjNk1z3qBpv-JH9--wzsCFdubZaAo3LntqhBSJ9jFCc-XTxkTPIs4XEYnmbJ9Ec1Ak1p94snJ8u80ZVjis&sig=Cg0ArKJSzOMpAuTE54EuEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 08 Aug 2021 15:26:00 GMT
analytics.js
www.google-analytics.com/ Frame 08AE 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37668716-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6566
date
Sun, 08 Aug 2021 13:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 15:36:34 GMT
300X250_003.html
s0.2mdn.net/dfp/323577/43663977/1627937065210/ Frame 1FE5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e8ec6602742bfd62fae6e8a74fb682252785b86d1be81e1e4058f17c06513c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/323577/43663977/1627937065210/300X250_003.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2311
date
Sun, 08 Aug 2021 06:39:26 GMT
expires
Mon, 09 Aug 2021 06:39:26 GMT
last-modified
Mon, 02 Aug 2021 20:44:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
31594
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 758C 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5UW8pvuvaVcNCktBXCYV-Rov-9Jr4ZgJ0CRhLO_ZXEgww4YeJU1iAebYrRpxVAVXnvxUZeiyO10gXJg3OEBG5zV11pG1Itum75PGRAc7d5w388E6mGt5iJhDRHQn6UAyLb5WCYy5CfCf-WlTlh5VZu_gM_6kFNNdZDyu-Z2GPXLDaLxGWrr33ACTh9tXwwUxviNq3F-Ea2P4CM53DwD4J4ftqxdJGmxYGLOjE3H3f5OmSIdUq8lI-p9j4VnSbweB97DbZIU5lb1Ps5ZFwwmHiQkWGSpK41GQQhqH2iYUuccJ2wQ_2BYtTHWdB4Wb9tQ&sai=AMfl-YR_zRsL5kkC_wIDBVHI04OpNyAjuLuMkeDTNJVPsYx-WEGe8-hlDvNmMr5oXH0IYB1PchKbmSo1aQn3uIsAm0mwhrGmochfGsC9HKDrObhw8DUKpjU1zAdMzj_ea_4L&sig=Cg0ArKJSzLPSelPadO-tEAE&urlfix=1&adurl=
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vissense.min.js
cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/vissense.min.js
Requested by
Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=9e3c70b3-566c-49b4-96aa-c20176b38ed8&type=4&cb=51258153&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuygDPnvmVzr8_Ppcujeez--zfY2fzvR5zsjKgAU10qygm1WcZrt-vOUQqVMIv8UE4cXJAQ6zF3JR5ah3jPOXxWbSqv79M0fzAUIBugh-IXa8uJSN3Vkl7a8K33y0F2UsJLQa7OI1l0xBlIUlHiviAxz_osOc8T1KIYcHyAa3u2cX7BV91LKL728yaq6kPfBiUSsenn87WvHr50wLVN_73tu8zHbwXMC0uYlFkTb1NXyqy1OPMp9QJURF7VzydB1Jw0avF7Vg2jJsJ0wElk-q_eEF0lTtu_nItc3muQqVLlZfFjWayvhiPTjQ%2526sai%253DAMfl-YQndEHdRBIt6DcmlJgBUTquUdfLiWoSds1IjNkw-Z40fLMfftsDykMSCyn1d8m-Uzp2pjUs2mPCVhb0jgqQLtiwtMYbcnKE6UpnFfPWNwHvorskwjA1aUD1d8RZnjA%2526sig%253DCg0ArKJSzLGaJyc_BwzaEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=sonomanews.com&gdpr=&addtl_consent=&oop=&fb=adventive_htmlx_yy944905_frame&forceFallback=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338281
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3066
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04028-2af5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMFLJA6tJVeobLqknAz5L3ULLHhT786q13khoYgRxS3htEg8n2bTPZPyg9b7zIawNeEnQIgkYuPIgn4PrBky7H6Hj%2FaUSDIhT8d3lVPj8yiCEhyV5HrE1HT0Kds9I5cLWDRq%2Bh6dDbC7gdg3thNwCBqV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2b3484105e4-FRA
expires
Fri, 29 Jul 2022 15:26:00 GMT
index_300x600.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f430281b1b40ad9a9d625232ae0e858324d26cdf2138743580a805852ffa2a3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 05 Aug 2021 10:04:43 GMT
expires
Fri, 05 Aug 2022 10:04:43 GMT
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
5778
age
278477
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame FEAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClbeXh_cPYZCOKbWu7_UPlvKeiAbTrpqSZOup4uGPDt295ZCWDhABIO_r-Gtg0YG5gtAHoAGK49O2A8gBCakCd_4whzc6hT7gAgCoAwHIAwiqBKYCT9D6Ho9LrdYt-bG0354kIV7FkersubI-8b2zZ_C5acMqdv7V-xUT5uyN1gl1L0099AKWSmc--myhXoYADMezXs_wjYMzf1EpfJskPvSnk1rMddtDp4ZKQ5-CCLxIoZGciRUIXj2wj86MakLANop-ZfBm8UYDsBDzwlfUMdvq7gYYqGTwZBpfLg2TVvj_SmSKk1YRI1VY9AHz-E6llFWOdOeh8gpiy682-d6UKn4AoR4KI7ZYC1_2Bvd54xNeMfUgoJkMqGX2PvgPenhfYQu04UWH7llCmesDjcBmALuUNUSNCr1Tpv57uHeFwMhHJBsO_oFMNHv5VFxbBKASv4KwVtTesNW-VMN1-81g47BKYF0LveWXpanTFxOd2vtKDvKq2RsUoHDJwAS5udGFwAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHl8a6J6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC02RTSCAkIiOGAcBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNTczNzU4ODc5NDEwMTgzNg&sigh=QEjUOk9BmSE&template_id=419
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame FEAD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Aug 2021 15:23:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame FEAD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Aug 2021 15:22:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FEAD 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249295356546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38372
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame FEAD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Aug 2021 15:23:21 GMT
dda7b6f9-3d49-41da-b63c-33d8870f49d2
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=970/164/ Frame 2CE8 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=970/164/dda7b6f9-3d49-41da-b63c-33d8870f49d2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c87d91c4f14ae5471fd41853b68ed852c23945d5099a9519ac79b02de271f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 30 Jul 2021 22:58:39 GMT
server
cloudflare
etag
"cfuk8gxOtiLHtAx89E6vaZEw:38dd6ebb25f06167d3a2d8b25bd75b1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=43200
content-length
17678
accept-ranges
bytes
cf-ray
67b9c2b3ba7d2c01-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-resized
internal=ok/h q=0 n=21 c=17 v=2021.7.7
f59bce44-8d4f-43ef-a667-4e27bbb5e437
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=400/164/ Frame 2CE8 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=400/164/f59bce44-8d4f-43ef-a667-4e27bbb5e437
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabfa116a22a727daccc08106b151e158d9ad373391d90d03dbd811483c8a863
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 30 Jul 2021 22:58:39 GMT
server
cloudflare
etag
"cfcYMTwXCBnj8oPapMeyjY8w:437fb3df8eb4fe9b9eaa050d2844817d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=43200
content-length
63256
accept-ranges
bytes
cf-ray
67b9c2b3ba7f2c01-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-resized
internal=ok/h q=0 n=21 c=48 v=2021.7.7
blank.png
assets.adventivecdn.com/ui/images/ Frame 2CE8 		34 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/ui/images/blank.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
cf-cache-status
HIT
age
15451
cf-polished
origFmt=png, origSize=68
cf-ray
67b9c2b3ba822c01-FRA
content-disposition
inline; filename="blank.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34
x-amz-id-2
JnsTmVNQ0/laQPUnJeKu+zk7JUHAkDEVYbr+n4Q9V3aPGqBS2RPyoWqOGriCBf1CdASKAtoRjz4=
last-modified
Wed, 24 Jul 2019 17:44:25 GMT
server
cloudflare
etag
"e679fbd466a2d656f194a5da4fa083cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
7SRNZ7HG9BWB910K
cache-control
max-age=43200
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame D728 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 14:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Aug 2021 14:53:41 GMT
views
prod-smi-proxy-connext.azurewebsites.net/api/ 		64 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-smi-proxy-connext.azurewebsites.net/api/views?UserId=a8b3e999d21993a85dedb3de937f3d71&ConfigCode=SIT&SiteCode=SIT
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940

Request headers

source-system
Plugin
site-code
SIT
autoqa
false
ssid
94a81948ad144124eabd92f452dfe51f
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2Mjg0NTA3NTl9.8onRZE4e68E5myxJV7AIfH9KzKJuJMs0bagOjrtIDGc
location
System
content-type
application/json
access-control-allow-origin
*
accept
application/json
environment
prod
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
config-code
SIT
version
Version: 2.7

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:00 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
176
X-Server-Time
8/8/2021 3:26:01 PM
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-smi-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-smi-proxy-connext.azurewebsites.net/api/views?UserId=a8b3e999d21993a85dedb3de937f3d71&ConfigCode=SIT&SiteCode=SIT
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Server
Microsoft-IIS/10.0
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
Access-Control-Expose-Headers
Request-Context
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET ASP.NET
Date
Sun, 08 Aug 2021 15:26:00 GMT
Content-Length
0
createjs.min.js
code.createjs.com/1.0.0/ Frame 1FE5 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sun, 08 Aug 2021 15:41:00 GMT
300X250_003.js
s0.2mdn.net/dfp/323577/43663977/1627937065210/ Frame 1FE5 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9141a4577e616dca6cb44e8cb86b2ed4968b1d6784f8f1c7b191f090a5d6dffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 06:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8776
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 20:44:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 09 Aug 2021 06:39:26 GMT
v2
api.viafoura.co/v2/www.sonomanews.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/bootstrap/v2
Protocol
H2
Server
2600:1f18:44f0:4864:9fd9:9aa3:29d1:ddae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
server
nginx/1.18.0 (Ubuntu)
expires
Sun, 08 Aug 2021 15:26:00 GMT
cache-control
max-age=0
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age
1728000
v2
api.viafoura.co/v2/www.sonomanews.com/bootstrap/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/bootstrap/v2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:9fd9:9aa3:29d1:ddae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61c7caccc25ac5d1bff1ba6778f3ffb33e164095e53916c05cc3cecb7fa20e8c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0d5649d8adbebdb8e
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 08 Aug 2021 15:26:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 56EE 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 08 Aug 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 56EE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10107
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 09 Aug 2021 12:37:33 GMT
image-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/image-0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d537f29c9db5fe72760e452232799b5c623fb64c4f6e8fae5e9c216ea55446b5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5627
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
server
sffe
date
Thu, 05 Aug 2021 10:03:21 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 10:03:21 GMT
image-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/image-1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024b177a99e0291823b74b044f6059b7b573045ced813d6496263ea80e068e83
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6133
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
server
sffe
date
Thu, 05 Aug 2021 10:03:21 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 10:03:21 GMT
image-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/image-2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb580f07bc7ad6843b1363c6b6179b5160eeaae399156b1a51fbf5a667c76698
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5637
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
server
sffe
date
Thu, 05 Aug 2021 10:03:21 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 10:03:21 GMT
image-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/image-3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96ad0a484ed2096f062d3042ed65e1b462e1c3be8179ca5aa2d237adf2df9a97
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6565
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
server
sffe
date
Thu, 05 Aug 2021 10:03:21 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 10:03:21 GMT
image-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/image-4.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e3f03de8f4580ae59367431d81af54d6f2dcca2daeca79ee5aae0ef226012d8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5292
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
server
sffe
date
Thu, 05 Aug 2021 10:03:21 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 10:03:21 GMT
image-5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/image-5.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
201896502fd4a1418659723632303c74dc47c7d7cfcfdaf0eec8360e7ee2e7c4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6552
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
server
sffe
date
Thu, 05 Aug 2021 10:03:21 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 10:03:21 GMT
image-6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/ Frame 56EE 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/image-6.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5feabd72d0c551b298c64d25df355e488c0f92ca8bf0c0989d7f35b92b48fbd0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278559
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24396
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 08:39:40 GMT
server
sffe
date
Thu, 05 Aug 2021 10:03:21 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 10:03:21 GMT
tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 56EE 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38738
x-xss-protection
0
last-modified
Thu, 31 May 2018 15:49:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Aug 2021 15:26:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3D53 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkktklh20x5-GTUh1j-bxTp34YjlpFlgie-8uD57BZXpLjhXT5M134L4IZOr1k; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 08 Aug 2021 15:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
576
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FEAD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f073778f8705fc2880a8bf5f41e1ec6ae4eba915e9162f46d5d783bafed74e2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
300X250_003.html
s0.2mdn.net/dfp/323577/43663977/1627937065210/ Frame CAEB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e8ec6602742bfd62fae6e8a74fb682252785b86d1be81e1e4058f17c06513c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/323577/43663977/1627937065210/300X250_003.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2311
date
Sun, 08 Aug 2021 06:39:26 GMT
expires
Mon, 09 Aug 2021 06:39:26 GMT
last-modified
Mon, 02 Aug 2021 20:44:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
31594
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame D728 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqRNTQWV0W5MG7oQ2IBmyoW_GkRRIRiCK1iOKsJdtlMgM-XInOpAZtkhutlKDzrOfLpVPIPGyCF1jSoCSYOR-3-EXarOdbXIUvGkb4GRKD3RUn2YuiM8w6J42IjmMjLmqVIaMnr5I03FJmgze5jZsztnNfflyRi6jnHx8dngPlEqDI5mt-HMMxKFkIYVP7sM1XALV5Ww16TM9ZQrKspumDXGfaPxOnbTkJwAtI6iTFzE1BmPxy2e2OQA8zst9Zv_S_VXLQ5CnA-rWu0kZS42NyuUb41-b8IumM38hMTM2sKuKKP8VhFbgqTt9n00eJcw&sai=AMfl-YSoQTQQ-TaMk_t01UO-HBAtS0y1bcN80PLGU2SNvNg62ISep_4A00xQyTuZv_lbr91L6QWq7fyFZkWt7vU3x8di1zrmMB_sJ5Yx5VYGWTshdytYazPF5kCLiydr-WM&sig=Cg0ArKJSzMwjw-uM-p83EAE&urlfix=1&adurl=
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 56EE 		6 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900,900italic,400&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16861039119377752891/display-skoletasker-tasker-20-300-600/index_300x600.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
269cf169b4188020239279d162fc34aaafd3b835ce600534d830499a7a049acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 14:16:58 GMT
server
ESF
date
Sun, 08 Aug 2021 15:26:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 15:26:00 GMT
300X250_003_atlas_1.png
s0.2mdn.net/dfp/323577/43663977/1627937065210/images/ Frame 1FE5 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/images/300X250_003_atlas_1.png
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e336b178b8ee9c7b215b7fe6acfc44942716261cd9b130c813af5348fb152f0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Aug 2021 20:44:25 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
expires
Mon, 09 Aug 2021 15:26:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 758C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvScawFZKWrlQuyUkJNiuPxIkUZZal09pbNCY4E_gJiO2SORdynqMmAxZZ1rq7GFobjWSfXiTi6PfaGimtW05f_74fuqx9OJ1x_XtIygAI8PuboTMOu82TsyhAWLgxh6U8buscfazKVeHWO5T8IcJw60AOPrqYTdsW8vzi4GcTzWs3Kj_yHhYgxlMEtCiJPvxlUgR5G3No9BBUYSO71Kp4Kp_6RpUhVaj6GTu9aVVDUu6ADhQpAflJNbBx3Q6xjYt7P2cVBNT69FOlFVt6ruYw4CrKJpxbCrQSTgRXe_MaXdscb6dnVkoz4J7ComTyRjW7q&sai=AMfl-YSc2FL0TEbCbXan7bvh68K1JKKewdg-QPD70R3ZanLJkzEqrt95A-uMdIhdGf-4X1N5otGphBSv_Oy3bchmvON13HsnJERotunnv3d7sj9bjH-OMzfVBfwMFKK67XsE&sig=Cg0ArKJSzKQtzhvPzBrjEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 08 Aug 2021 15:26:00 GMT
loader-config.json
cdn.sbgsodufuosmmvsdf.info/prod/smi/ Frame 08AE 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.sbgsodufuosmmvsdf.info/prod/smi/loader-config.json?_=1628436360488
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7A) /
Resource Hash
d73088906945f5443bcf75f31d6ba821ec4c6034ac6c36bf2398ff4949ebf815

Request headers

Accept
*/*
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
content-md5
3FCtiCLueSwF8DWRoif3hQ==
age
30626
x-cache
HIT
content-length
1262
x-ms-lease-status
unlocked
last-modified
Tue, 02 Mar 2021 08:57:32 GMT
server
ECAcc (frc/8F7A)
etag
0x8D8DD59374E080E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d7f36da3-301e-0003-3422-8c2578000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 08AE 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsletter.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:42:40 GMT
x-content-type-options
nosniff
age
420200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 18:42:40 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v22/ Frame 08AE 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v22/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsletter.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:03:30 GMT
x-content-type-options
nosniff
age
170550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:53:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:03:30 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v22/ Frame 08AE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsletter.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:03:58 GMT
x-content-type-options
nosniff
age
170522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:53:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:03:58 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 56EE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900,900italic,400&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 12:36:34 GMT
x-content-type-options
nosniff
age
442166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 12:36:34 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 56EE 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900,900italic,400&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 10:03:57 GMT
x-content-type-options
nosniff
age
451323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17540
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:11:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 10:03:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 56EE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900,900italic,400&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
507576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 18:26:24 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame CAEB 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Sun, 08 Aug 2021 15:41:00 GMT
300X250_003.js
s0.2mdn.net/dfp/323577/43663977/1627937065210/ Frame CAEB 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9141a4577e616dca6cb44e8cb86b2ed4968b1d6784f8f1c7b191f090a5d6dffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 06:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8776
x-xss-protection
0
last-modified
Mon, 02 Aug 2021 20:44:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 09 Aug 2021 06:39:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3D53
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
URL: https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkktklh20x5-GTUh1j-bxTp34YjlpFlgie-8uD57BZXpLjhXT5M134L4IZOr1k; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 08 Aug 2021 15:26:00 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 08-Aug-2021 16:26:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 08 Aug 2021 15:26:00 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 08 Aug 2021 15:26:00 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ Frame 08AE 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2119827823&t=pageview&_s=1&dl=https%3A%2F%2Fnewsletter.sonomanews.com%2Fframed%2Fsingle%3Fpref%3Dsmag_at-home%26hideImage%3D1%26fid%3D1238&dr=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=The%20Sonoma%20Index-Tribune&sd=24-bit&sr=1600x1200&vp=279x270&je=0&_u=QACAAUABAAAAAC~&jid=803736311&gjid=715535094&cid=299918025.1628436359&tid=UA-37668716-1&_gid=723143851.1628436359&_r=1&gtm=2ou840&z=1678351384
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ Frame 08AE 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1504
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
709fb383-901e-008c-1766-8c807b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sun, 08 Aug 2021 15:56:00 GMT
polyfill.min.js
polyfill.io/v3/ Frame 08AE 		101 B
189 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://newsletter.sonomanews.com
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1236503
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Sat, 24 Jul 2021 21:34:25 GMT
date
Sun, 08 Aug 2021 15:26:00 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
collect
stats.g.doubleclick.net/j/ Frame 08AE 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-37668716-1&cid=299918025.1628436359&jid=803736311&gjid=715535094&_gid=723143851.1628436359&_u=QACAAUAAAAAAAC~&z=131971845
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 Aug 2021 15:26:00 GMT
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
300X250_003_atlas_1.png
s0.2mdn.net/dfp/323577/43663977/1627937065210/images/ Frame CAEB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/images/300X250_003_atlas_1.png
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e336b178b8ee9c7b215b7fe6acfc44942716261cd9b130c813af5348fb152f0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/323577/43663977/1627937065210/300X250_003.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Aug 2021 20:44:25 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
expires
Mon, 09 Aug 2021 15:26:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D728 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTdtfTD9NP7q4ea03xJnmBUXqSx5dR-aEw3WO5xHQHYQbaCCfHQN2JaEixm3Dkpqau2VR1IaAwNbTyHicA6-47HxToGdZwVbllBEwXaF4H70cAQQl6JYaw2QFRxN37-kR-L62fXKpMlW0HhVY1fqKfmXuqRYR7KG7b7obea_ruVeGE5VgxKESoax9ahPAiSRy2uXuNOVWkHRJQxepiAf7HX998dOXGVv0ngzJI2orC6_NpBSETuPO54EGMpUndn8E3oOffv808Vy2t1kXoR7Le-VaLg8izwH7ukdovUqHdpDIFEwXuQqL2mFQ87EXwIfRt&sai=AMfl-YSdKPJ0RlpdY0FKCRFbOE69AGwrZDzEMMtpOAihThVcxailCjqN377PfdhZhpchJ5Mlc1__Nk2oobl3s_vH4lsRP7ioe4N5NDSyDY7XSRihmcTu7dgsCxLS2yye17s&sig=Cg0ArKJSzNMf6FofcXRNEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 08 Aug 2021 15:26:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=3e2726fa-2a19-4b20-b832-0600f5e3aaef&ntv_a=AAAAAAAAAAAvwQA&ntv_ht=h_cPYQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWeyjkBzc6-FCVPAlN30fLXI8UufFq2Is_i6Hc-yLVg4ICcE9lY3wBarSpSqEF-FPg8VNmBn95zBtkNvpi9mxrUJfGL_gXKLUy0m0jWBa_-BaR2AtilDR4-IDaz6Uo-NVeq7p0KNfY5NXhPxms_-E4V3deYILbMzYApoSCRFkENMGJgpMyQKMEz74bxfM-puoqJoKfd76YPRmh-uc-E9epJk=&ord=-1352956576&ntv_ift=0&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:00 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080501&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
203c81b99bb75863f6c609f282f65f3e9c169495a0829ceb32907803bac9459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8547
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 39C9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 08 Aug 2021 14:21:02 GMT
expires
Mon, 08 Aug 2022 14:21:02 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3898
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9CCD 		783 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c8fa8434fb243ffca2b78166cbe0cfa84ec60e6076fed6b260322cd60f6f5dd7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p8xdR/PvfbnvsXhHKtN9XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

expires
Sun, 08 Aug 2021 15:26:00 GMT
date
Sun, 08 Aug 2021 15:26:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-p8xdR/PvfbnvsXhHKtN9XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
dc.services.visualstudio.com/v2/ 		415 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
8F80DEB4-0583-43FB-B5AF-A6AC1E24C575
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 08 Aug 2021 15:26:00 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
415
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Sun, 08 Aug 2021 15:26:00 GMT
content-length
0
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=47&ntv_ui=560d203d-498d-45f5-847c-d38249cc4195&ntv_a=qLsGA6uxMApRAPA&ntv_fl=CF4se3gYGjAPzQcMJoAeWZ7hj9Siv0vPL5tAneJOKJY-HKZPi4KlYHXPydCrgYRk0zph1X8QoEPuSH3vtluYyClnx4B6fpgYL7lJnbPrK58quvEzhmEt5XTLAiLJHerxX9U5W6Kh-_g7YwqVhbBfXyYM2noOuJInAq5QXZnxT4PI_UiWWLcdjd85uWsBh7YsKls9hypGIkQ4_eh8A9xa3sK_L7nXbiRX0pBVo_iFLSI=&ord=1973525454&ntv_ht=h_cPYQA&ntv_tad=16&ntv_ift=0&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:00 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
pagead2.googlesyndication.com/bg/ Frame 39C9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 11:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
14759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13260
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 11:20:01 GMT
thirdpartycookie
api.viafoura.co/v2/www.sonomanews.com/ 		45 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/thirdpartycookie?section=
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:9fd9:9aa3:29d1:ddae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:01 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-04f7f8adc9b0cad8e
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 08 Aug 2021 15:26:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080501&jk=791868478038275&bg=!k5ClkNTNAAals0SOpbM7ACkAdvg8Wne99irdyAhdlrMGGU9ywROadtpGNvKJAMmYU6ecsQrEtJRhrwIAAABfUgAAAA5oAQcKAFzBRhZxhyzcEAXed--QfAEFL8G4Dt9MJ6gRnJy36c3n-0ICkt9As3vykptazexXWsIFwE4RYgjBV6J_aeUCYSwrVn5HyX82TevwBgeCcW2hgftnjfU2XllgssMHKJkCjF-f6PBEXZLpLhU6tWOA3_keMOxz_Gu1BCxXcTk42TizRDeYdfcidziHDxFBxouH22e4M1iSCh_fS7lKFNlk6KXZgU_QI48Lzbl2jE_dxMvnhG8fh55KIM1p8PeMh6QeSuGN_k9jvl94OveWGlckD52MOMPV2zT0CyLfHGeSiuO0tX-tHlZni_LmQRVl5cBh83UqLNCTNa3CBaoyKfJ3fZgJ5jpterkeW6s69TCb5bM9KKJLWzj7TWQLQOS9nskQB5DZpi4AdI1GsATo7wLci9fg5lQSA8ibUpj8XOAblxfAHlp9TgPTEAK1_Ef-mwS14n5AkKDIytdff8qFRBo1HnDWFBqm8-tEV0yh8vE_ru3_hW_jxpv0sJWGu-PXReTkTDwlpt9gI_s4PO-KbkiB1rxwWOFFw2bdzJgUZOBRzFKvk0JQRn2fVjRMV_JLukm5yNLu_S5LJfdB53jWfDYj-3B8QJbacrwo3p5dBfx7iaD_4uMFzL9bxJaC30SID449lStftyc1li8gnaJ0qbDX4i8HlkXc036qyLfSmugBTj_COVF8wms079qIyKcEcKu98bK2tr2YsRQrSc34HBEjmp-xytWg-k5I9xs6GbuFpKtYsxiHEaqTar6UNEve-HULGh36Xy590pNpADGkBYurz_v6aPxX1zk9SghPyREPi_ax505VdurSPotFpsw4rwbYEExxvguT-zfk4p4CV67uCjtfd-oMI3mrm1u2zgcA463jnQLOFza-AClYjZLSpMNtEy1q4PZtbofBN2ayvJtcNeuse8Oyik559j-UTZketV2Y8B_IQnuPwxyhQ55PhMVIN1hA7-OVNJ2AlUFoA4MiT5Y9gXHmXNTWumTr9Ho
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
intl-messageformat.7747df9f5e787d050716.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.7747df9f5e787d050716.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a780365f68a75603d5c3c324fffb9daefa5c6aeeab4b5ca3a5137752d11543

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:12 GMT
server
AmazonS3
age
175405
etag
W/"6a28ca9a8411369a510b053245c087bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Rl_1cqmJFRiZEK0WEbkM5kTFp2Mvxb0s
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
ZVoKOVU_gwtAQfjIqVbWZY6XwSUhQJXgaAzn7IR8hhvvbvsFTwCpIg==
intl-messageformat.ba7f3c14987923abc6da.js
cdn.viafoura.net/chunks/languages/ 		134 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.ba7f3c14987923abc6da.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14092a622d814ba306f2ccb82d779ba8ec8d4a57a4d2976b7bd23dc9a48fc196

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
last-modified
Fri, 06 Aug 2021 14:42:15 GMT
server
AmazonS3
age
175405
etag
"afc0fa91dffa6e09c7a975ed11aa0ff9"
x-cache
Hit from cloudfront
x-amz-version-id
Ktt6P_WaDJzbqLO5PoFOGfQyBdghPfzz
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
134
x-amz-cf-id
M4p46TWuVPc_3hBK4pIZ6zt-b60Q4QAn3F2Y3Rvyh5Cnk1vK8ATTWQ==
en-us-base-json.523fff16a553999f9095.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.523fff16a553999f9095.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37c9d4b25506c10f963bc08344dbd5df1c8f79b8556ec137f0c421bebd597616

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:19 GMT
server
AmazonS3
age
175405
etag
W/"85249b7581c866f5a5f63b9022054670"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
sRqxqfHPatCinx2SLp5j6pIRT4ht8j5X
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
2t7GuCWuFQkGPd9nt5cxpsY7jqpcDkRu0AMLkaOsEUwBjhAwTizG6Q==
vf-css.39a7eb6741a4bc0be1d0.js
cdn.viafoura.net/chunks/ 		119 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.39a7eb6741a4bc0be1d0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5412bd44b32529f8326da134495784aa6514d89ecd542eda32a70bea29c649cb

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:21 GMT
server
AmazonS3
age
175405
etag
W/"c1638990dd3c0fc2faf1d0ea427b01f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
tLGFYPMrVv.0b0F2hI6MwC9EE9wv_tmL
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
aBGrxKXXFFkSTp0KHZEptTCkaZ3HtjdaivBEpSGaWzUDNf55RotNvA==
css
fonts.googleapis.com/ 		16 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 15:05:40 GMT
server
ESF
date
Sun, 08 Aug 2021 15:26:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 15:26:01 GMT
en-us-trending_articles-json.da14830f664d004ee34d.js
cdn.viafoura.net/chunks/languages/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.da14830f664d004ee34d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46a08b5c19831e7ae02364188fc88776f98cba7d160a1e9963024457eff99e78

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:41 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:15 GMT
server
AmazonS3
age
175401
etag
W/"eceae4deaa484e95ea10779ff3225ab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
V_Ag2lnHGORbDDaysPYFBxLFrEPd17rs
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
GWUPYqWw0oY7e20hWE57YtN6WIfSZnAsmNyUGbWank_olQ00JwUSlQ==
0.beb4befde64b030734f7.css
cdn.viafoura.net/ 		85 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.beb4befde64b030734f7.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d83c6926a4e5c71a54dea347a6c84a4cad5abc6c3d59e89d6478ea1fe0af095c

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:28 GMT
server
AmazonS3
age
175405
etag
W/"ba137dd4a96cb5cfbfaa1b7894eeb192"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
gekYH4U8VXbCkwOuUv_8ZS6YDue73Y3M
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
text/css; charset=utf-8
x-amz-cf-id
hviNuHnpPIu5JktbDW977kTHtkMti2mllvXpfIEUJsPFUryC2-ICgA==
da.5b91ca618d14d4ddaae2.js
cdn.viafoura.net/chunks/ 		142 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.5b91ca618d14d4ddaae2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8585bc8bf997fe6337d67c082ea7d2dea117ca40ec5f0021842c60cb2dd4006f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:23 GMT
server
AmazonS3
age
175405
etag
W/"fee71685244fc26bcdd46a825a372445"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
gdU_xknF96yqXLNsaD8B6AQpsjCcrqoq
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
03XXH_k5QIelbCxGlkoxh3GWMAd1lSujhgv4Yx4ShvcBIpQNNmL8ow==
117.e6384fefd84d1abc1698.css
cdn.viafoura.net/ 		1 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/117.e6384fefd84d1abc1698.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cfbcbdf6d39487853065c6770cb7b9ca5969bb971409a101fa0b84b545e3ccf

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:27 GMT
server
AmazonS3
age
175405
etag
W/"a7f694a31d133388074eea75734c42c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
7CjZ2QbDw0_g6xXldpL85GaGHOhdp5UV
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
text/css; charset=utf-8
x-amz-cf-id
U1jd8tOmYtkGfphLOcsFXb1iVCjM8FtI0h5SqWQajBvdXnd2JeesFw==
tray-trigger.b58e133296ae19751407.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.b58e133296ae19751407.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7e62c11052983aa6d0f1074aae23f06c1007a275042f29584ca81edfa0ed0d6

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:25 GMT
server
AmazonS3
age
175405
etag
W/"28e98250ccb1dfcd40221176e46d2976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9mPvDNlAeYuSyL.MbMDPQca0Jc4t4frE
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
fHy6GMegE6Ewi53N9KERofw3XHJ0trg6KAhgsZ5PI41rDRJGuTHEig==
en-us-conversations-json.cb24bcc517dce0e0b30a.js
cdn.viafoura.net/chunks/languages/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.cb24bcc517dce0e0b30a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83eedfa3ecc375f45f5b2a979b3933518da9a8d1ff90d99c244bcb6abaccbaca

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:38 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:18 GMT
server
AmazonS3
age
175404
etag
W/"704224b91979d760b962149319dc140b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
szIaoJDtyFXeUXXkUM9aQW6qZiuhYhQQ
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Kbe7HChXYI8NqPRsAG6aY69mwu0wQnBGTmQjQMvlGoMaYIA4Kg2hOg==
ingest
i.viafoura.co/v3/www.sonomanews.com/ 		67 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.sonomanews.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.sonomanews.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-f9a45be2b954%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1628436361%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1628436361%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%224104dffa-2a20-4a9d-a132-fcea763a5cf5%22%2C%22firstVisit%22%3A1628436361%2C%22previousVisit%22%3A1628436361%2C%22currentVisit%22%3A1628436361%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.sonomanews.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-f9a45be2b954%22%2C%22section%22%3A%2200000000-0000-4000-8000-f9a45be2b954%22%2C%22pageImage%22%3A%22https%3A%2F%2Fimengine.prod.srp.navigacloud.com%3Fuuid%3D8d8aea86-79ed-5177-9e64-28515f58ecee%26type%3Dprimary%26q%3D72%26width%3D1200%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F%22%2C%22path%22%3A%22%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F%22%2C%22title%22%3A%22Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22Food%20news%20from%20around%20the%20Valley%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%2247a08c01d9aeba64800b5c01ed5c62fbe456c62d%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%2C%22container_id%22%3A%2281861018-d511-49a1-956a-d2af403880b0%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en-US%22%7D%2C%22rq%22%3A%22724559ee-898d-4150-8806-e721a6741e07%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-content-recirculation%22%2C%22vf-tray-trigger%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-102-122.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7288 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoypF9_O5f4TrK4Gqguztn7IfVMIVSSHSwMj62iJYiryqn5SQ5Oq_uUjw2OMPB3XGSIAgGGLPtepXcJ3MU1JLQbSlGm5DKrZBojR-MNFwAoPHUuCEF&sig=Cg0ArKJSzFfEAkDLddI8EAE&id=lidar2&mcvt=1032&p=261,0,351,970&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20210806&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2150666482&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628436359754&rpt=264&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-module-js.5f2f05b165f51281ef16.js
cdn.viafoura.net/chunks/vuex_store/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.5f2f05b165f51281ef16.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90ac61aa0fa9e0b3cd741faa42a245a033856c06fefcfcd29a234da17fc7accd

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:21 GMT
server
AmazonS3
age
175405
etag
W/"85a60b51b7e708bc93b8eab66b95fe10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
SqqJho.mRQ6zUNSi.gbM9e.UYYNtleEF
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
zPqTHNScOQpPLJF1LClEgPExB7CDSHKzWGlepinYxxPJv8VkN0Jz8w==
views
prod-smi-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-smi-proxy-connext.azurewebsites.net/api/views
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Server
Microsoft-IIS/10.0
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
Access-Control-Expose-Headers
Request-Context
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET ASP.NET
Date
Sun, 08 Aug 2021 15:26:01 GMT
Content-Length
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1801361826&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterLevelSet&el=%7B%22MeterDetermineMethod%22%3A%22Default%22%2C%22MeterRuleName%22%3A%22NA%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=aEHAAEABAAAAAC~&jid=247573788&gjid=586796752&cid=299918025.1628436359&tid=UA-143600161-1&_gid=723143851.1628436359&_r=1&gtm=2wg840T89FCNT&cd1=1628436361252.ua5m43k&cd2=a8b3e999d21993a85dedb3de937f3d71&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Unknown&cd17=1628436361253.0.j5edcv9t5g&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=1924676737
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T89FCNT&l=MG2DL
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6567
date
Sun, 08 Aug 2021 13:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 15:36:34 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1801361826&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterStart&el=%7B%22ConversationName%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%22Not%20Set%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%22Not%20Set%22%2C%22ConversationPaywallLimit%22%3A%22Not%20Set%22%2C%22ArticleViews%22%3A%22Not%20Set%22%7D&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=299918025.1628436359&tid=UA-143600161-1&_gid=723143851.1628436359&gtm=2wg840T89FCNT&cd1=1628436361275.ei2gzm66&cd2=a8b3e999d21993a85dedb3de937f3d71&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Unknown&cd17=1628436361276.0.9g00lbgije&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=1023286898
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Aug 2021 20:32:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68016
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1801361826&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ConversationDetermined&el=%7B%22ConversationName%22%3A%22Default%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%222021-08-08T15%3A26%3A01Z%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%222021-09-07T15%3A26%3A01Z%22%2C%22ConversationPaywallLimit%22%3A%222%22%2C%22ArticleViews%22%3A%221%22%7D&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=299918025.1628436359&tid=UA-143600161-1&_gid=723143851.1628436359&gtm=2wg840T89FCNT&cd1=1628436361283.978c3boq&cd2=a8b3e999d21993a85dedb3de937f3d71&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Default&cd9=1&cd10=1&cd11=2&cd12=2021-08-08T15%3A26%3A01Z&cd13=2021-09-07T15%3A26%3A01Z&cd14=Not%20Set&cd15=Not%20Set&cd16=Unknown&cd17=1628436361283.0.pc907qimltq&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=1747227170
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Aug 2021 20:32:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68016
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
100016sit-speed-bump.jpg
prodmg2.blob.core.windows.net/connext/upload_images/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prodmg2.blob.core.windows.net/connext/upload_images/100016sit-speed-bump.jpg
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.82.152.48 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3f8fa488e1d0927ac3b44d53dc52022817198da93ee31e76238c5ead247027c6

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
Date
Sun, 08 Aug 2021 15:26:00 GMT
Last-Modified
Tue, 29 Jun 2021 02:25:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
ETag
0x8D93AA51AC751FD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
dec5283c-101e-00be-6269-8c33f4000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
66133
100016SIT-url-B2CLogo-2016_Revised.png
cdn.czx5eyk0exbhwp43ya.biz/upload_images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/upload_images/100016SIT-url-B2CLogo-2016_Revised.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F12) /
Resource Hash
817d8e17fa9b007bd98618831cd4d3d63b5b61cdc254f5c595cf5eb1a83ecaed

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Sun, 08 Aug 2021 15:26:01 GMT
age
524415
x-cache
HIT
content-length
9702
x-ms-lease-status
unlocked
last-modified
Fri, 20 Sep 2019 21:54:33 GMT
server
ECAcc (frc/8F12)
x-ms-blob-committed-block-count
1
etag
0x8D73E151F16C3AE
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f8248710-501e-0013-5ca4-87139e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&tv=js-3.0.108&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=16&tid=1c21a6a6-4c00-4cb2-b9f1-86e9b429eedc&pid=0de4b440-3001-44ef-bebb-8c3c7e0e3350&dtm=1628436361307&qnm=_matherq&visible=1&tabid=7a0a680d-8337-4f5e-96ed-092a6f9a2e08&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vp=1600x1200&ds=1600x7491&tofa=1628436359&vid=1&lvidt=1628436359&duid=a4690ef6120d032e&fp=1072425006&cid=ma16916&mrk=901956900&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoibW9kYWwiLCJkYXRhIjp7Im1ldGVyIjp7ImlkIjoiMiIsIm5hbWUiOiJNZXRlcmVkIiwibWV0aG9kIjoiRGVmYXVsdCJ9LCJjYW1wYWlnbiI6eyJpZCI6IjEwMDA0OSIsIm5hbWUiOiJTSVQgTWF0aGVyIElQQyAyMDIwMDkxMCJ9LCJjb252ZXJzYXRpb24iOnsibmFtZSI6IkRlZmF1bHQiLCJvcmRlciI6IjYifSwiYWN0aW9uIjp7Im5hbWUiOiJNb2RhbCBBcnRpY2xlIDEiLCJ0eXBlSWQiOiIyIiwidHlwZU5hbWUiOiJtb2RhbCIsIm9yZGVyIjoiNSJ9fSwidmVuZG9yIjoiTUcyIiwidHlwZSI6InVua25vd24ifSwibWcyRGF0YSI6eyJ2ZXJzaW9uIjoiVmVyc2lvbjogMi43IiwiZW52aXJvbm1lbnQiOiJwcm9kIiwiYXV0aFN5c3RlbSI6Ik1HMiIsImNhbXBhaWduTmFtZSI6IlNJVCBNYXRoZXIgSVBDIDIwMjAwOTEwIiwic3Vic2NyaXB0aW9ucyI6W10sImNhbXBhaWduSWQiOiIxMDAwNDkifX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-56-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:01 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1801361826&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ActionShown&el=%7B%22ConversationName%22%3A%22Default%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ActionName%22%3A%22Modal%20Article%201%22%2C%22ActionType%22%3A%22Modal%22%7D&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=299918025.1628436359&tid=UA-143600161-1&_gid=723143851.1628436359&gtm=2wg840T89FCNT&cd1=1628436361355.nbahzkvb&cd2=a8b3e999d21993a85dedb3de937f3d71&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Default&cd9=1&cd10=1&cd11=2&cd12=2021-08-08T15%3A26%3A01Z&cd13=2021-09-07T15%3A26%3A01Z&cd14=Modal%20Article%201&cd15=Modal&cd16=Unknown&cd17=1628436361356.0.a1glhxid2y&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=2025224288
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Aug 2021 20:32:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68016
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=1801361826&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ul=en-us&de=UTF-8&dt=Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more%22%2C%22ContentType%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=299918025.1628436359&tid=UA-143600161-1&_gid=723143851.1628436359&gtm=2wg840T89FCNT&cd1=1628436361366.1h73f2r9&cd2=a8b3e999d21993a85dedb3de937f3d71&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Default&cd9=1&cd10=1&cd11=2&cd12=2021-08-08T15%3A26%3A01Z&cd13=2021-09-07T15%3A26%3A01Z&cd14=Modal%20Article%201&cd15=Modal&cd16=Unknown&cd17=1628436361366.0.urjg8f8iov8&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=834209908
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Aug 2021 20:32:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68016
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
views
prod-smi-proxy-connext.azurewebsites.net/api/ 		0
776 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-smi-proxy-connext.azurewebsites.net/api/views
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

source-system
Plugin
site-code
SIT
autoqa
false
ssid
94a81948ad144124eabd92f452dfe51f
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2Mjg0NTA3NTl9.8onRZE4e68E5myxJV7AIfH9KzKJuJMs0bagOjrtIDGc
location
System
content-type
application/json
access-control-allow-origin
*
accept
application/json
environment
prod
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
config-code
SIT
version
Version: 2.7

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:01 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
Content-Length
0
X-Server-Time
8/8/2021 3:26:01 PM
Expires
-1
ad
ads.adventive.com/ 		184 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adventive.com/ad?j&spLoad=1&iid=7bf34566973f4687ad88bfb882031e02&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsuygDPnvmVzr8_Ppcujeez--zfY2fzvR5zsjKgAU10qygm1WcZrt-vOUQqVMIv8UE4cXJAQ6zF3JR5ah3jPOXxWbSqv79M0fzAUIBugh-IXa8uJSN3Vkl7a8K33y0F2UsJLQa7OI1l0xBlIUlHiviAxz_osOc8T1KIYcHyAa3u2cX7BV91LKL728yaq6kPfBiUSsenn87WvHr50wLVN_73tu8zHbwXMC0uYlFkTb1NXyqy1OPMp9QJURF7VzydB1Jw0avF7Vg2jJsJ0wElk-q_eEF0lTtu_nItc3muQqVLlZfFjWayvhiPTjQ%2526sai%253DAMfl-YQndEHdRBIt6DcmlJgBUTquUdfLiWoSds1IjNkw-Z40fLMfftsDykMSCyn1d8m-Uzp2pjUs2mPCVhb0jgqQLtiwtMYbcnKE6UpnFfPWNwHvorskwjA1aUD1d8RZnjA%2526sig%253DCg0ArKJSzLGaJyc_BwzaEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&ptag=9e3c70b3-566c-49b4-96aa-c20176b38ed8&spLoadP=146948&spLoadC=59841&spLoadU=&type=4&fb=adventive_4_134645_EJ172635_int&forceFallback=1&iAmInt=1&initScreen=1&intSettings=%7B%22actionOnce%22%3Afalse%2C%22actionOpenURLIn%22%3A%22New+Tab%22%2C%22bgTransparency%22%3A%220%25%22%2C%22closeOnTime%22%3A8%2C%22closeOnTimer%22%3Atrue%2C%22customCloseName%22%3A%22Default%22%2C%22customCloseSrc%22%3A%22%22%2C%22delay%22%3A1%2C%22directionLayer%22%3Afalse%2C%22fixedPosition%22%3Afalse%2C%22frequency%22%3A%22Once+Per+Day%22%2C%22hasAction%22%3Atrue%2C%22intBgTransparency%22%3A%2225%25%22%2C%22logLabel%22%3A%22%22%2C%22screen%22%3A%22Screen+2%22%2C%22screenId%22%3A1%2C%22showTimer%22%3Atrue%2C%22transition%22%3A%22Slide%22%2C%22transitionTime%22%3A%22300ms%22%2C%22trigger%22%3A%22Timed%22%2C%22type%22%3A%22Open+as+Interstitial%22%7D
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde3c0809ba99eddd072f9bb14c1f2fe07f6cc4ec924f99fd2aa4dd50e06cc3d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-ray
67b9c2baaa814e80-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Sun, 08 Aug 2021 15:26:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
stats
ads.adventive.com/api/ 		43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adventive.com/api/stats?acc=164&adv=8310&atid=4&auid=134645&cache=1&cid=59841&gid=0&pcid=78663&pid=146948&sid=565&tag=9e3c70b3-566c-49b4-96aa-c20176b38ed8&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=1&ckid=b00598fe-ae85-4022-a47c-2d58028abe55&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&clk=0&dat=%7B%22screenIndex%22%3A1%7D&dh=1200&dw=1600&eng=0&grp=0&hc=mmiowwei&iid=7bf34566973f4687ad88bfb882031e02&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&type=nav_expand_auto&hov=0&cb=1628436361388
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
content-encoding
none
cf-cache-status
DYNAMIC
timing-allow-origin
*
p3p
CP="CAO PSA OUR"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
67b9c2baaa854e80-FRA
expires
Wed, 11 Jan 2000 12:59:00 GMT
stats
ads.adventive.com/api/ 		43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adventive.com/api/stats?acc=164&adv=8310&atid=4&auid=134645&cache=1&cid=59841&gid=0&pcid=78663&pid=146948&sid=565&tag=9e3c70b3-566c-49b4-96aa-c20176b38ed8&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=1&ckid=b00598fe-ae85-4022-a47c-2d58028abe55&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&clk=0&dat=%7B%22viewTime%22%3A1%2C%22screenIndex%22%3A1%7D&dh=1200&dw=1600&eng=0&grp=0&hc=mmiowwei&iid=7bf34566973f4687ad88bfb882031e02&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&type=ad_view_view_auto&hov=0&cb=1628436361418
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
content-encoding
none
cf-cache-status
DYNAMIC
timing-allow-origin
*
p3p
CP="CAO PSA OUR"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
67b9c2badadc4e80-FRA
expires
Wed, 11 Jan 2000 12:59:00 GMT
vissense.min.js
cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/vissense.min.js
Requested by
Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&spLoad=1&iid=7bf34566973f4687ad88bfb882031e02&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsuygDPnvmVzr8_Ppcujeez--zfY2fzvR5zsjKgAU10qygm1WcZrt-vOUQqVMIv8UE4cXJAQ6zF3JR5ah3jPOXxWbSqv79M0fzAUIBugh-IXa8uJSN3Vkl7a8K33y0F2UsJLQa7OI1l0xBlIUlHiviAxz_osOc8T1KIYcHyAa3u2cX7BV91LKL728yaq6kPfBiUSsenn87WvHr50wLVN_73tu8zHbwXMC0uYlFkTb1NXyqy1OPMp9QJURF7VzydB1Jw0avF7Vg2jJsJ0wElk-q_eEF0lTtu_nItc3muQqVLlZfFjWayvhiPTjQ%2526sai%253DAMfl-YQndEHdRBIt6DcmlJgBUTquUdfLiWoSds1IjNkw-Z40fLMfftsDykMSCyn1d8m-Uzp2pjUs2mPCVhb0jgqQLtiwtMYbcnKE6UpnFfPWNwHvorskwjA1aUD1d8RZnjA%2526sig%253DCg0ArKJSzLGaJyc_BwzaEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&ptag=9e3c70b3-566c-49b4-96aa-c20176b38ed8&spLoadP=146948&spLoadC=59841&spLoadU=&type=4&fb=adventive_4_134645_EJ172635_int&forceFallback=1&iAmInt=1&initScreen=1&intSettings=%7B%22actionOnce%22%3Afalse%2C%22actionOpenURLIn%22%3A%22New+Tab%22%2C%22bgTransparency%22%3A%220%25%22%2C%22closeOnTime%22%3A8%2C%22closeOnTimer%22%3Atrue%2C%22customCloseName%22%3A%22Default%22%2C%22customCloseSrc%22%3A%22%22%2C%22delay%22%3A1%2C%22directionLayer%22%3Afalse%2C%22fixedPosition%22%3Afalse%2C%22frequency%22%3A%22Once+Per+Day%22%2C%22hasAction%22%3Atrue%2C%22intBgTransparency%22%3A%2225%25%22%2C%22logLabel%22%3A%22%22%2C%22screen%22%3A%22Screen+2%22%2C%22screenId%22%3A1%2C%22showTimer%22%3Atrue%2C%22transition%22%3A%22Slide%22%2C%22transitionTime%22%3A%22300ms%22%2C%22trigger%22%3A%22Timed%22%2C%22type%22%3A%22Open+as+Interstitial%22%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338282
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3066
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04028-2af5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT6%2BmSsBFaar60NVp%2FbrZHkaqm8vIzAMANDRvb3LmYFuVBe9L2Ip24IFqK%2B%2FDY2e7x9dX19tslcSpxyuRZ6ROJ6lQ83aytOoRLg7xVKdKlA59302ARyc9GPhMwq00trEyuMfSoS%2BxJzRSoc82YW2Fv2T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
67b9c2bbcfd105e4-FRA
expires
Fri, 29 Jul 2022 15:26:01 GMT
dda7b6f9-3d49-41da-b63c-33d8870f49d2
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=970/164/ Frame CE79 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=970/164/dda7b6f9-3d49-41da-b63c-33d8870f49d2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c87d91c4f14ae5471fd41853b68ed852c23945d5099a9519ac79b02de271f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 22:58:39 GMT
server
cloudflare
etag
"cfuk8gxOtiLHtAx89E6vaZEw:38dd6ebb25f06167d3a2d8b25bd75b1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=43200
content-length
17678
accept-ranges
bytes
cf-ray
67b9c2bc1b831772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-resized
internal=ok/h q=0 n=21 c=17 v=2021.7.7
f59bce44-8d4f-43ef-a667-4e27bbb5e437
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=400/164/ Frame CE79 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=400/164/f59bce44-8d4f-43ef-a667-4e27bbb5e437
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabfa116a22a727daccc08106b151e158d9ad373391d90d03dbd811483c8a863
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 30 Jul 2021 22:58:39 GMT
server
cloudflare
etag
"cfcYMTwXCBnj8oPapMeyjY8w:437fb3df8eb4fe9b9eaa050d2844817d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=43200
content-length
63256
accept-ranges
bytes
cf-ray
67b9c2bc1b791772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-resized
internal=ok/h q=0 n=21 c=48 v=2021.7.7
blank.png
assets.adventivecdn.com/ui/images/ Frame CE79 		34 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/ui/images/blank.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
cf-cache-status
HIT
age
15452
cf-polished
origFmt=png, origSize=68
cf-ray
67b9c2bc1b7e1772-FRA
content-disposition
inline; filename="blank.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34
x-amz-id-2
JnsTmVNQ0/laQPUnJeKu+zk7JUHAkDEVYbr+n4Q9V3aPGqBS2RPyoWqOGriCBf1CdASKAtoRjz4=
last-modified
Wed, 24 Jul 2019 17:44:25 GMT
server
cloudflare
etag
"e679fbd466a2d656f194a5da4fa083cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
7SRNZ7HG9BWB910K
cache-control
max-age=43200
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
activeview
pagead2.googlesyndication.com/pcs/ Frame D728 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwbREjQowtZcopQJXb4bp--azff8ibBFMwZIHejXN1a_5swFT66ct-gMjzRoDIre-Pw2dNmU8gSdFr6QVPZheEpWpYol0wdRYIKfAbl52SmtC-A4fn&sig=Cg0ArKJSzLJP1G5j8g75EAE&id=lidar2&mcvt=1000&p=378,1100,628,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1973253847&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628436360075&dlt=17&rpt=1&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial-close.svg
assets.adventivecdn.com/ui/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.adventivecdn.com/ui/images/interstitial-close.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a519d2bd3043b930e0bbc73d78b2c4d672981401a8de9e846831502365c4509

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Nov 2019 15:50:45 GMT
server
cloudflare
age
37098
etag
W/"63fb9f6703706b219d1cd65c1d88c1d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=43200
cf-ray
67b9c2bdbf901772-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
FZWB9B2XJG7ATR2Q
x-amz-id-2
AXwbszaA6UWErTStTyZ2vrNd6CgLIwPHbeIII1jkZ/mv/cb2o1O0vSevnQNFc3wLydxsG2faejo=
ingest
i.viafoura.co/v3/www.sonomanews.com/ 		67 B
392 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.sonomanews.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-102-122.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
api.viafoura.co/v2/www.sonomanews.com/bootstrap/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/bootstrap/v2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4864:9fd9:9aa3:29d1:ddae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
06e6cab9ff8c379a16908b59b6bd48b397a80d3f64ed11dc2d443fcd9f831090

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:02 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0799aa9fa2ed744c5
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sun, 08 Aug 2021 15:26:02 GMT
v2
api.viafoura.co/v2/www.sonomanews.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/bootstrap/v2
Protocol
H2
Server
2600:1f18:44f0:4864:9fd9:9aa3:29d1:ddae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 08 Aug 2021 15:26:02 GMT
server
nginx/1.18.0 (Ubuntu)
expires
Sun, 08 Aug 2021 15:26:02 GMT
cache-control
max-age=0
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age
1728000
ingest
i.viafoura.co/v3/www.sonomanews.com/ 		67 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.sonomanews.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.sonomanews.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-f9a45be2b954%22%2C%22pageViews%22%3A2%2C%22outgoing%22%3A%2210%22%2C%22sessionStart%22%3A%221628436361%22%2C%22referrerStart%22%3A%221628436361%22%2C%22refVisitCount%22%3A%221%22%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3Anull%2C%22sharer_uuid%22%3Anull%2C%22terms%22%3Anull%7D%2C%22uniqueId%22%3A%224104dffa-2a20-4a9d-a132-fcea763a5cf5%22%2C%22firstVisit%22%3A%221628436361%22%2C%22previousVisit%22%3A%221628436361%22%2C%22currentVisit%22%3A%221628436361%22%2C%22visitCount%22%3A%221%22%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.sonomanews.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-f9a45be2b954%22%2C%22section%22%3A%2200000000-0000-4000-8000-f9a45be2b954%22%2C%22pageImage%22%3A%22https%3A%2F%2Fimengine.prod.srp.navigacloud.com%3Fuuid%3D8d8aea86-79ed-5177-9e64-28515f58ecee%26type%3Dprimary%26q%3D72%26width%3D1200%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F%22%2C%22path%22%3A%22%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F%22%2C%22title%22%3A%22Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22Food%20news%20from%20around%20the%20Valley%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%2247a08c01d9aeba64800b5c01ed5c62fbe456c62d%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%2C%22container_id%22%3A%2281861018-d511-49a1-956a-d2af403880b0%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Kathleen%20Hill%3A%20Panda%20Express%2C%20new%20Tips%20menu%20and%20more%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en-US%22%7D%2C%22rq%22%3A%22724559ee-898d-4150-8806-e721a6741e07%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-content-recirculation%22%2C%22vf-tray-trigger%22%2C%22vf-conversations%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.102.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-102-122.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
507578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 18:26:24 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pid=mvfex4zAqdmAs&cb=5&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22600x1%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Flifestyle%22%7D%5D&cfgv=0&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:02 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
TuuGGH2NUA1TH3M1_Q1tn_f6sr8xbO3fPTmK1eDGLORrEpzd5kmrbg==
integrator.js
adservice.google.dk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791868478038275&correlator=686227655717000&output=ldjh&impl=fifs&eid=31060437%2C31062192%2C31062193%2C31062195%2C20211866%2C31062171&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=94238257%2Csit%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=600x1&prev_scp=loggedin%3Dfalse%26keyword%3Dfires%26location%3Dsticky%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cookie=ID%3D609233e15440f4b6-22a0c19099c80056%3AT%3D1628436359%3AS%3DALNI_Mbe9ejnm1TFDf4U9s7-6mMDZPVELQ&bc=31&abxe=1&lmt=1628436362&dt=1628436362498&dlt=1628436357244&idt=1912&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=1996&adks=719277501&ucis=6&color_bg=FFFFFF&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=600x0&msz=0x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8fvuOX4YvJnco-KvFRWeqttbnfWTFf0uvckbJTx0r0UtW7YAVQfaQNgD5lq7NORUKM0MaZamDjLQI%2CAGkb-H9agomsRyrBY8R7Ig3h-MepMDdsgoMsqT0w5ETkoaSK5QaiwKO1ZE_oxSCOS8N9gY_S49Pjqd2aeg8%2CAGkb-H97ukM1IuZYeV2zUc5NJeKCX6H0afPrGRDV8QFIiyZ3fVGVP1s_FM02tT-jvldEpe8-IP7oXBGK-hc&ga_vid=299918025.1628436359&ga_sid=1628436360&ga_hid=1801361826&ga_fc=false&fws=132&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5399bb96c27d29bf5c8f389f673ab6b05e185acd80759f93878db18cb10ce5b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4791
x-xss-protection
0
google-lineitem-id
5619230585
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339981955
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 93B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8-ytyjW9ld62fqD3OUdyolwX7PF36eAouMjwBQBfBPJcg22Ap54f7nMxbLSN25Lzsjkne8Ijl6rIsHVCUEw6_03LogSKja-sKFJ97RuaOZmjRrhC3P3aSqp70r9usTkKBFtIHof9MHrZNWM_S41av1sGRDEJaIN-S824cRP13jQ1nFa6CT7AIzkZgOhyZo4wKcvhX3QbZ4xTWnRX3hj502JNuB3Y7cPIcHe9-viNQvSrG5mEigODmK5kU6gJU4QMDdaeRyaQ4lR3lXiDTBnyQpgz0yTiLwDPFrSS3e8pFDOuBZdgXlMpkGdooDQ&sig=Cg0ArKJSzA5chlNvUALyEAE&urlfix=1&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
b71320bf-a887-4bbf-b977-d585281f3ce6
player.ex.co/renderer/ Frame 93B9 		987 KB
329 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/renderer/b71320bf-a887-4bbf-b977-d585281f3ce6
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc9d302a6b8b00d8b06689a25bd3680bb69fca22e8813dff870050d69aec4730

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:02 GMT
content-encoding
gzip
age
0
x-cache
MISS, MISS
access-control-max-age
600
content-length
336074
x-served-by
cache-dca17772-DCA, cache-fra19135-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1628436363.709706,VS0,VE107
etag
W/"f6d0c-ahK5t7bIRiEnn7okYrhl+i5hK7E"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 93B9 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249295356546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38372
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:02 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTYxOTIzMDU4NSIsImVidXkiOiIyODIxNDE0MjEyIiwiZWFkdiI6IjQ5NTIzMjI4ODUiLCJlY2lkIjoiMTM4MzM5OTgxOTU1IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMDE1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.108&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=16&tid=14b7f8d5-d77f-4d78-82db-9ba7a6b47080&pid=0de4b440-3001-44ef-bebb-8c3c7e0e3350&dtm=1628436362650&qnm=_matherq&visible=1&tabid=7a0a680d-8337-4f5e-96ed-092a6f9a2e08&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vp=1600x1200&ds=1600x7725&tofa=1628436359&vid=1&lvidt=1628436359&duid=a4690ef6120d032e&fp=1072425006&cid=ma16916&mrk=901956900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-56-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:02 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
truncated
/ Frame 93B9 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa485110de6ebd92b11121bb53fa1787c4084df28b8c19f8693b84bbf31f92b7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
events
prd-collector-anon.ex.co/main/ Frame 93B9 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/renderer/b71320bf-a887-4bbf-b977-d585281f3ce6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:03 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
b71320bf-a887-4bbf-b977-d585281f3ce6
player.ex.co/player/ 		619 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6
Requested by
Host: player.ex.co
URL: https://player.ex.co/renderer/b71320bf-a887-4bbf-b977-d585281f3ce6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e6bce316dcbcf25f463a31483ebb0f35158bf0395b26bb10fd09ec2a157b37c0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
content-encoding
gzip
age
0
x-cache
MISS, MISS
access-control-max-age
600
content-length
188880
x-served-by
cache-dca17771-DCA, cache-fra19135-FRA
access-control-allow-origin
*
server
nginx
x-timer
S1628436363.978718,VS0,VE199
etag
W/"9aced-S81Yh5uaUcHvOnyUM4HMGGgQvus"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 0
view
securepubads.g.doubleclick.net/pcs/ Frame 93B9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQil5lpbFhNzyL-U0pKJHbGy7wbwFDUQGkJBE3kGtlf2dfvcDpnJ4PZPygVRYEaNGRFVoTVDa9tsP-HgpjneSevMQDIegQyZnUmzp73kG7RM2kFFFEhkIBqVM02pPDkDrcfgI64VewqwTKK1uiKGKLCuCECDOW7fWreRJAxJBYLZ_n8Ctg0byG8StVJ7QvhrbOVDLhqzXEPn9SAe0efY8v-Ch1FdEJU5sjldZEt-vP2zZP63n92qXTiYTj0hcdenmUHRxQIn5pICZXaa48DuhGHFA0c7goMFV5gt_jX8czK7H5ow5BsY8J3BmdOwn7&sig=Cg0ArKJSzKWcBvnsFMJUEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 08 Aug 2021 15:26:02 GMT
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:03 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 14:44:46 GMT
server
ESF
date
Sun, 08 Aug 2021 15:26:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 15:26:03 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uw2vr_quOuaU6qfxWZtcoLo12wr2U3z05f_5BD3KWSsUf_IaiGkn8o5qFF-aOCBKLL7W_128twSCww0MoWnl7jxUKAG5A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 08 Aug 2021 15:31:03 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 6BD3 		344 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:188::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5743ed63aae3df0518af28d321d5b89d3e2c18186e95ed881e76a827ca11897e

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsJS2QIQL3xTM_KO1agScBocBmNWosHHlLma0iQtn1Bkmg0Pfa7XQa5kBv1AdxghbtisKMpT_bIW58P-Sxzeb_ePaP9BA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99409
last-modified
Tue, 27 Jul 2021 06:26:18 GMT
server
UploadServer
etag
"ee4ab5c688352d70090399407599398d"
vary
Accept-Encoding
x-goog-hash
crc32c=pUgJKA==, md5=7kq1xog1LXAJA5lAdZk5jQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1627367178090991
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99409
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 08 Aug 2021 15:31:03 GMT
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1628436363264&cid=60254dee1d8a5f00b139ff7e&VERSION=4.73.2&cou=DK&AV_PAGE_LOAD_UID=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_CDIM4=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:03 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
79abab33da04fa178112aa141b2614a18d658cd207eda0028bdd6cf60f6f6e14

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:03 GMT
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399849.671234,VS0,VE1
ETag
"a421be48305d00b544153300d730b822"
X-Served-By
cache-wdc5571-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521085
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
651
X-Cache-Hits
1
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.sonomanews.com&sn=&cd4=eae00194-73c0-4cf6-93b3-61360caa7ae9&cd5=dfp&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=60254dee1d8a5f00b139ff7e&stagid=&stplid=&e=inventory&vi=0&cb=1628436363475
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		19 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.73.2&cou=DK&AV_PAGE_LOAD_UID=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_CDIM4=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=60254dee1d8a5f00b139ff7e&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.sonomanews.com&AV_DADPOS=3&v=6.1.1.243&responsive=1&avtoken=363474&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1628436363493
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.226.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6ac6b14ef0f4172e98ce4327ec835fd0afac86ee7b3aa871e731ab2f3e930da

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 28 Jul 2021 01:39:23 GMT
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1628383741/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e75387a906862ed0264776e168898258c93be468b3215d2c066a4e78a49697e0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:03 GMT
Last-Modified
Sun, 08 Aug 2021 00:49:05 GMT
Server
cloudinary
X-Timer
S1628399849.799830,VS0,VE1
ETag
"576a5e7e29f2127fe4e0384645aa379f"
X-Served-By
cache-wdc5571-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521002
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1217
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:03 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1628383741/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
27e5f262d6c35f5f6a08599d76cb1ff7dfe7a79fe34e06e35348638885969524

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-47375

Response headers

Date
Sun, 08 Aug 2021 15:26:03 GMT
Content-Range
bytes 0-47375/532980
Connection
keep-alive
Content-Length
47376
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:04 GMT
Server
cloudinary
X-Timer
S1628399850.040527,VS0,VE1
ETag
"a4d51cdf06f3241150f7739448c48149"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521087
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
21b5eebb-8fbd-46f6-a0aa-ef4d567f203a
https://www.sonomanews.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sonomanews.com/21b5eebb-8fbd-46f6-a0aa-ef4d567f203a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5e9a192c254ff756eeaeea5b3c06f7e1f492119cff260d0016ead01dcc60b34d

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:03 GMT
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.013199,VS0,VE1
ETag
"6c36ad6195a70dbc885119a266b7908a"
X-Served-By
cache-wdc5571-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521012
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1229
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		122 KB
123 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
7dabbf2eb1305dbcaada033fdfe1c27a658617864dc6c5f4fa78fc320cc8a118

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-125207

Response headers

Date
Sun, 08 Aug 2021 15:26:03 GMT
Content-Range
bytes 0-125207/1433688
Connection
keep-alive
Content-Length
125208
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521088
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:03 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:03 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		169 KB
170 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
399db32d675bfeb7ab917d2f549136feeb67a67b2a7095129a17104892a92cf8

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=125208-298543

Response headers

Date
Sun, 08 Aug 2021 15:26:03 GMT
Content-Range
bytes 125208-298543/1433688
Connection
keep-alive
Content-Length
173336
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521088
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:03 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
sync
pixel.advertising.com/ups/58195/ Frame 2D07 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.140.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 530E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=23287
expires
Sun, 08 Aug 2021 21:54:10 GMT
date
Sun, 08 Aug 2021 15:26:04 GMT
vary
Accept-Encoding
Cookie set usermatch
ssum.casalemedia.com/ Frame 3ADA
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c50569d1c3b53355437d2e0afc1dfd15abb305e698cce6f8747a5089d6d603fb

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YQ-3jA9cvfXEs5k2IpmmqwAA; CMPS=651
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|218|51|8|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1816
Expires
Sun, 08 Aug 2021 15:26:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YQ-3jA9cvfXEs5k2IpmmqwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 15:26:04 GMT CMPS=651;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 15:26:04 GMT CMPRO=306;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 15:26:04 GMT CMRUM3=e6610ff78c2760&2d610ff78c05a0&f1610ff78c05a0&da610ff78c2760&08610ff78c05a00&ce610ff78c05a0&27610ff78c0b40&33610ff78c05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 15:26:04 GMT CMST=YQ-3jGEP94wA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 09 Aug 2021 15:26:04 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 08 Aug 2021 15:26:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YQ-3jA9cvfXEs5k2IpmmqwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Aug 2022 15:26:04 GMT CMPS=651;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 06 Nov 2021 15:26:04 GMT
usync.html
eus.rubiconproject.com/ Frame F19B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 08 Aug 2021 15:26:04 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date
Sun, 08 Aug 2021 15:26:03 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:03 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame 6BD3 		282 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b600:188::2c79 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fe376626e35270fa60cf647c476851387d93440816777c74fce6437e273ef612

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduEjXCUrD8wLNKbouPQnq2ErQBHvLgzgjk2ulwPyf8J2OHPNFuU5h1DI9PYP3gYHgnhc-6TxYsIyV7p6RN4aW0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
90379
last-modified
Tue, 27 Jul 2021 06:24:45 GMT
server
UploadServer
etag
"460a8d9b2ac1f262d3e719c11b8a6e16"
vary
Accept-Encoding
x-goog-hash
crc32c=4pmTbA==, md5=RgqNmyrB8mLT5xnBG4puFg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1627367085871012
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
90379
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 08 Aug 2021 15:31:03 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.sonomanews.com&rs=www.sonomanews.com&sid=68483&t=1628436363&cip=37.120.194.180&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1628436363819-996319972482-008430-005-003071&cha=0.7&stagid=&stplid=&cb=50311770423&cd1=4.73.2&cd4=eae00194-73c0-4cf6-93b3-61360caa7ae9&cd5=dfp&d9=1000&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=60254dee1d8a5f00b139ff7e&e=request&cb=1628436363917&asid=603bb7a9af22ea71e0307db4%2C5c5a9a6228a0617b9619af99%2C5d7a45e628a0614c5e396e0d%2C5fc8b1c9ba2b560f616098b8%2C60254dec900a4e00ac72f7b5%2C5ee3d57071193a26344a4076%2C5fa2711a54dbb238c9289f7d%2C5e1b272e28a06142643c20cd%2C604e0bb1f199b154cc115338%2C60ebfe94ebe867570438e997%2C60254decbcc48a48da1b5ced&ofpr=6%2C2%2C1.5%2C2%2C%2C%2C2%2C3%2C2%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avjp
playbuzzltd-d.openx.net/v/1.0/ 		106 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://playbuzzltd-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a9cae205-9701-428c-bf65-807f2d0d580c&nocache=1628436363983&schain=1.0%2C1!playbuzz.com%2C0016M00002HONu5QAH%2C1%2C1e4526449debc69f9f0846dd8fbdc769_1723150129%2CSonoma%20Media%20Investments%2Cpressdemocrat.com&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A410%2C%22h%22%3A231%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=540851142&vwd=410&vht=231&aumfs=1500
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.213.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
via
1.1 google
server
OXGW/16.213.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sonomanews.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0b270bfa6bc89a13f6c4ee98723581eca184e6a262d2a0f4eeb573bd62c06faa

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb21b8b3ef62e21f92b8cb4e80310989fbd7b29535b393b6ce6ce91b6c9e2b5f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
280aebc6734a4b435166b749670b703732dd5e92403221f54f2f3a75a9f1a83e

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
mvo
tag.1rx.io/rmp/203144/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomanews.com
pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		98 KB
99 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e7adf49147995e5b1f0b1de45c1a8e184e4a4a0972ed68a0ca4fe807356c3da1

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=298544-399123

Response headers

Date
Sun, 08 Aug 2021 15:26:04 GMT
Content-Range
bytes 298544-399123/1433688
Connection
keep-alive
Content-Length
100580
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521087
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:04 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
PugMaster
image6.pubmatic.com/AdServer/ Frame 530E 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76518092&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
content-length
0
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		130 KB
131 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
7b2632ae2b032a1fc4c6cfc0db70429c6b74db86f3331fbb67d2f50fe5d897b0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=399124-532603

Response headers

Date
Sun, 08 Aug 2021 15:26:04 GMT
Content-Range
bytes 399124-532603/1433688
Connection
keep-alive
Content-Length
133480
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521087
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:04 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
usync.js
eus.rubiconproject.com/ Frame F19B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad2ea68c40d3bb8c4594683dfd2d2b4ff59433d50672f7408d5a3365dbeb5d2

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24336
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Sun, 08 Aug 2021 22:11:40 GMT
crum
dsum-sec.casalemedia.com/ Frame 3ADA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQ-3jA9cvfXEs5k2IpmmqwAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YQ-3jA9cvfXEs5k2IpmmqwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMStkRydDy1ntMIImIQelF0&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMStkRydDy1ntMIImIQelF0&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 15:26:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMStkRydDy1ntMIImIQelF0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3ADA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEH2sOpuWWA8MUKtadB30ZTY&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEH2sOpuWWA8MUKtadB30ZTY&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 08 Aug 2021 15:26:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEH2sOpuWWA8MUKtadB30ZTY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3ADA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KP4XRGR4F6D328GSA6MC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NF9RHA10W944XWZMF0P8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3ADA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQ-3jA9cvfXEs5k2IpmmqwAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=23728&dpuuid=YQ-3jA9cvfXEs5k2IpmmqwAA%26306
dpm.demdex.net/ Frame 3ADA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YQ-3jA9cvfXEs5k2IpmmqwAA%26306?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.223.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
x.bidswitch.net/ Frame 3ADA 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.69.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 3ADA
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8f9214bf-008e-46dd-a29e-6667033c3716&expiration=1659972364
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8f9214bf-008e-46dd-a29e-6667033c3716&expiration=1659972364
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 Aug 2021 15:26:04 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8f9214bf-008e-46dd-a29e-6667033c3716&expiration=1659972364
date
Sun, 08 Aug 2021 15:26:04 GMT
server
Kestrel
content-length
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 3ADA 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQ_3jA9cvfXEs5k2IpmmqwAAATIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:04 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookiesyncendpoint
sync.aniview.com/ Frame 3ADA 		0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1628436363819-996319972482-008430-005-003071&biddername=42&key=YQ-3jA9cvfXEs5k2IpmmqwAA%26306
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1628436363819-996319972482-008430-005-003071%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.158.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.sonomanews.com&rs=www.sonomanews.com&sid=68483&t=1628436363&cip=37.120.194.180&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1628436363819-996319972482-008430-005-003071&cha=0.7&stagid=&stplid=&cb=50311770423&cd1=4.73.2&cd4=eae00194-73c0-4cf6-93b3-61360caa7ae9&cd5=dfp&d9=1000&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=60254dee1d8a5f00b139ff7e&e=bid&cb=1628436364176&asid=60254dec900a4e00ac72f7b5%2C5ee3d57071193a26344a4076%2C60ebfe94ebe867570438e997%2C60254decbcc48a48da1b5ced&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame F19B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4D1E 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E765 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FA19 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame CFED 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		78 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c8a1a9c3b3cea994688c11eef8a0b9ffb9047fdd77b9db946471b75485a2d7d6

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=532604-612503

Response headers

Date
Sun, 08 Aug 2021 15:26:04 GMT
Content-Range
bytes 532604-612503/1433688
Connection
keep-alive
Content-Length
79900
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521087
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:04 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame DE82 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 05 Aug 2021 08:40:55 GMT
expires
Fri, 05 Aug 2022 08:40:55 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
283509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 4D1E 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
integrator.js
adservice.google.com/adsid/ Frame 4D1E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame D027 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 05 Aug 2021 08:40:55 GMT
expires
Fri, 05 Aug 2022 08:40:55 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
283509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame E765 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
integrator.js
adservice.google.com/adsid/ Frame E765 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 9DC9 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 05 Aug 2021 08:40:55 GMT
expires
Fri, 05 Aug 2022 08:40:55 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
283509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame CFED 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
integrator.js
adservice.google.com/adsid/ Frame CFED 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame ADBE 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 05 Aug 2021 08:40:55 GMT
expires
Fri, 05 Aug 2022 08:40:55 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
283509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame FA19 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
integrator.js
adservice.google.com/adsid/ Frame FA19 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 38CB 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 14:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 08 Aug 2021 15:57:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D73E 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 14:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 08 Aug 2021 15:57:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AF54 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 14:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 08 Aug 2021 15:57:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 48A3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 14:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 08 Aug 2021 15:57:24 GMT
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		119 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5c41fe9b5b9888cec9dae1843846e379ac297c0526bfd7e911eb1addc44edfd7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=612504-734139

Response headers

Date
Sun, 08 Aug 2021 15:26:04 GMT
Content-Range
bytes 612504-734139/1433688
Connection
keep-alive
Content-Length
121636
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521087
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:04 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&pid=mvfex4zAqdmAs&cb=6&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Flifestyle%22%7D%5D&cfgv=0&pubid=d0c94587-7f12-4f41-9c0e-9c6c6af774b7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-90-44.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
1zxSK8MO4k_CJMUa5HOs3ErCX2dg3axWfjSWQbxhyPZw-t_UNYgd5Q==
integrator.js
adservice.google.dk/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791868478038275&correlator=2306954035382677&output=ldjh&impl=fifs&eid=31060437%2C31062192%2C31062193%2C31062195%2C20211866%2C31062171&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210808&iu_parts=94238257%2Csit%2Clifestyle&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=loggedin%3Dfalse%26keyword%3Dfires%26position%3DBTF%26loc%3Dbottom%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1628436364&dt=1628436364635&dlt=1628436357244&idt=1912&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=7380&adks=1690405061&ucis=7&color_bg=FFFFFF&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8fvuOX4YvJnco-KvFRWeqttbnfWTFf0uvckbJTx0r0UtW7YAVQfaQNgD5lq7NORUKM0MaZamDjLQI%2CAGkb-H9agomsRyrBY8R7Ig3h-MepMDdsgoMsqT0w5ETkoaSK5QaiwKO1ZE_oxSCOS8N9gY_S49Pjqd2aeg8%2CAGkb-H97ukM1IuZYeV2zUc5NJeKCX6H0afPrGRDV8QFIiyZ3fVGVP1s_FM02tT-jvldEpe8-IP7oXBGK-hc%2CAGkb-H9q8ekPyyGBLTfdSiD8RgBR3KlM6o2WDF8zfU-zDEBH7l4IBsFL9hWZPoIO1h6WdIdQDtkV_pxqrRY&ga_vid=299918025.1628436359&ga_sid=1628436360&ga_hid=1801361826&ga_fc=false&fws=132&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
db25f7120ac2dfa5875d458b77efb560eb4169f1e2fb50ef0ea96927d3bfe052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8289
x-xss-protection
0
google-lineitem-id
5707871199
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138351535697
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 7C1F
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
668 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.213.0 /
Resource Hash
656e18b90d777da0472d6162311435f7c3f07a9c3cd448873915effb381e04c1

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0b78b2d7-edaf-48c5-8b47-aae23e139086|1628436364
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0b78b2d7-edaf-48c5-8b47-aae23e139086|1628436364; Version=1; Expires=Mon, 08-Aug-2022 15:26:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628436364|gekin0vNiygu; Version=1; Expires=Mon, 23-Aug-2021 15:26:04 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.213.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 08 Aug 2021 15:26:04 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=0b78b2d7-edaf-48c5-8b47-aae23e139086|1628436364; Version=1; Expires=Mon, 08-Aug-2022 15:26:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.213.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/pd?cc=1
date
Sun, 08 Aug 2021 15:26:04 GMT
content-length
0
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5B8A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=138074
expires
Tue, 10 Aug 2021 05:47:18 GMT
date
Sun, 08 Aug 2021 15:26:04 GMT
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame DE82 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_sonomanews.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&cust_params=publisher_name%3Dsonomanews.com&env=vp&correlator=1723876043325506&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d=40&vid_kw&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2479522182&sdk_apis=2%2C8&sid=508C6C92-FDBA-41F4-86E1-1292C0F4A011&eid=420706106&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dt=1628436364723&cookie_enabled=1&scor=2014498991758195&ged=ve4_td1_tt1_pd1_la1000_er889.1175.1044.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
350002b11c9bbbd4e5d0ec5e00ce81c1e4e3def3c30d91b05ad75511149f36e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D027 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1724254485785870&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1492840073&sdk_apis=2%2C8&sid=EA019D08-BF45-4364-972A-22610E8D685F&eid=420706105&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dt=1628436364730&cookie_enabled=1&scor=2200324766998302&ged=ve4_td1_tt1_pd1_la1000_er889.1175.1044.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9DC9 		1 KB
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_sonomanews.com_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&cust_params=publisher_name%3Dsonomanews.com&env=vp&correlator=3000086387411747&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d=40&vid_kw&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2659749211&sdk_apis=2%2C8&sid=17946F56-B66A-41E5-98D0-CA9A2B43DF27&eid=44725355%2C44737473&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dt=1628436364736&cookie_enabled=1&scor=3279408610237750&ged=ve4_td1_tt1_pd1_la1000_er889.1175.1044.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
0c94cb79da03678eedd236f35907001d2d140188ad575145310566681b05f1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
670
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame ADBE 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=152811093412711&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=4097471652&sdk_apis=2%2C8&sid=40272913-A87C-4309-9CDF-CA1E97D9ABFD&eid=44725356%2C44730464&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dt=1628436364739&cookie_enabled=1&scor=4115205152669787&ged=ve4_td1_tt1_pd1_la1000_er889.1175.1044.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5B8A 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17671195&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9a934b48b6096b33e3a0ed7a2a34e746f59c96698a75e483fc2fd0aee0d236ce

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 6623
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 15:26:04 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8649545565137318372; expires=Thu, 07 Oct 2021 15:26:04 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 08 Aug 2021 15:26:04 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 08 Sep 2021 15:26:04 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame C3FB
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4118481453551269746
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4118481453551269746
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4118481453551269746
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D; chkChromeAb67Sec=1; DPSync3=1629590400%3A197_219_201%7C1628467200%3A174; SyncRTB3=1629676800%3A35%7C1629244800%3A63%7C1628985600%3A2_15_67_223%7C1630972800%3A203%7C1629590400%3A99_231_13_3_71_81_161_165_8_22_88_189_166_21_176_234_230_204_54_55_56_220_7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 15:26:05 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-4118481453551269746; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 15:26:05 GMT; path=/ PugT=1628436365; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 15:26:05 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 15:26:05 GMT; path=/
x-lat
lhrpug011:0:437
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4118481453551269746
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 9EA2 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 08 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1499
date
Sun, 08 Aug 2021 15:26:04 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 6A2A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994080927023691927
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994080927023691927
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994080927023691927
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D; chkChromeAb67Sec=1; DPSync3=1629590400%3A197_219_201%7C1628467200%3A174; SyncRTB3=1629676800%3A35%7C1629244800%3A63%7C1628985600%3A2_15_67_223%7C1630972800%3A203%7C1629590400%3A99_231_13_3_71_81_161_165_8_22_88_189_166_21_176_234_230_204_54_55_56_220_7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 15:26:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6994080927023691927; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 15:26:03 GMT; path=/ PugT=1628436363; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 15:26:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 15:26:03 GMT; path=/
x-lat
amspug013:0:376
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 08 Aug 2021 15:26:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6994080927023691927; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6994080927023691927
adx
match.prod.bidr.io/cookie-sync/ Frame 5908
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCU2gwN0NILThBQUVTbWRIS0x0UQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.13.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AABSh07CH-8AAESmdHKLtQ; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sun, 08 Aug 2021 15:26:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sun, 08 Aug 2021 15:26:05 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 8510
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D; chkChromeAb67Sec=1; DPSync3=1629590400%3A197_219_201%7C1628467200%3A174; SyncRTB3=1629676800%3A35%7C1629244800%3A63%7C1628985600%3A2_15_67_223%7C1630972800%3A203%7C1629590400%3A99_231_13_3_71_81_161_165_8_22_88_189_166_21_176_234_230_204_54_55_56_220_7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 15:26:04 GMT
content-type
text/html; charset=utf-8
x-lat
amspug014:2:235
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=7385dd0e-c361-4242-a0d8-67799d376ab3; path=/; domain=csync.loopme.me; Expires=Wed, 08-Sep-2021 15:26:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Sun, 08 Aug 2021 15:26:04 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 347E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8525320796
  • https://sync.1rx.io/usersync/tradedesk/365d2ebd-a211-43b5-8b5a-892cfa759404
  • https://sync.targeting.unrulymedia.com/csync/RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D; chkChromeAb67Sec=1; DPSync3=1629590400%3A197_219_201%7C1628467200%3A174; SyncRTB3=1629676800%3A35%7C1629244800%3A63%7C1628985600%3A2_15_67_223%7C1630972800%3A203%7C1629590400%3A99_231_13_3_71_81_161_165_8_22_88_189_166_21_176_234_230_204_54_55_56_220_7; KRTBCOOKIE_22=14911-2600130840653368554; PUBMDCID=3; KRTBCOOKIE_391=22924-6448242630412783773&KRTB&23263-6448242630412783773; KRTBCOOKIE_1101=23040-6994080927023691927; KRTBCOOKIE_27=16735-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&16736-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&23019-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&23114-uid:affc610f-f78c-4a00-814f-ca40fadd9e70; KRTBCOOKIE_377=6810-365d2ebd-a211-43b5-8b5a-892cfa759404&KRTB&22918-365d2ebd-a211-43b5-8b5a-892cfa759404&KRTB&23031-365d2ebd-a211-43b5-8b5a-892cfa759404; PugT=1628436364
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 15:26:04 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003&KRTB&17107-RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 15:26:04 GMT; path=/ PugT=1628436364; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 15:26:04 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 15:26:04 GMT; path=/
x-lat
amspug005:0:511
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sun, 08 Aug 2021 15:26:05 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003%22%7D; path=/; expires=Mon, 08 Aug 2022 15:26:05 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003
etag
RXfb1844c1cd4e49e1bd7c20c6bb995db6003
dpe
ad4m.at/ad/ Frame 061F 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67b9c2d03bba4ec2-FRA
Pug
image2.pubmatic.com/AdServer/ Frame BBA0
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y56In7tz1xUo6UbWaFbEXRy-
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y56In7tz1xUo6UbWaFbEXRy-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y56In7tz1xUo6UbWaFbEXRy-
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D; chkChromeAb67Sec=1; DPSync3=1629590400%3A197_219_201%7C1628467200%3A174; SyncRTB3=1629676800%3A35%7C1629244800%3A63%7C1628985600%3A2_15_67_223%7C1630972800%3A203%7C1629590400%3A99_231_13_3_71_81_161_165_8_22_88_189_166_21_176_234_230_204_54_55_56_220_7; KRTBCOOKIE_22=14911-2600130840653368554; PUBMDCID=3; KRTBCOOKIE_391=22924-6448242630412783773&KRTB&23263-6448242630412783773; KRTBCOOKIE_1101=23040-6994080927023691927; KRTBCOOKIE_27=16735-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&16736-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&23019-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&23114-uid:affc610f-f78c-4a00-814f-ca40fadd9e70; KRTBCOOKIE_377=6810-365d2ebd-a211-43b5-8b5a-892cfa759404&KRTB&22918-365d2ebd-a211-43b5-8b5a-892cfa759404&KRTB&23031-365d2ebd-a211-43b5-8b5a-892cfa759404; PugT=1628436364; KRTBCOOKIE_594=17105-RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003&KRTB&17107-RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003; KRTBCOOKIE_1074=22956-e_2a69b44e-e6e5-4293-bad6-d69b691d6b9b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 15:26:05 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-Y56In7tz1xUo6UbWaFbEXRy-; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 15:26:05 GMT; path=/ PugT=1628436365; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 07-Sep-2021 15:26:05 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 15:26:05 GMT; path=/
x-lat
lhrpug019:0:546
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 08 Aug 2021 15:26:05 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=Y56In7tz1xUo6UbWaFbEXRy-; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y56In7tz1xUo6UbWaFbEXRy-
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 4E8C 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 08 Aug 2021 15:26:05 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame B93C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=uaAhYvgopE3O&pid=557219
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=uaAhYvgopE3O&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=uaAhYvgopE3O&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D; chkChromeAb67Sec=1; DPSync3=1629590400%3A197_219_201%7C1628467200%3A174; SyncRTB3=1629676800%3A35%7C1629244800%3A63%7C1628985600%3A2_15_67_223%7C1630972800%3A203%7C1629590400%3A99_231_13_3_71_81_161_165_8_22_88_189_166_21_176_234_230_204_54_55_56_220_7; KRTBCOOKIE_22=14911-2600130840653368554; PUBMDCID=3; KRTBCOOKIE_391=22924-6448242630412783773&KRTB&23263-6448242630412783773; KRTBCOOKIE_1101=23040-6994080927023691927; KRTBCOOKIE_27=16735-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&16736-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&23019-uid:affc610f-f78c-4a00-814f-ca40fadd9e70&KRTB&23114-uid:affc610f-f78c-4a00-814f-ca40fadd9e70; KRTBCOOKIE_377=6810-365d2ebd-a211-43b5-8b5a-892cfa759404&KRTB&22918-365d2ebd-a211-43b5-8b5a-892cfa759404&KRTB&23031-365d2ebd-a211-43b5-8b5a-892cfa759404; KRTBCOOKIE_594=17105-RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003&KRTB&17107-RX-fb1844c1-cd4e-49e1-bd7c-20c6bb995db6-003; KRTBCOOKIE_1074=22956-e_2a69b44e-e6e5-4293-bad6-d69b691d6b9b; KRTBCOOKIE_153=19420-iPVlCtjzbQ-Tp2xbh6d4VI6lNg-T_GwPjqKWlHCq&KRTB&22979-iPVlCtjzbQ-Tp2xbh6d4VI6lNg-T_GwPjqKWlHCq; KRTBCOOKIE_336=5844-4118481453551269746; KRTBCOOKIE_80=22987-CAESEKv7V_ODaDpGTNgXiKbUsTQ&KRTB&16514-CAESEKv7V_ODaDpGTNgXiKbUsTQ&KRTB&23025-CAESEKv7V_ODaDpGTNgXiKbUsTQ; KRTBCOOKIE_409=22966-Y56In7tz1xUo6UbWaFbEXRy-; KRTBCOOKIE_57=22776-1165535154586201709; PugT=1628436366
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 08 Aug 2021 15:26:05 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 06-Nov-2021 15:26:05 GMT; path=/
x-lat
amspug001:0:384
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-84459f4bbf-mxbgh
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=uaAhYvgopE3O&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=e682dbb7d1672424; path=/; HttpOnly; Secure; SameSite=None
i.match
s.tribalfusion.com/z/ Frame 6BB5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aRnoeUPME7vQmKvElTEj0BlcJhTrqZbjr4WZdf6Wso
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aAnsIHqO2c9U2OqnvebZagY8Za3CrKdEaJQpNblGEdWm5dTfW8DCtR7uIO2mYXfCFu1WH19sPUQQ9MY5Lr7YNF5xB0; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 15:26:05 GMT; SameSite=None; Secure; ANON_ID_old=aAnsIHqO2c9U2OqnvebZagY8Za3CrKdEaJQpNblGEdWm5dTfW8DCtR7uIO2mYXfCFu1WH19sPUQQ9MY5Lr7YNF5xB0; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 15:26:05 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67b9c2d16b2a061c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 08 Aug 2021 15:26:05 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
101
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aRnoeUPME7vQmKvElTEj0BlcJhTrqZbjr4WZdf6Wso; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 15:26:04 GMT; SameSite=None; Secure; ANON_ID_old=aRnoeUPME7vQmKvElTEj0BlcJhTrqZbjr4WZdf6Wso; path=/; domain=.tribalfusion.com; expires=Sat, 06-Nov-2021 15:26:04 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67b9c2d03884061c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 5482 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sun, 08 Aug 2021 15:26:05 GMT
server
b
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5B8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XsO6RZnnRA6dsl9D8ewZTQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=23286
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 08 Aug 2021 21:54:10 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3467610f-f78c-4a00-9e94-a3214e937601
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3467610f-f78c-4a00-9e94-a3214e937601
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 08 Aug 2021 15:25:25 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3467610f-f78c-4a00-9e94-a3214e937601
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 08 Aug 2021 15:25:24 GMT
mw
mwzeom.zeotap.com/ Frame 5B8A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=96d091fd26a95442d85a6c419f3ab6fb
  • https://spl.zeotap.com/?zdid=1332&zcluid=41da6fe19851e9c5
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5987a588-5e93-4df3-426e-2311d05bab99&reqId=472c52ec-43e4-4119-6fa7-5dbb774e4aac&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEKK6dgojlm9Fxi1ePJRVdWA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5987a588-5e93-4df3-426e-2311d05bab99&reqId=472c52ec-43e4-4119-6fa7-5db...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEKK6dgojlm9Fxi1ePJRVdWA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5987a588-5e93-4df3-426e-2311d05bab99&reqId=472c52ec-43e4-4119-6fa7-5dbb774e4aac&zcluid=41da6fe19851e9c5&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
67b9c2db2b8a5364-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEKK6dgojlm9Fxi1ePJRVdWA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5987a588-5e93-4df3-426e-2311d05bab99&reqId=472c52ec-43e4-4119-6fa7-5dbb774e4aac&zcluid=41da6fe19851e9c5&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUVDM0JBNDUtOTlFNy00NDBFLTlEQjItNUY0M0YxRUMxOTRE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv7V_ODaDpGTNgXiKbUsTQ&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv7V_ODaDpGTNgXiKbUsTQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:618
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKv7V_ODaDpGTNgXiKbUsTQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5B8A 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 07 Aug 2021 15:26:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:affc610f-f78c-4a00-814f-ca40fadd9e70&gdpr=0&gdpr_consent=
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:affc610f-f78c-4a00-814f-ca40fadd9e70&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:02 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 08 Aug 2021 15:25:25 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:affc610f-f78c-4a00-814f-ca40fadd9e70&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 08 Aug 2021 15:25:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6448242630412783773
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6448242630412783773
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6448242630412783773
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=365d2ebd-a211-43b5-8b5a-892cfa759404
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=365d2ebd-a211-43b5-8b5a-892cfa759404
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:366
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=365d2ebd-a211-43b5-8b5a-892cfa759404
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1165535154586201709&gdpr=0&gdpr_consent=
42 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1165535154586201709&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:597
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:06 GMT
X-Proxy-Origin
37.120.194.180; 37.120.194.180; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
91ea8234-6ae2-41de-820c-e4a4f165adbb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1165535154586201709&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5EC3BA45-99E7-440E-9DB2-5F43F1EC194D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5B8A 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/5EC3BA45-99E7-440E-9DB2-5F43F1EC194D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BKmTpe9E2uWR6D.8uAM1uLyf.uo76cU-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BKmTpe9E2uWR6D.8uAM1uLyf.uo76cU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 08 Aug 2021 15:26:04 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-BKmTpe9E2uWR6D.8uAM1uLyf.uo76cU-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ea3f2161-cae0-49ec-9a88-fc31b9f036c2&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=ec045913-5e47-472f-be64-41bd09c85aa0&expires=1&user_group=5&ssp=pubmatic&bsw_param=ea3f2161-cae0-49ec-9a88-fc31b9f036c2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea3f2161-cae0-49ec-9a88-fc31b9f036c2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea3f2161-cae0-49ec-9a88-fc31b9f036c2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:401
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea3f2161-cae0-49ec-9a88-fc31b9f036c2&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 08 Aug 2021 15:26:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iPVlCtjzbQ-Tp2xbh6d4VI6lNg-T_GwPjqKWlHCq
42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iPVlCtjzbQ-Tp2xbh6d4VI6lNg-T_GwPjqKWlHCq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:470
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iPVlCtjzbQ-Tp2xbh6d4VI6lNg-T_GwPjqKWlHCq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2600130840653368554&gdpr=0&gdpr_consent=&us_privacy=
1 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2600130840653368554&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:03 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:400
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2600130840653368554&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQ-3kAADUBJYRQBg&gdpr=0&gdpr_consent=&_test=YQ-3kAADUBJYRQBg
1 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQ-3kAADUBJYRQBg&gdpr=0&gdpr_consent=&_test=YQ-3kAADUBJYRQBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:06 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:424
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1628436368.218139,VS0,VE0
x-served-by
cache-fra19148-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YQ-3kAADUBJYRQBg&gdpr=0&gdpr_consent=&_test=YQ-3kAADUBJYRQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 5B8A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5EC3BA45-99E7-440E-9DB2-5F43F1EC194D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c61ede2c-e554-43d3-b90b-cbd86494886b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c61ede2c-e554-43d3-b90b-cbd86494886b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:06 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:369
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c61ede2c-e554-43d3-b90b-cbd86494886b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 08 Aug 2021 15:26:08 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:513
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:05 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2653631648784106663
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2653631648784106663
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:335
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 15:26:05 GMT
X-Proxy-Origin
37.120.194.180; 37.120.194.180; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1747b347-fea0-4c0d-a23e-ed2934ff9b0f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2653631648784106663
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5B8A
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2a69b44e-e6e5-4293-bad6-d69b691d6b9b
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2a69b44e-e6e5-4293-bad6-d69b691d6b9b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:404
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2a69b44e-e6e5-4293-bad6-d69b691d6b9b
date
Sun, 08 Aug 2021 15:26:05 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
sd
eu-u.openx.net/w/1.0/ Frame 7C1F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8185610f-f78c-4e00-9361-d86c631a7d93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8185610f-f78c-4e00-9361-d86c631a7d93
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 08 Aug 2021 15:25:25 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8185610f-f78c-4e00-9361-d86c631a7d93
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 08 Aug 2021 15:25:24 GMT
sd
us-u.openx.net/w/1.0/ Frame 7C1F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VhYdrAYQFalNRBT9WUQA8lBGTqlNHxSpUEEvTYDQ
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VhYdrAYQFalNRBT9WUQA8lBGTqlNHxSpUEEvTYDQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VhYdrAYQFalNRBT9WUQA8lBGTqlNHxSpUEEvTYDQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7C1F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8535679572810067262
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8535679572810067262
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8535679572810067262
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7C1F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d8d48d8e-4428-7732-d191-620a5a34a37b&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7C1F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjRiYjVlNDQtOGQ1Zi0yOTk2LWM0NzEtMzhiMzkwZDY2ZDFi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7C1F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9XZZ3Mektnax6veN5_ZmM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9XZZ3Mektnax6veN5_ZmM&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH9XZZ3Mektnax6veN5_ZmM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sonomanews.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
507580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 18:26:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F13F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulF9DEkrXahExEUyeUXekVMQ39d5p6FSoEE72fnDrFS2-bYEoC6cGGalsDAdRk_5Kykgnrqrd3eIATS11jrr8va0BSIqJ3chVAUf1QkFqU8UGAvbpfgxDVo_CpeqxshhZcsEAkhIfyUaxyghmb-5COJ2kYKLsDkNgayDA8NNy9qxqtTlEt9PaKloXxobGXErT8L5J21j-Hse6W16J5U4aUlSq0g0fFVOy3qwjqSSglAHYg_B1iaebGTqCtEYxz0uGXhIR7WBDBZwDTMfpcDGSMGSXvRAILd8YysyZIKimCKivq7KqY-DwXfu3yfQ&sig=Cg0ArKJSzCuegcoKf7LvEAE&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame F13F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Aug 2021 15:21:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F13F 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:04 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249295356546"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38372
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:04 GMT
16551120384385843073
tpc.googlesyndication.com/simgad/ Frame F13F 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16551120384385843073
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js?31062192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d38671ef17911760261a060b4ab5f611aa715966b8fd51cae2701df7559da62a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 10:09:57 GMT
x-content-type-options
nosniff
age
364567
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
168613
x-xss-protection
0
last-modified
Wed, 02 Jun 2021 22:14:13 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Aug 2022 10:09:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F13F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux-sNw8XJ6dMRQL25uXnumd2VXUwgtY5koyMw4xQnijLt4OrGVzPnmiWYioq2uCQptOxUkSKUiZKDwZstQFlfl8sOLv9AZdWnVoU2O-EWDI0Sx8uvsrUYytjGWL8kjlxApm0DPtKrUY4O6hnPj9A2PYE_55PRF7cDrq_A6-yGWLxh8ux07P2csTpnjQ7x9H2amPfPjlyWCw3u6crkj5GlXSS0s73JQm3V2EquD05uzu9IqmT61eytj1TJ7o5TpgApJLaN6hv7-RKGJQSisDTao2H5fPmk8Xq2YZ9V7X8-31adJWVhF6Noqbzg0apzF&sig=Cg0ArKJSzDxjCzYAoZGDEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 08 Aug 2021 15:26:05 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTcwNzg3MTE5OSIsImVidXkiOiIyODM0MTk3ODA1IiwiZWFkdiI6IjQ3NzA3MTczMjYiLCJlY2lkIjoiMTM4MzUxNTM1Njk3IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMDE1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.108&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=16&tid=4ede7997-16b4-4640-b67e-91bbcb5c50d4&pid=0de4b440-3001-44ef-bebb-8c3c7e0e3350&dtm=1628436365028&qnm=_matherq&visible=1&tabid=7a0a680d-8337-4f5e-96ed-092a6f9a2e08&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vp=1600x1200&ds=1600x8072&tofa=1628436365&vid=1&lvidt=1628436365&duid=fdf2c581eb3d47a7&fp=1072425006&cid=ma16916&mrk=901956900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-56-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:05 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
truncated
/ Frame F13F 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebcf8ea5ae255229cf913c6c9f08b248c9e071ed48a566320527235d8a9a5a3f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ads
pubads.g.doubleclick.net/gampad/ Frame DE82 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_sonomanews.com_5&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dsonomanews.com&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&max_ad_duration=30000&min_ad_duration=0&sid=508C6C92-FDBA-41F4-86E1-1292C0F4A011&adk=2479522182&cookie_enabled=1&correlator=1723876043325506&dt=1628436365152&ged=ve4_td1_tt1_pd1_la1000_er889.1175.1120.1585_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&osd=2&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&scor=2014498991758195&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&vis=1&u_so=l&eid=420706106&hl=en&frm=0&sdki=44d&sdkv=h.3.473.0&sdr=1&vid_d=40&vid_kw&vid_t&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9DC9 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_sonomanews.com_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dsonomanews.com&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&max_ad_duration=30000&min_ad_duration=0&sid=17946F56-B66A-41E5-98D0-CA9A2B43DF27&adk=2659749211&cookie_enabled=1&correlator=3000086387411747&dt=1628436365424&ged=ve4_td1_tt1_pd1_la1000_er889.1175.1120.1585_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&osd=2&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&scor=3279408610237750&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&vis=1&u_so=l&eid=44725355%2C44737473&hl=en&frm=0&sdki=44d&sdkv=h.3.473.0&sdr=1&vid_d=40&vid_kw&vid_t&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.219.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-219-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Sun, 08 Aug 2021 15:26:05 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1628436365925&cid=60254dee1d8a5f00b139ff7e&VERSION=4.73.2&cou=DK&AV_PAGE_LOAD_UID=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_CDIM4=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
118.12a6f1c6e642186dd14a.css
cdn.viafoura.net/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/118.12a6f1c6e642186dd14a.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41501cd26dd635f1451f29be3a859218e6e09ffde483a7e68c585cd39a658f24

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:38 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:28 GMT
server
AmazonS3
age
175409
etag
W/"888af81758d5819ce298997ec3514ab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
VLnmL1YAY00tux8_LbbrU1bSfYqH76sv
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
text/css; charset=utf-8
x-amz-cf-id
qAl-AYnKhrxbZrHC9IIkFdH5LOrYazZRE11FP7ID1sJYUqeKqRfNCw==
trending_articles_js.6e8e4552cd1ffce82dc4.js
cdn.viafoura.net/chunks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/trending_articles_js.6e8e4552cd1ffce82dc4.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d125e143a32bd4512909ef7feda4794945411a439423f63893f1d755199d459

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:38 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:24 GMT
server
AmazonS3
age
175409
etag
W/"23a16c38806b5ebcf565e72a6fb1039d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
HvHvIyK3Aj77PesV1_5rarsqWmI5b3ip
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
iOByJxdiO-7elh20APEefUoYx62yqB0TA1lNajioMdrU9wPXH1S_qA==
trending_articles-module-js.e884c1c643ffb26b0826.js
cdn.viafoura.net/chunks/vuex_store/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.e884c1c643ffb26b0826.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18a19798b27880b7195576bc1496e03b48c91768c77426f7c6dd13cf08ef12a6

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:38 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:20 GMT
server
AmazonS3
age
175409
etag
W/"758bb5a048b728deac8e2f676d7813e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
oAHGxtXFa4bT66LTCN5oPsqdy9yz8yT6
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
J32BBZna2WAJ5G-Wz-kXsIKR0-t5b26dd90okwURAz5w0pIKE8-vTg==
SPug
simage4.pubmatic.com/AdServer/ Frame 5B8A 		0
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Sun, 08 Aug 2021 15:26:06 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		152 KB
153 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
71167f55c0d61dd219b7d09dfcf0c1a562b09259957cf009c233271ca6382acb

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=734140-889803

Response headers

Date
Sun, 08 Aug 2021 15:26:07 GMT
Content-Range
bytes 734140-889803/1433688
Connection
keep-alive
Content-Length
155664
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521084
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:07 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.sonomanews.com&rs=www.sonomanews.com&sid=68483&t=1628436363&cip=37.120.194.180&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1628436363819-996319972482-008430-005-003071&cha=0.7&stagid=&stplid=&cb=50311770423&cd1=4.73.2&cd4=eae00194-73c0-4cf6-93b3-61360caa7ae9&cd5=dfp&d9=1000&AV_WIDTH=410&AV_HEIGHT=231
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 08 Aug 2021 15:26:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.108&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=16&f_privb=0&tid=7adae90d-93d5-4503-8429-42148e001b04&pid=0de4b440-3001-44ef-bebb-8c3c7e0e3350&dtm=1628436368814&qnm=_matherq&visible=1&tabid=7a0a680d-8337-4f5e-96ed-092a6f9a2e08&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&vp=1600x1200&ds=1600x8072&tofa=1628436365&vid=1&lvidt=1628436365&duid=fdf2c581eb3d47a7&fp=1072425006&cid=ma16916&mrk=901956900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYyODQzNjM1NTkyMCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIyNjQwIiwiZmV0Y2hTIjoiOTI1IiwiZG9tYWluUyI6IjkyNSIsImRvbWFpbkUiOiI5MjUiLCJjb25uUyI6IjkyNSIsImNvbm5FIjoiOTI1IiwicmVxdVMiOiI5MjYiLCJyZXNwUyI6IjEzMjEiLCJyZXNwRSI6IjE0OTciLCJkb21Mb2FkIjoiMTMyNCIsImRvbUludGVyIjoiMzAxNCIsImRvbUxvYWRTIjoiMzAxNCIsImRvbUxvYWRFIjoiMzAzMiIsImRvbUNtcGx0IjoiNDg2MiIsImxvYWRTIjoiNDg2MiIsImxvYWRFIjoiNDg2NCJ9fQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-56-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 15:26:08 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
stats
ads.adventive.com/api/ 		43 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adventive.com/api/stats?acc=164&adv=8310&atid=4&auid=134645&cache=1&cid=59841&gid=0&pcid=78663&pid=146948&sid=565&tag=9e3c70b3-566c-49b4-96aa-c20176b38ed8&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=1&ckid=b00598fe-ae85-4022-a47c-2d58028abe55&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&clk=0&dat=%7B%22screenIndex%22%3A2%7D&dh=1200&dw=1600&eng=0&grp=0&hc=mmiowwei&iid=7bf34566973f4687ad88bfb882031e02&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&type=nav_collapse_auto&hov=0&cb=1628436369578
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:09 GMT
content-encoding
none
cf-cache-status
DYNAMIC
timing-allow-origin
*
p3p
CP="CAO PSA OUR"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
67b9c2eddd142bc2-FRA
expires
Wed, 11 Jan 2000 12:59:00 GMT
119.4699927e96ec45f5f859.css
cdn.viafoura.net/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/119.4699927e96ec45f5f859.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe5d16c1b76dd3f207eb14d022a20cf0bbc446fb275fbbe6758ff618f3479d00

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:39 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:27 GMT
server
AmazonS3
age
175412
etag
W/"d2ce7c91d5012fe3243bb377494103b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EtqFJ4A_bydSf5GKC5AHkyhnApx2pNci
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
text/css; charset=utf-8
x-amz-cf-id
I4QZ8PoxdF9UAxGLwfxjna0fJcQjKwYT4xUrfyk9iVDFb2ppPzVYtw==
vendors~content_recirculation_js.c62352cf9ebf13a71e9a.js
cdn.viafoura.net/chunks/ 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~content_recirculation_js.c62352cf9ebf13a71e9a.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbe52492dfa9f64adc7ebd298a2e3c22ad19ef5d07be1953a8dfef88d14419ad

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:38 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:26 GMT
server
AmazonS3
age
175413
etag
W/"327a5b3e97480a1659b90603905b5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
HAuENq6mbJT14Tpa1WXOSsmdgBgwALe4
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
hiaZ9riYeVBlBpKCuISwuXaVFtfhftWYx1qV1b3CfR-v_K59WfxElQ==
32.5f7c10f2c30add74d86a.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/32.5f7c10f2c30add74d86a.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e0c043f923fef46ce0147fddb4bc90360d029b583d3a3cd18d2535319404812

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:39 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:27 GMT
server
AmazonS3
age
175412
etag
W/"1b27a793acdaf67badfefdec66df1b4d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Y7riEgyuAV.gu1VfEmZUlFoXA3PahD7v
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
text/css; charset=utf-8
x-amz-cf-id
2nicwJRpcnQ8znAj1EZo3rWKwogJQUwBV0hGYw1ikeA_HIWDgorx8Q==
content_recirculation_js.5b1a43b608979dfafd65.js
cdn.viafoura.net/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/content_recirculation_js.5b1a43b608979dfafd65.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d898d72919920b7c349df8fa058f9878430222f1d6ce50b2fe880e37aa7f7e2

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:39 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:26 GMT
server
AmazonS3
age
175412
etag
W/"6690cc7230bef96802054fc79bf90c83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
eyVpHxZPl0ZYK4VUi3m6hrFf3k1tlBId
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
-ExWt0At9e5Jok2EgkEPKsas4xGiaAUoBCMF-RTZdvuZF2RMhpO_5Q==
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.sonomanews.com&rs=www.sonomanews.com&sid=68483&t=1628436363&cip=37.120.194.180&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1628436363819-996319972482-008430-005-003071&cha=0.7&stagid=&stplid=&cb=50311770423&cd1=4.73.2&cd4=eae00194-73c0-4cf6-93b3-61360caa7ae9&cd5=dfp&d9=1000&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=60254dee1d8a5f00b139ff7e&e=request&cb=1628436370606&asid=603bb7a9af22ea71e0307db4%2C5c5a9a6228a0617b9619af99%2C5e1b272e28a06142643c20cd%2C604e0bb1f199b154cc115338%2C60ebfe94ebe867570438e997&ofpr=6%2C2%2C3%2C2%2C&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ec8bd806757a654105716a2e57cd14005f424a6c48882ce8f3c5509542fe886d

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:10 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
077276bb58e0d973305bdce752b538adfe7d98aef4c6c32879731959f57e311d

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:10 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
mvo
tag.1rx.io/rmp/203144/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=4.42.1,2.1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomanews.com
pragma
no-cache
date
Sun, 08 Aug 2021 15:26:10 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.75.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4cb66ddbe1e3464f3adbf7cb7073b9aa2aa6482073686918bd4ce5c8415c5153

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:10 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.sonomanews.com&rs=www.sonomanews.com&sid=68483&t=1628436363&cip=37.120.194.180&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1628436363819-996319972482-008430-005-003071&cha=0.7&stagid=&stplid=&cb=50311770423&cd1=4.73.2&cd4=eae00194-73c0-4cf6-93b3-61360caa7ae9&cd5=dfp&d9=1000&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=60254dee1d8a5f00b139ff7e&e=bid&cb=1628436370767&asid=60ebfe94ebe867570438e997&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.246.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1413 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119640
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:13 GMT
vendors~chat_js~comments_js~liveblog_js.faf2d9ece16b7af8be1d.js
cdn.viafoura.net/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~chat_js~comments_js~liveblog_js.faf2d9ece16b7af8be1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb690783588895d4fdf5bdf7ba22870672b67b85c9bd5c3df4643e61e6b4b19f

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:24 GMT
server
AmazonS3
age
175415
etag
W/"307f0f4dde5db6b821def5b5f15d2c43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
P6xRsaf7meJVNdwBRcqL2b0mscBQejG0
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CCpPFh0fJpc5pMFyc2qKO3CRtOcb3I9hoOjXAh6yDJXMzhgAUtRiaA==
vendors~comments_js~liveblog_js.089a26a87169bb62db54.js
cdn.viafoura.net/chunks/ 		251 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~comments_js~liveblog_js.089a26a87169bb62db54.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbef5be35e9f58fbe3763fbd707d1ed0fe80f1d8e59814afdbc43a2d19e87720

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:25 GMT
server
AmazonS3
age
175415
etag
W/"bce2cf2779e42393ff393d7f6f068b25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
.jxOnhFqITc64af7Hs.eiG_Rv6O8SPUI
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
D0HA3taEr9Q7QdZhM2KrxnjiIzmOqI1swx2lxbhatVwjlSgKgdqmhw==
4.dccc409ad8da4a31bb47.css
cdn.viafoura.net/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/4.dccc409ad8da4a31bb47.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea17174ab03f3417adac0c8fa031c71e97c16550a826b280fcb230dc943bf904

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:28 GMT
server
AmazonS3
age
175415
etag
W/"f99c58149f14f1578a384663ba93931e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
RjtInRGz6bf8obwlPirRVKVUVBTA4DGc
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
text/css; charset=utf-8
x-amz-cf-id
NSB2j4HDUgDRea7S5qynskAUkojUuQ8FeMOyUoZEu9ybVqmOS5KedA==
default~chat_js~comments_js~liveblog_js.187fc0194214fdd05ed1.js
cdn.viafoura.net/chunks/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~chat_js~comments_js~liveblog_js.187fc0194214fdd05ed1.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a43cb319af0f302958bee81e8fec135b4fa7c6423d163245b48e8f7832f393fb

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:23 GMT
server
AmazonS3
age
175415
etag
W/"dbb4e0fd7b53736ec98e8c598bf35230"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
NMsQPMhscGRhC2vPhlSHqXAd6GT2Rb3A
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
D8dQQ8Pn_q6VkD9lya-XgiHMMbJbz5RfFZZx3HG0PRegCwfFK6FgaQ==
29.af08f2d34a829ac6d85b.css
cdn.viafoura.net/ 		68 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/29.af08f2d34a829ac6d85b.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
faaf93350f20cba58c86f904442b82ce75172e758d2b506034afcc3c923eed10

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:28 GMT
server
AmazonS3
age
175415
etag
W/"3b63224dd84ab86156d1a5d5c9a0c19b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
_woVdws2RGYEk.0BOhYK77VjFviM9qGb
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
text/css; charset=utf-8
x-amz-cf-id
sRQ45uws79G2zFljSwQJgRjQHuJi9EDqSxOimGEPQA4jxlGn2LLL_Q==
comments_js.e61dd61b71af06ebb707.js
cdn.viafoura.net/chunks/ 		224 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/comments_js.e61dd61b71af06ebb707.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fecf49489b76ce1c49e59221923ee5e335522b5261e26772aaa2b652d4711254

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:24 GMT
server
AmazonS3
age
175415
etag
W/"1ff64382d192f3a896437a5574a7f8f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
a5OwJvC9MFxKFCR8DK0Mx257AnOqVxKy
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
I5mC-T4j1yOg9NnLqVmM8ASEeMfZ0IW0jOUNdUmpiWgNnVJgI0D7bA==
livecomments-module-js.682659d82b7f57d259d8.js
cdn.viafoura.net/chunks/vuex_store/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.682659d82b7f57d259d8.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48b3dd81894be385451af1daaa0503a31d0e71f22b614d326926220402fc2b00

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:21 GMT
server
AmazonS3
age
175415
etag
W/"35874569488fa6b9cd3592ffe1611186"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
teojWvSSwHfsGc6L5iWuxpwmvlTy2Ur9
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
z6Cvr0-LhoSMJuo2iN2AEko-phhvq7BFuw-6PLWE3GVwIomrPFVQyg==
content_container-module-js.0f73c18999f51ffd1399.js
cdn.viafoura.net/chunks/vuex_store/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.0f73c18999f51ffd1399.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca962c979a0c079867900c2d4e79ad1bec01daf6766c5f60cbf3ba1bd6fdba24

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:21 GMT
server
AmazonS3
age
175414
etag
W/"b9ba62b8145e0a2c238ecbccc29dac6f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
gDUT1M2DBq5sW4uoO3l8LyCQJR2edu9w
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
so5UU0DGJ29dyV5Ujehdv9R-PMblC2jT8gvNW7iHY6CYrth-Doin9Q==
threads-module-js.1837b67de2678a47d18d.js
cdn.viafoura.net/chunks/vuex_store/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/threads-module-js.1837b67de2678a47d18d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89234974f4f5edbf161ab923eea26c14f9fbd29031a7b68fb64084eef4c7296a

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:20 GMT
server
AmazonS3
age
175415
etag
W/"62d4d2177a08a18d87b02d06511b4d64"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
M1JBx5e95qENhw5mKLpPqkQF6F.K9G1e
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
yILKCvPtTUsSf05cBS97JLSyzGV9fmlEveMhjjwkFYCr97I_E1H_iw==
interaction-module-js.a8a8e4e1321378401cef.js
cdn.viafoura.net/chunks/vuex_store/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/interaction-module-js.a8a8e4e1321378401cef.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32c845e86d965d4249fd9670214ee0acc4d4cf2b54d8b933ca108c8b408419a5

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:42:37 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 14:42:20 GMT
server
AmazonS3
age
175415
etag
W/"f73972e5bc7bbf339f41896d1c8a08a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
CXG4_Esn5ux.Uq6XWI0b20tYuQMOAy4l
via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
JFMxNar-nkvhck2kC_ycteVOLlzARNklbA9016Ld3cs7NKwfokC5iA==
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ 		161 KB
161 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
6ec84b7ebe22c1dfddac22a4e78c54c9d7f13e21013ca484b2b9d37339f65c93

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=889804-1054303

Response headers

Date
Sun, 08 Aug 2021 15:26:12 GMT
Content-Range
bytes 889804-1054303/1433688
Connection
keep-alive
Content-Length
164500
X-Served-By
cache-wdc5571-WDC
Last-Modified
Sun, 08 Aug 2021 00:49:12 GMT
Server
cloudinary
X-Timer
S1628399851.149961,VS0,VE1
ETag
"80c6c4555d18f0dc5c929fb298f7e71a"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31521079
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1628383741/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1628383321135.ts
Protocol
HTTP/1.1
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range
Origin
https://www.sonomanews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
13
Date
Sun, 08 Aug 2021 15:26:11 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Access-Control-Allow-Headers
Range
bridge3.473.0_en.html
imasdk.googleapis.com/js/core/ Frame 9280 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.473.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194074
date
Thu, 05 Aug 2021 08:40:55 GMT
expires
Fri, 05 Aug 2022 08:40:55 GMT
last-modified
Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
283518
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 1413 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 08 Aug 2021 15:26:13 GMT
integrator.js
adservice.google.com/adsid/ Frame 1413 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 15:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1628436373340&cid=60254dee1d8a5f00b139ff7e&VERSION=4.73.2&cou=DK&AV_PAGE_LOAD_UID=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_CDIM4=eae00194-73c0-4cf6-93b3-61360caa7ae9&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A357 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 14:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 08 Aug 2021 15:57:24 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9280 		156 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=207226181848827&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2479522182&sdk_apis=2%2C8&sid=943A3AA2-65B9-4441-870F-C7417BE1F097&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&ref=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&dt=1628436373428&cookie_enabled=1&scor=633520497330481&ged=ve4_td2_er889.1175.1044.1475_vi0.0.1200.1600_vp100_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 15:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sonomanews.com&p=%2Farticle%2Flifestyle%2Fkathleen-hill-panda-express-new-tips-menu-and-more%2F&u=DJvFEABR92ADB7LpIl&d=sonomanews.com&g=60036&g0=lifestyle&g1=KATHLEEN%20HILL&n=1&f=00001&c=0.25&x=0&m=0&y=8072&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=3208&t=D7TFImBhIkU2CznCRC8cRDeC3Rt5g&V=128&tz=-120&_acct=anon&sn=2&sv=BzfbddBWErjCBt4N_dCCHR1aCdON0F&sd=1&im=067b2ffb&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.28.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-28-94.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 15:26:14 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| $ function| jQuery function| Template7 object| pageSections string| pageSection string| adSection string| tplSection string| tplTopSection string| tplPubDir number| refreshAdsEach string| legacyCmsId string| articleUuid object| googletag boolean| loadAmazonAds number| refreshVisibleAdsAfter object| smiDfp object| apstag object| widgetArray string| feedVersion object| smiBlock undefined| cphPD boolean| cphSIT undefined| cphPAC undefined| cphNBBJ undefined| cphSCG undefined| cphLPS string| cphDomain string| cphCookieDomain string| cphPubName string| cphPubAbbrev string| cphFeedDir string| cphEnv object| cphGlobal object| cphLoader string| smiPromoOffer function| getMIPC string| pageType string| pageLayout number| disqusLoaded function| showDisqus2016 function| hideDisqus2016 function| checkmeter function| getpwCookie function| setpwCookie function| setABCCookie string| encCurURL string| encPrevURL object| _sf_async_config object| _cbq object| matherData string| matherEmail object| MG2Loader object| mg2PageData object| imageSizes object| siteConfig object| mainGallery object| mainGalleryTSM function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config function| delete_cookie boolean| supressDialog object| subscriber function| loadVF object| cswidgetoverR object| pSUPERFLY_mab object| pSUPERFLY object| google_tag_manager function| VFlogout number| vfGoogletagCallbackAttempts boolean| vfGoogletagCallbackLoaded function| vfGoogletagCallback number| vfGoogletagLoop function| generateAd function| pickClick function| vfLogMeOut function| handleVFsubmit function| vfNameFocus function| vfNameBlur function| commentFocus function| cleanText function| scrubText object| vfQ object| VFsession object| VFemail string| GRroot string| MD5root number| MDlast number| MDoffset object| iconType object| avatarURL string| vfimaged string| VFavatar number| j number| k boolean| validName object| appInsights object| google_tag_data string| GoogleAnalyticsObject function| ga object| templateMap number| gCarouselIncrement number| carouselBlockIncrement object| sitsectionlifestyle1 object| sitpopularall1 boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData boolean| __@@##MUH object| AI object| Microsoft function| __extends function| _endsWith object| _mather object| _mg2q object| _matherq object| tid string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| wp object| addthis_share object| _cb_shared object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt string| IPaddr function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| TRUE_ANTHEM object| oattr function| Swiper object| MG2DL function| ccpaIsOptedOut function| ccpaGetCookie function| disqus_config object| DISQUS object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gPartners object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxIframes object| ampInaboxPendingMessages boolean| msgData function| appendScript object| ns_4_134645_EJ172635 object| Adventive object| srcDoc object| ampContext boolean| preventSpecialFormat function| VisSense object| _vfP object| __core-js_shared__ object| core boolean| vfLoaded object| 95be6cd9a28b98671c1cb95f366258c8 object| viafoura object| vf object| GoogleGcLKhOms object| google_image_requests string| VFusername object| _event object| ns_4_134645_EJ172635_int function| positionInterstitial_adventive_htmlx_EJ172635_int function| fadeIn_adventive_htmlx_EJ172635_int function| getDoc_adventive_htmlx_EJ172635_int function| closeIntersititialOnClickThrough_adventive_htmlx_EJ172635_int object| cB string| style object| VFreset string| pbPageIdentifier string| __EXCO_INTEGRATION_TYPE object| com object| STREAM_CONFIGS string| STREAM_ID function| _avcp object| regeneratorRuntime object| pbStream object| __EXCO function| Hls function| av_sciv_hndlr1628436363471 object| storageAni number| google_global_correlator object| closure_lm_725770 object| closure_lm_304896 object| closure_lm_914814 object| closure_lm_130055

35 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
newsletter.sonomanews.com/ Name: PHPSESSID
Value: i9p2cpde9g57730l008a2gddq7
.doubleclick.net/ Name: IDE
Value: AHWqTUkktklh20x5-GTUh1j-bxTp34YjlpFlgie-8uD57BZXpLjhXT5M134L4IZOr1k
.sonomanews.com/ Name: _gat_gtag_UA_37668716_1
Value: 1
.sonomanews.com/ Name: _sp_id.35b1
Value: a4690ef6120d032e.1628436359.1.1628436360.1628436359
www.sonomanews.com/ Name: _gid
Value: GA1.1.723143851.1628436359
.sonomanews.com/ Name: __gads
Value: ID=609233e15440f4b6-22a0c19099c80056:T=1628436359:S=ALNI_Mbe9ejnm1TFDf4U9s7-6mMDZPVELQ
www.sonomanews.com/ Name: _ga
Value: GA1.1.299918025.1628436359
www.sonomanews.com/ Name: ai_session
Value: ibmzX|1628436359691.7|1628436359691.7
.sonomanews.com/ Name: userType
Value: user
www.sonomanews.com/ Name: ___utmvc
Value: pJe8Dy8QxU0lZsrZsb60TSYCcnNOFhuYPUJ5LClKVEnph+UFL0enedM88ql5FoGKUVmt4fnZf0O7rnIKbgTyv+bzdR/y+6Ni7E8T7DyaEImCRozvFSqx61ENtyIpjAXu95a+ywqn/dMGnN00Mu3l3fdvbcCnHbze9pPy6r/HOAeiWilQFArnT/GIB52Kdpc/o0nutxKXmqshLDJpF/5SGr322F+wmyU8CjfOYniVBDJlZP+P9TGzpteqepCZwvOMZF8YcMLuodyrUzO1TXFpCZmbcSui+WYBksB6TPbD9jY7/4IpdykRCUx9fABVlAantYxbZV+rIF/tDFTkB8/l3nmyrdM3z+4Qsp+ooLtocffusLkl+C+p/BextNaAzjalA+tcJn+g3pOOJ4XgqI+TGX12Y5zBAmduV5YDizaH+AyxbEPOT90ZtoCdfwUz+1C9g337i1x2FWloqSLg2WQw/jRRts6D3t+OQTA3bNB1F4Rpc61QV5gM3AWQVz6xNNemtUWWLIYZo+MXqMkqWeOmQtGj0G5fXi6cjUMBpboR859Qz7cd/gwBZPQfATvoduqBdNKCtAcYrQ6b5aly86t+KhYToGb37XI8QCK7QOE0YdgW3Nheke/nPwV/f85VGq/I7q3pWOYY+BuiMRkSW2boIMq6AdDlVeDMfOHdZ1w8tSsX0kyow72KYL2OmkGkmEdBXVL312Z7gklqFbgP0a7Pi+Ed6HR0HPqoE0PZo7xX0EIcQccBZKj+BpYlssx1egQLOaUUd4gbQzZ10nv5FsAgIgOfdgzi7yNs+SATE/FYRy0y1UXPIUv3jsgKGuSceTeDeCAgfPvjoUCTcvfXPBTU4ivzEFYbFUZjHvuPNIVs2OWp11TsFsnuXLBSAA1f6cWYUsyvIAmfzd5+zOKWfMfdzgiVRPk4yLsie/3RdNAMPQPkPJyOQy4LjEeVzfxcoGggkYBtFbZ9928iq0RWalCiRPOVumtm/AvkroUW4oTJw5Xzr3ObUmuQsUudS8VONmSgp1zRZ+X0GmTpvGmMARh7zvoco1R4U518+ulJDGnNAQ7xRvUfBUFCf0Yja56GT9EU76wWyg9lEvC1rGU7M3iCpjpXxhFvQVZIV/LPnd+VA2im6TcTXuOnodVGtJ7kProGLyoSju1PrTRi0OKBelBLGhuHdIV+4vb8854M6+R0kh9rCM7vfrvqPVScw80LLUi+uXjk8FiXJ4TUA0mFsJ2DQpg3G/ChVo4ZlD80xiNuORvZdQ/fsfoxRvBLAe1kZlLrmhF/vWyap6reuBQa8y3Etit8F8foUlMlWGeMn/bgtfO8nq/yAzAvQayZCpy6PgtGGVo8P+SE9pktBOoWV+NpkNCL/QeyjLzbixqTNVYw9V0pMociqnxvU6Mten36D+2nbHpmEMDePnGY3GTzOYh7CJiIMJ6byzfuDC+fhycUbVwFHsXWDftRULe1wXsdMLAp8H35FbIAxhwQF8HubozP+2EiDJMO4Tv11FbVTVrpiCdCRLC82biLVS8iZBIItDMvQcrF7TzdB6n0l7cZ2l+vsQabfDQGckyUbEfj+GeitZAY+RDZ9lnGbTe8Fpzpn31nphBnqAe0STnAsrAl4Dpp6QHY7ZU/Abtd9UaYLxvp8rtpIA4b0D+kz7RppEtyQhDX3h5Eci35Oqn/naDiNEG0nkPyZFq0fpHhJEEVww5jId/LKCRMbbzNz+JI1SZkorHVe9wGscO7i1kfECaZmU292XzrUV22DkjDThAWuMFil+5CdS+rK4D84opD67ESJEbTIFgG4OhuR9m+QrC818XXnCxXwTRJgk9qhAYdPYTYQ1/MyG0LqzBXm1F6t5BAfs6gLWLiP2D5cowTxzCxJUduxsUvia3lbZ5H/gWP0Ln2NCXn3rW4K0vi9DE6oziUHDoRQOGAol4kzYyKDMyL6bQg2eTsX9O6LIaE6VbgM5r79B0gIlBq8GW7CYrIGR9K8qZuj2fzHxQPDTvogpCk2IGlOnyE4ZXht2czoMzGc7v4d7PEx/zw8l0GHDWM/qh25q7JLGRpZ2VzdD0xNDA4NzAscz05N2FiOTFhZTk5Nzk4NmE4OTQ4YjhlODA5NzY5ODdiMDg1Nzk2NzY5NjM5OThmYTQ3YTc5OWY2OGFkNjZhYWFkNjM4MWE2NzI5N2FiNmQ3NQ==
newsletter.sonomanews.com/ Name: ai_user
Value: E+T3q|2021-08-08T15:26:00.628Z
www.sonomanews.com/ Name: _chartbeat2
Value: .1628436358943.1628436358943.1.BzfbddBWErjCBt4N_dCCHR1aCdON0F.1
.sonomanews.com/ Name: _matheriSegs
Value: MATHER_U2I_FIRSTTIME_20200522
www.sonomanews.com/ Name: _cb
Value: DJvFEABR92ADB7LpIl
www.sonomanews.com/ Name: __atuvs
Value: 610ff786610826ca000
.sonomanews.com/ Name: _sp_ses.35b1
Value: *
.sonomanews.com/ Name: _gat_UA-37401929-2
Value: 1
www.sonomanews.com/ Name: __atuvc
Value: 1%7C32
.sonomanews.com/ Name: _ga
Value: GA1.2.299918025.1628436359
.sonomanews.com/ Name: _gat_UA-55293627-1
Value: 1
.sonomanews.com/ Name: _gid
Value: GA1.2.723143851.1628436359
www.sonomanews.com/ Name: _cb_ls
Value: 1
.sonomanews.com/ Name: SIT_free
Value: 1
www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more Name: ntvSession
Value: {}
.sonomanews.com/ Name: _gat_UA-37401929-3
Value: 1
.sonomanews.com/ Name: incap_ses_1309_813078
Value: eX6CSuOr8jvX3CLO0YAqEoT3D2EAAAAAog0uZ+q97DIxVPbaXAIk4w==
www.sonomanews.com/ Name: _cb_svref
Value: null
www.sonomanews.com/ Name: ai_user
Value: GB+Wc|2021-08-08T15:25:58.775Z
.sonomanews.com/ Name: _gat_UA-44780506-1
Value: 1
.sonomanews.com/ Name: nlbi_813078
Value: Dy+pHbrxiTbtMjGrdG/KRAAAAACyEFrtFKwuwX124wEtLK5W
.sonomanews.com/ Name: _gat_UA-39519010-1
Value: 1
.sonomanews.com/ Name: _matherSegments
Value: MATHER_U2I_FIRSTTIME_20200522
.sonomanews.com/ Name: visid_incap_813078
Value: weuOsIz6Si6ox9hfEVf9iIP3D2EAAAAAQUIPAAAAAAD6AlmDpHAh4fYCV1KhThjJ

35 Console Messages

Source Level URL
Text
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 637)
Message:
VF: Subscriber = null
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 656)
Message:
!=!=!=! VF: user is NOT logged in
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 657)
Message:
VF: subscriber = null
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 948)
Message:
VF: VFsession = null
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 950)
Message:
VF: IsSubsciber = null
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 952)
Message:
VF: VFemail = null
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 985)
Message:
VF: Code v1.99h
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
onload https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
onload https://fp-cdn.azureedge.net/prod/smi/fp.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | FP loaded by path - https://fp-cdn.azureedge.net/prod/smi/fp.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
onload https://g2insights-cdn.azureedge.net/prod/smi/g2i.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | DL loaded by path - https://g2insights-cdn.azureedge.net/prod/smi/g2i.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
onload https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | NXT loaded by path - https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.js
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | NXT loaded by path - https://cdn.ayc0zsm69431gfebd.xyz/prod/smi/t8y9347t.min.css
console-api log URL: https://code.sonomanews.com/2020/js/george.js?ver=20210723(Line 60)
Message:
IPaddr = 37.120.194.180
console-api log URL: https://code.sonomanews.com/shared/2020/js/base.js?ver=20210723(Line 579)
Message:
jQuery.throttle loaded
console-api log URL: https://code.sonomanews.com/shared/2020/js/base.js?ver=20210723(Line 579)
Message:
Swiper loaded
console-api log URL: https://fp-cdn.azureedge.net/prod/smi/fp.min.js(Line 8)
Message:
Location is ready [object Object]
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | Plugin FP is initialized
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | Plugin DL is initialized
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | Plugin NXT is initialized
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
<<Loader>> | Init time 1032 ms
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 669)
Message:
VF: script loaded
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
onload https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
>>Loader<< | Some from plugins is not loaded TypeError: Cannot read property 'init' of undefined
console-api log URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js(Line 1)
Message:
<<Loader>> | Init time 161 ms
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 885)
Message:
VF: username = Guest
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 890)
Message:
VF: They think I'm a guest
console-api error URL: https://cdn.viafoura.net/vf-v2.js?_=1628436357799(Line 6)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://www.sonomanews.com/article/lifestyle/kathleen-hill-panda-express-new-tips-menu-and-more/(Line 941)
Message:
VF: Logged Out!
console-api info URL: https://player.ex.co/renderer/b71320bf-a887-4bbf-b977-d585281f3ce6(Line 5)
Message:
[exco-log] - 8/8/2021, 5:26:02 PM: logger - enabled
console-api info URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6(Line 6)
Message:
[exco-log] - 8/8/2021, 5:26:03 PM: logger - enabled
console-api warning URL: https://cdn.viafoura.net/chunks/da.5b91ca618d14d4ddaae2.js(Line 1)
Message:
When keyboard focus is enabled, an aria-label must be provided for the round icon button.
console-api warning URL: https://cdn.viafoura.net/chunks/da.5b91ca618d14d4ddaae2.js(Line 1)
Message:
When keyboard focus is enabled, an aria-label must be provided for the round icon button.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

624c7bef0e553c1344f62309b7443c15.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ad4m.at
ads.adventive.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.dk
ajax.googleapis.com
api-mg2.db-ip.com
api.pressdemocrat.com
api.viafoura.co
assets.adventivecdn.com
atrack.avplayer.com
az416426.vo.msecnd.net
beacon.lynx.cognitivlabs.com
beacon.tru.am
bh.contextweb.com
c.amazon-adsystem.com
c.disquscdn.com
c1.adform.net
cdn.ayc0zsm69431gfebd.xyz
cdn.cityspark.com
cdn.czx5eyk0exbhwp43ya.biz
cdn.jsdelivr.net
cdn.sbgsodufuosmmvsdf.info
cdn.viafoura.net
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
code.createjs.com
code.pressdemocrat.com
code.sonomanews.com
csp.azureedge.net
csync.loopme.me
d1wa9546y9kg0n.cloudfront.net
d5p.de17a.com
dc.services.visualstudio.com
dis.criteo.com
disqus.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
feeds.sonomanews.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
googleads.g.doubleclick.net
green.erne.co
hbopenbid.pubmatic.com
i.viafoura.co
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
imengine.prod.srp.navigacloud.com
img.sonomanews.com
jadserve.postrelease.com
js.matheranalytics.com
loader-cdn.azureedge.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mcd.ex.co
mwzeom.zeotap.com
newsletter.sonomanews.com
nextdoor.com
ntvcld-a.akamaihd.net
p.cityspark.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
playbuzzltd-d.openx.net
player.aniview.com
player.avplayer.com
player.ex.co
polyfill.io
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
premiumsrv.aniview.com
privacy.sonomanews.com
prod-smi-proxy-connext.azurewebsites.net
prod.ew.srp.navigacloud.com
prodmg2.blob.core.windows.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
rtb.gumgum.com
s-jsonp.moatads.com
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonoma-index-tribune.disqus.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.crwdcntrl.net
sync.mathtag.com
sync.targeting.unrulymedia.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
tru.am
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gravatar.com
www.i.matheranalytics.com
www.sonomanews.com
x.bidswitch.net
z.moatads.com
104.109.78.125
104.26.5.15
107.154.114.220
107.178.250.234
13.224.89.182
13.224.90.44
13.224.96.31
13.224.96.80
13.248.242.197
13.69.106.208
13.82.152.48
13.85.16.224
142.250.184.226
142.250.185.130
151.101.0.134
151.101.14.137
151.101.14.49
151.101.193.26
159.253.128.183
159.65.197.210
162.55.6.213
178.250.0.163
18.159.140.98
18.195.75.70
18.210.180.232
18.214.172.53
18.232.230.29
184.30.24.121
185.29.135.234
185.33.220.243
185.33.221.53
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
192.237.183.80
192.237.253.150
198.148.27.139
199.232.196.134
2.16.107.122
2.16.186.146
2.18.233.180
2.18.234.21
2.18.235.40
2.19.35.65
2001:678:cb4:bbbb::11
209.54.178.82
213.155.156.166
213.19.147.42
213.19.147.45
216.58.212.162
23.47.209.80
2600:1f18:44f0:4864:9fd9:9aa3:29d1:ddae
2600:9000:2057:3800:8:2ae1:d740:93a1
2600:9000:2190:4c00:18:1fcd:34f:cdc1
2600:9000:2190:a800:6:8656:f5c0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::ac43:db6
2606:4700:20::681a:274
2606:4700:20::681a:bd1
2606:4700:20::ac43:4af5
2606:4700::6810:125e
2606:4700::6810:d735
2606:4700::6812:1640
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9b
2a00:1450:400c:c09::9c
2a02:26f0:1700:d::1737:6ea4
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:bb91
2a02:26f0:b600:188::2c79
2a02:fa8:8806:20::2040
2a04:4e42:3::485
2a04:fa87:fffe::c000:4902
3.126.56.137
3.208.219.24
3.224.226.7
3.226.102.122
34.199.28.94
34.240.223.28
34.253.109.165
34.98.107.212
34.98.64.218
37.157.2.235
38.91.45.7
44.194.158.136
44.232.216.209
51.210.112.236
51.255.68.171
52.160.40.218
52.208.41.69
52.216.152.116
52.22.56.164
54.172.246.227
54.246.13.173
54.93.69.146
63.251.232.170
66.155.71.150
69.173.144.138
85.114.159.118
94.23.171.206
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
024b177a99e0291823b74b044f6059b7b573045ced813d6496263ea80e068e83
03e610f69371c78da7b88ed4402def879db9f363326aa72c2b9de9fee434aebe
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e6cab9ff8c379a16908b59b6bd48b397a80d3f64ed11dc2d443fcd9f831090
077276bb58e0d973305bdce752b538adfe7d98aef4c6c32879731959f57e311d
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0b270bfa6bc89a13f6c4ee98723581eca184e6a262d2a0f4eeb573bd62c06faa
0b6e506bcfb98732190b8305693c60ef43d022a9a5e7d403710ac88d92225538
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c94cb79da03678eedd236f35907001d2d140188ad575145310566681b05f1f7
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d898d72919920b7c349df8fa058f9878430222f1d6ce50b2fe880e37aa7f7e2
0e0368f7db79a8140d794c4e7ff6a311baca4c600a09fc3e6dac216d58bd74cf
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0e8ec6602742bfd62fae6e8a74fb682252785b86d1be81e1e4058f17c06513c2
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
14092a622d814ba306f2ccb82d779ba8ec8d4a57a4d2976b7bd23dc9a48fc196
141da9a07cf53f3c17262cc386e861fbde16b0c1894a6cea78a4a6b61badc576
174bbbb5f964fdc29bec4311ca257334843a4687fcb985a8d7edc4eb0650fe19
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a19798b27880b7195576bc1496e03b48c91768c77426f7c6dd13cf08ef12a6
1a8c60d32af60f9fa58c959b10196747b785590a93fb7761983ae9f25556af59
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
201896502fd4a1418659723632303c74dc47c7d7cfcfdaf0eec8360e7ee2e7c4
203c81b99bb75863f6c609f282f65f3e9c169495a0829ceb32907803bac9459d
21ac7a12b331ab755404b5663ed65f4c24786fd2543165318ed92b77538c2337
223d37ca70440c629a33ce0013081965b124c5a18bd605850babca1cfbb77310
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
257510b2eb0c53ee0321d6e1fa3b5055b6190c06eeb73f5ac9493f6c284a4a57
25b1bf3801d70b288d1fd96dabbb0924e5d3348e682bd620fb8baca0db8214ad
269cf169b4188020239279d162fc34aaafd3b835ce600534d830499a7a049acf
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940
27e5f262d6c35f5f6a08599d76cb1ff7dfe7a79fe34e06e35348638885969524
27e838138000eada704b4d9b61bf71e9bc1f8041559c50a3f9cdb9cf8add6faa
280aebc6734a4b435166b749670b703732dd5e92403221f54f2f3a75a9f1a83e
288b8ce02bde35c83a8f570982fa895b655b9f0b05d7c64e7112da1e92e484aa
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f253b954e778d837fd7dcc289f92d9fee395b81096f4b07c9226354eb69cfe6
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
3259920e18ea0f84eadaef00ee3a09a26ca9b1693b15c15175f22c746122dfad
32c845e86d965d4249fd9670214ee0acc4d4cf2b54d8b933ca108c8b408419a5
350002b11c9bbbd4e5d0ec5e00ce81c1e4e3def3c30d91b05ad75511149f36e4
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37672193f9c20b8c647338d6824b4620da80adc0d047c016ebd25b9f840c40ec
378a0d8d443eb6196fa42cfbc52259e84fcc2b66fa75167bc3087ba80e4553a4
37c9d4b25506c10f963bc08344dbd5df1c8f79b8556ec137f0c421bebd597616
399db32d675bfeb7ab917d2f549136feeb67a67b2a7095129a17104892a92cf8
3a95d2a195854249735bba836b135983a5542f58ed47c6368184ebd92d2563d8
3ad2ea68c40d3bb8c4594683dfd2d2b4ff59433d50672f7408d5a3365dbeb5d2
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3e7b370db7cbaa7060ccd922c5730433db9fa3aea7b9975b746cffae107a54
3f819b55d39ffd5996ec878ceb96729a9ae912083dce40a1edf0f6943adf1516
3f8fa488e1d0927ac3b44d53dc52022817198da93ee31e76238c5ead247027c6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401d5c523f0d2dd193df65b0c6f3115f94a8c7c305129df8570072cb05ccff8c
412a9b5e75e3672ee7467bc51ab795fa199a9708d107b1fbe2f74e63b4ad6983
41501cd26dd635f1451f29be3a859218e6e09ffde483a7e68c585cd39a658f24
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
42e339dbca79f2cc9d6baa24c1b4d2a1ee889f844a2b591c53d381d57da67a88
4389eb4567e4e9953c6932bf957f49955e5b841e1d18028a2daab9a1db629330
46a08b5c19831e7ae02364188fc88776f98cba7d160a1e9963024457eff99e78
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b3dd81894be385451af1daaa0503a31d0e71f22b614d326926220402fc2b00
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a519d2bd3043b930e0bbc73d78b2c4d672981401a8de9e846831502365c4509
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4cb66ddbe1e3464f3adbf7cb7073b9aa2aa6482073686918bd4ce5c8415c5153
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5309d8544d349e2650136da2909d604fe44cd47e938b7066580a9ede10d765fe
5399bb96c27d29bf5c8f389f673ab6b05e185acd80759f93878db18cb10ce5b1
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
5412bd44b32529f8326da134495784aa6514d89ecd542eda32a70bea29c649cb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54c106a4d8074e0a57a6b439a93c6af2f9b21bf1e77e8ff62f38c09c05cfb2b9
5503be625fb65018a2a5f60c61660b6af6bfc6a96a35217a0c506f1e5e83db6c
5743ed63aae3df0518af28d321d5b89d3e2c18186e95ed881e76a827ca11897e
57f2307b8e823f173f76d04fddf39771a5282649ca337be3144634ae3f976c74
58e91e83d0901f31ba8ba9db2bf1de76ca63097aab0d3c8dea160a2e15c8d8f7
5c41fe9b5b9888cec9dae1843846e379ac297c0526bfd7e911eb1addc44edfd7
5cfbcbdf6d39487853065c6770cb7b9ca5969bb971409a101fa0b84b545e3ccf
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e9a192c254ff756eeaeea5b3c06f7e1f492119cff260d0016ead01dcc60b34d
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
5feabd72d0c551b298c64d25df355e488c0f92ca8bf0c0989d7f35b92b48fbd0
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c7caccc25ac5d1bff1ba6778f3ffb33e164095e53916c05cc3cecb7fa20e8c
62481370ed59087d216e2d8d8e3142ef08a2dc7ebdf73b13afc94e5a642ad21c
628c7ba9e6e74db2ae605d4b9b37bae527d862fe410d5a61dbe05c73dfbd6b5c
63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b
6441dae97ea8bc2de4563a9657aaf344a912e2396dea78bfb61ec7339595d19a
6465011a3d124936db1c36d44adaafedd6306810439abd1f1471e66aafa3302c
656e18b90d777da0472d6162311435f7c3f07a9c3cd448873915effb381e04c1
65d668dcf48e621ddd25d0d34142224bab0cd31fd2968cb319482d4fd6d81bd1
678ba3b30abc8363927f1f706435fb1502722a2525007767d05b1b5a8652f13e
67f0791d8ad199cfcfd11f01fe36ea7c2dafb86a525ccf536536d04e473669f5
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
6a3228f9f4284eeb498133210d0c3a1658778955a64510fb5911a6037e8a11da
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6e1089cb9e94ac8049a65c329e9521f9dc847b1b5247566166c988baf1b18c82
6e3f03de8f4580ae59367431d81af54d6f2dcca2daeca79ee5aae0ef226012d8
6ec84b7ebe22c1dfddac22a4e78c54c9d7f13e21013ca484b2b9d37339f65c93
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
6f97108a584cf78cd88bc80be0b5aa74297734812fdc242a6b31915b63bd72da
71167f55c0d61dd219b7d09dfcf0c1a562b09259957cf009c233271ca6382acb
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7561e71302a8ebf23501274dbb04ae2927d2b7c9161ab301c5cbd284cf55e178
778394d82d69dddc2c2885bc1f6a5b6997b6769f845ee1ce5aae912db4765a05
7815b0e52a41baae1d87367912d436d113669ce50ee1cfe9a52021ddc2098601
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79abab33da04fa178112aa141b2614a18d658cd207eda0028bdd6cf60f6f6e14
79bb2692f4c7f1a8d434e0401b0963fcf36682368c7ac65ef0a3724ce0fa016e
7b2632ae2b032a1fc4c6cfc0db70429c6b74db86f3331fbb67d2f50fe5d897b0
7ba7d2e45f0f982339af039e10e99300c759eb0a78e946f357fa8b82dd009b38
7c27599b76a80d009363290ac75999ff455ab4027a7dc6d78f92c99b49e1e1b7
7c87d91c4f14ae5471fd41853b68ed852c23945d5099a9519ac79b02de271f9e
7dabbf2eb1305dbcaada033fdfe1c27a658617864dc6c5f4fa78fc320cc8a118
7e0c043f923fef46ce0147fddb4bc90360d029b583d3a3cd18d2535319404812
817d8e17fa9b007bd98618831cd4d3d63b5b61cdc254f5c595cf5eb1a83ecaed
8210a20a3c11b2b55b9965551be9f7c2b6f45a9c3b85b4b2cd7ad76aea29bfc2
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
83eedfa3ecc375f45f5b2a979b3933518da9a8d1ff90d99c244bcb6abaccbaca
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
850931fcaea80e7b1561deda0b929ec097e33e52df386ce746c4204d454fd427
8585bc8bf997fe6337d67c082ea7d2dea117ca40ec5f0021842c60cb2dd4006f
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8782f62e2cacc11d603697a3917c918888aa663e7a9dd079f5cddbc1b0314e88
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
887c01d08fc56b829edaf80102797278a2b2e526524db88339068929cc0bc38c
89234974f4f5edbf161ab923eea26c14f9fbd29031a7b68fb64084eef4c7296a
89511b37628291c235e6eec067d6c2f24c07ea9bda9228a7a065fbaa181eea8c
89aa829cef754dbeaa10b6953f9ee5d79f522325b462c6fb7faccb50f4e96b51
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9
8f430281b1b40ad9a9d625232ae0e858324d26cdf2138743580a805852ffa2a3
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90ac61aa0fa9e0b3cd741faa42a245a033856c06fefcfcd29a234da17fc7accd
9141a4577e616dca6cb44e8cb86b2ed4968b1d6784f8f1c7b191f090a5d6dffb
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
957f1f7672c9f8b7935f9f7ab4c41a63c01b8f014bd47ab37b276b741bd5743f
963945fd59e5837979695eef6f14a7751b0b42af4787964f9e82b85eebf13de5
96ad0a484ed2096f062d3042ed65e1b462e1c3be8179ca5aa2d237adf2df9a97
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56
9a934b48b6096b33e3a0ed7a2a34e746f59c96698a75e483fc2fd0aee0d236ce
9b24d927bbabcc57d474af737cc6dcb9094d1681231e5fef86e397841abae1e4
9d125e143a32bd4512909ef7feda4794945411a439423f63893f1d755199d459
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1752e38bdb98eae0d4c37b8c8004eeb80fad6b28493ac29941f24f2a1f78d3d
a318e42000dacc0a95a42f31d04797eecd14807b4ce87f8a973132c3b7ed4f37
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a43cb319af0f302958bee81e8fec135b4fa7c6423d163245b48e8f7832f393fb
a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a61ac6c484a8c27270b9c0baf2b20e0c6519ad084c3d4eb4e36a4f5f472ecd87
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad39c6a1b09e253bd1b3a9e89ec01e9e5016648d3b47a7f5f0b93ae52e69d811
ae37fee1d2ad3a982c6eecd83c8dbbc0c7318374fff1f05d4dbe683417d3dea7
af290d929f67b216ac0f00ab9136f417a7eb949f791b67b3cab245a24197705e
b099273ee952152ff978f7fb433181ff44ea35e514564eafa490f5e0fafca294
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cc41d34e072c2875f4e9b8ccab71fd0564c2a7fcf6819ed6025fff95400b6c
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b58ee3d7b8cf7715cb2efcc2910ced1fbeeac027b23a5f5b600cd8c07c100b1f
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b817dc11f25f1066fa60bced66d1ae1d4b0bceadef2bd614ecbf5ad35306247c
ba2bbdce8c5fa34cbb914216efe4fe93361c094210f96f8877bbdec566569479
bbe52492dfa9f64adc7ebd298a2e3c22ad19ef5d07be1953a8dfef88d14419ad
bc9d302a6b8b00d8b06689a25bd3680bb69fca22e8813dff870050d69aec4730
bd3e001cb80ab806b186286d5942444cd4e7a566e862db1a98b483da24a8f60c
c0309e8a18729cbedd0a1f0a2ed11db097d1cb2807bfc1d5b7d8c4baecd0fbfe
c065075ef6b6f42942d896ecb14430eeaa35a21746b1ae7a4e5397b885792f1b
c132b9e55bc0fde269d8b42052b41fccb4484e35ed87574df63d2a40fc0d2cea
c21d344a02e8830a1696fb0fcdd2f2ee6db4b7ae33a790ef0a90a71d29a55b2f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c297470d815c7c491b3752390789cfd8411ecbaa269ba2a73632b2b30b086612
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
c4ae4ce27bb586d22f2717ad56d0386f683520b33d1f3ce7de2d267d032ddcc4
c50569d1c3b53355437d2e0afc1dfd15abb305e698cce6f8747a5089d6d603fb
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c7e62c11052983aa6d0f1074aae23f06c1007a275042f29584ca81edfa0ed0d6
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8a1a9c3b3cea994688c11eef8a0b9ffb9047fdd77b9db946471b75485a2d7d6
c8fa8434fb243ffca2b78166cbe0cfa84ec60e6076fed6b260322cd60f6f5dd7
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a
ca962c979a0c079867900c2d4e79ad1bec01daf6766c5f60cbf3ba1bd6fdba24
cabfa116a22a727daccc08106b151e158d9ad373391d90d03dbd811483c8a863
cb690783588895d4fdf5bdf7ba22870672b67b85c9bd5c3df4643e61e6b4b19f
cbef5be35e9f58fbe3763fbd707d1ed0fe80f1d8e59814afdbc43a2d19e87720
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
d38671ef17911760261a060b4ab5f611aa715966b8fd51cae2701df7559da62a
d537f29c9db5fe72760e452232799b5c623fb64c4f6e8fae5e9c216ea55446b5
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6ac6b14ef0f4172e98ce4327ec835fd0afac86ee7b3aa871e731ab2f3e930da
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d73088906945f5443bcf75f31d6ba821ec4c6034ac6c36bf2398ff4949ebf815
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7c7b617c3181cd31da9e520a79c81a31a4e0915a7a2ce8c4cb5c22e344ae9a9
d83c6926a4e5c71a54dea347a6c84a4cad5abc6c3d59e89d6478ea1fe0af095c
db25f7120ac2dfa5875d458b77efb560eb4169f1e2fb50ef0ea96927d3bfe052
dbe1d7f9952899ee4f2ccac42616d4d5557969a15e3ab2911db119bafd4bf293
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0bb4f2d98e441a6c420464184d5a0dd5f800934a2bd30cc0bc7dfd35613ca3
df50c87ff6b4e0c622a5aee48157b6d0ded3ba4c78c3923500f255ba0cee1118
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
e21385fc29fecdcb0cce90fda03d4d4929475c1a9c3701cd058561e816873373
e336b178b8ee9c7b215b7fe6acfc44942716261cd9b130c813af5348fb152f0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e547d379636bea811226e86cd61c7fbe5e86f7042e04a84ef1b1928cd48a89f4
e5e9bb24ae7c06f8c03e85e337e60442ed5a57d2b7aa5482b3fd4e641baae335
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e675bf3324e8f677eb0cd05aa10859e2f49020f30581e3466f93338d62590fbe
e6bce316dcbcf25f463a31483ebb0f35158bf0395b26bb10fd09ec2a157b37c0
e75387a906862ed0264776e168898258c93be468b3215d2c066a4e78a49697e0
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e7adf49147995e5b1f0b1de45c1a8e184e4a4a0972ed68a0ca4fe807356c3da1
e80d68720775596e8c4160e285582dcd8ee1e0095ca85cfa875155cdbce28e7a
e98baa4b78e46bb258e826b9f05d568fb65178457cee632c0423ce399c83cf70
e990cdf1ddefda0d99e457090303e081ead72557e33eab64b17709ba2ab69c0a
ea17174ab03f3417adac0c8fa031c71e97c16550a826b280fcb230dc943bf904
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb012d35873cf2682901744c3e07e98ad0aa6f3e5f24abf362c98bae3ebe48c4
ebcf8ea5ae255229cf913c6c9f08b248c9e071ed48a566320527235d8a9a5a3f
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec8bd806757a654105716a2e57cd14005f424a6c48882ce8f3c5509542fe886d
ecb0f53b76d0c4de3337d40c679fbc4cfeb58fc99cfb49760c61f64d01c7f17e
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01764a6dbb4c60440ddd0827114d8f178097f3abdc51ef6655e6ed6733a057e
f073778f8705fc2880a8bf5f41e1ec6ae4eba915e9162f46d5d783bafed74e2c
f3a780365f68a75603d5c3c324fffb9daefa5c6aeeab4b5ca3a5137752d11543
f65482805ba45c86f49a2591962171fb1b137b76679725a93f9c71bff1c8badd
f797a4bb500d8e8946929d6e108ec12659fa74388a4df86ecb53e56859e26b0b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f89bb174916bd0cceca4a00ba586ffe8d7cdb9f9f4d4265d3018b60b9174f45a
fa485110de6ebd92b11121bb53fa1787c4084df28b8c19f8693b84bbf31f92b7
faaf93350f20cba58c86f904442b82ce75172e758d2b506034afcc3c923eed10
fb21b8b3ef62e21f92b8cb4e80310989fbd7b29535b393b6ce6ce91b6c9e2b5f
fb580f07bc7ad6843b1363c6b6179b5160eeaae399156b1a51fbf5a667c76698
fbc58176d281ddc0caa4af91ba0154a26d901cf3481ba9964c1e4804a4075c12
fbfaf064614ba157ec76c38ed0d17a235e880e2959cd3fdba0f5e408fe416689
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fde3c0809ba99eddd072f9bb14c1f2fe07f6cc4ec924f99fd2aa4dd50e06cc3d
fe376626e35270fa60cf647c476851387d93440816777c74fce6437e273ef612
fe5d16c1b76dd3f207eb14d022a20cf0bbc446fb275fbbe6758ff618f3479d00
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
fecf49489b76ce1c49e59221923ee5e335522b5261e26772aaa2b652d4711254
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e