urlscan.io logo urlscan.io
SecurityTrails logo

fox4kc.com Open in urlscan Pro
192.0.66.128  Public Scan

Go To Rescan Add Verdict Report
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Submission: On April 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 11 countries across 116 domains to perform 723 HTTP transactions. The main IP is 192.0.66.128, located in United States and belongs to AUTOMATTIC, US. The main domain is fox4kc.com.
TLS certificate: Issued by R3 on March 18th 2021. Valid for: 3 months.
This is the only time fox4kc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 192.0.66.128 2635 (AUTOMATTIC)
15 2a00:1450:400... 15169 (GOOGLE)
2 151.101.194.133 54113 (FASTLY)
1 13.224.106.129 16509 (AMAZON-02)
9 151.101.13.194 54113 (FASTLY)
3 151.101.113.194 54113 (FASTLY)
2 2600:9000:20e... 16509 (AMAZON-02)
3 142.250.185.98 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.224.106.48 16509 (AMAZON-02)
1 35.241.40.69 15169 (GOOGLE)
13 151.139.128.11 20446 (HIGHWINDS3)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
4 104.109.85.134 16625 (AKAMAI-AS)
2 192.0.76.3 2635 (AUTOMATTIC)
2 54.210.4.204 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
3 13.224.105.229 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 184.169.253.10 16509 (AMAZON-02)
1 4 52.30.148.233 16509 (AMAZON-02)
1 13.224.115.202 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
9 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.234.163 16625 (AKAMAI-AS)
1 3 99.84.144.7 16509 (AMAZON-02)
3 2600:9000:20c... 16509 (AMAZON-02)
1 99.84.144.63 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2.18.235.40 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.197.178.4 14618 (AMAZON-AES)
74 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
6 8 37.252.173.38 29990 (ASN-APPNEX)
1 52.58.26.10 16509 (AMAZON-02)
1 184.25.115.31 16625 (AKAMAI-AS)
8 213.19.162.21 3356 (LEVEL3)
1 3.236.169.17 14618 (AMAZON-AES)
8 34.248.121.96 16509 (AMAZON-02)
2 142.250.185.66 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.219.139.115 16509 (AMAZON-02)
1 99.84.144.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a03:2880:f11... 32934 (FACEBOOK)
1 20 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 54.246.217.185 16509 (AMAZON-02)
1 2600:9000:20c... 16509 (AMAZON-02)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 2600:9000:211... 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
1 11 52.95.123.167 16509 (AMAZON-02)
1 34.107.241.86 15169 (GOOGLE)
1 99.86.2.118 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
16 65.9.66.21 16509 (AMAZON-02)
17 54.194.104.251 16509 (AMAZON-02)
7 14 2.18.234.21 16625 (AKAMAI-AS)
1 2600:9000:20e... 16509 (AMAZON-02)
2 104.111.230.142 16625 (AKAMAI-AS)
5 9 34.98.64.218 15169 (GOOGLE)
4 5 72.251.249.14 29791 (VOXEL-DOT...)
3 3 3.121.70.57 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 72.21.206.140 16509 (AMAZON-02)
20 92 142.250.186.130 15169 (GOOGLE)
5 9 76.223.111.131 16509 (AMAZON-02)
1 2 52.30.135.179 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 52.48.151.83 16509 (AMAZON-02)
1 1 34.196.186.87 14618 (AMAZON-AES)
9 18.159.2.174 16509 (AMAZON-02)
2 3 2620:116:800d... 16509 (AMAZON-02)
7 8 37.157.4.29 198622 (ADFORM)
1 1 37.252.172.45 29990 (ASN-APPNEX)
8 9 18.158.181.33 16509 (AMAZON-02)
1 1 70.42.32.31 22075 (AS-OUTBRAIN)
1 1 3.225.15.51 14618 (AMAZON-AES)
2 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 3.222.149.159 14618 (AMAZON-AES)
1 193.122.130.38 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
3 3 70.42.32.127 22075 (AS-OUTBRAIN)
6 7 52.28.69.126 16509 (AMAZON-02)
6 6 213.19.147.44 3356 (LEVEL3)
1 1 198.148.27.140 19189 (PULSEPOINT)
3 3 185.29.133.58 30419 (MEDIAMATH...)
5 5 151.101.14.49 54113 (FASTLY)
3 2.18.233.180 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.44 2514 (INFOSPHER...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
3 3 185.184.8.30 204995 (RTB-HOUSE...)
4 5 69.173.144.139 26667 (RUBICONPR...)
77 2a00:1450:400... 15169 (GOOGLE)
1 54.220.146.206 16509 (AMAZON-02)
1 1 69.173.144.138 26667 (RUBICONPR...)
16 142.250.186.34 15169 (GOOGLE)
1 2 104.111.242.245 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
3 4 185.94.180.125 35220 (SPOTX-AMS)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
4 4 18.156.0.31 16509 (AMAZON-02)
1 2 2.18.234.233 16625 (AKAMAI-AS)
1 3 185.86.139.114 201081 (SMARTADSE...)
4 69.173.144.165 26667 (RUBICONPR...)
44 3.141.126.26 16509 (AMAZON-02)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 1 65.9.66.71 16509 (AMAZON-02)
5 72.251.249.9 29791 (VOXEL-DOT...)
2 2 52.48.137.92 16509 (AMAZON-02)
1 1 139.162.78.222 63949 (LINODE-AP...)
2 2 52.17.35.107 16509 (AMAZON-02)
1 1 80.64.106.149 20764 (RASCOM-AS...)
3 3 178.162.133.149 60781 (LEASEWEB-...)
2 2 2.18.235.93 16625 (AKAMAI-AS)
2 2 3.124.33.142 16509 (AMAZON-02)
2 3 185.64.189.115 62713 (AS-PUBMATIC)
6 6 35.157.48.14 16509 (AMAZON-02)
6 6 66.155.71.25 13768 (COGECO-PEER1)
2 2 35.227.252.103 15169 (GOOGLE)
2 54.64.53.220 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 4 104.111.237.88 16625 (AKAMAI-AS)
2 2 54.76.217.27 16509 (AMAZON-02)
6 6 35.205.207.25 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
6 6 217.66.147.166 29209 (SPBMTS-AS...)
3 3 213.87.44.207 13174 (MTSNET Mo...)
2 2 213.155.156.183 1299 (TELIANET ...)
5 185.64.189.110 62713 (AS-PUBMATIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.106 62713 (AS-PUBMATIC)
1 159.253.128.183 36351 (SOFTLAYER)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2001:678:cb4:... 56396 (TURN)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 52.28.254.214 16509 (AMAZON-02)
1 1 99.84.144.107 16509 (AMAZON-02)
1 1 185.86.139.93 201081 (SMARTADSE...)
8 142.250.184.226 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
723 114
40    192.0.66.128 (United States)

ASN2635 (AUTOMATTIC, US)
fox4kc.com
nxstrib.com
15    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
ccpa.psg.nexstardigital.net
weather.psg.nexstardigital.net
1    13.224.106.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-129.mad50.r.cloudfront.net
cdn.blueconic.net
9    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
includemodal.global.ssl.fastly.net
3    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    2600:9000:20e8:2400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    13.224.106.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-48.mad50.r.cloudfront.net
ak.sail-horizon.com
1    35.241.40.69 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 69.40.241.35.bc.googleusercontent.com
w3.cdn.anvato.net
13    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
ad.lkqd.net
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
1    2600:9000:20e8:400:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.brandcdn.com
1    2600:9000:206f:800:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
4    104.109.85.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-85-134.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    54.210.4.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-4-204.compute-1.amazonaws.com
nexstar.blueconic.net
1    2600:9000:211e:8600:15:4f24:a700:93a1 (United States)

ASN16509 (AMAZON-02, US)
bob.dmpxs.com
3    13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    184.169.253.10 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-253-10.us-west-1.compute.amazonaws.com
adservices.brandcdn.com
4    52.30.148.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    13.224.115.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-115-202.mad50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
9    2600:9000:2057:c000:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
3    99.84.144.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-7.txl52.r.cloudfront.net
sb.scorecardresearch.com
3    2600:9000:20c8:1e00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
1    99.84.144.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-63.txl52.r.cloudfront.net
ats.rlcdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    34.197.178.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-178-4.compute-1.amazonaws.com
ping.chartbeat.net
74    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
1    2600:9000:20c8:e00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
8    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    52.58.26.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-26-10.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
8    213.19.162.21 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
1    3.236.169.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-17.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
8    34.248.121.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
trends.revcontent.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
1    2606:4700:20::ac43:4af5 (United States)

ASN13335 (CLOUDFLARENET, US)
tru.am
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    54.219.139.115 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-139-115.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    99.84.144.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-89.txl52.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
14    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
20    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    54.246.217.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-217-185.eu-west-1.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    2600:9000:20c8:4800:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
evbrhuvkwtis8r5qk6dfliicscirv1619732141.nuid.imrworldwide.com
4    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
scontent-frx5-1.xx.fbcdn.net
1    2600:9000:211e:3000:19:f03c:7200:21 (United States)

ASN16509 (AMAZON-02, US)
d1bvk193qme2fc.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
11    52.95.123.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    34.107.241.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.241.107.34.bc.googleusercontent.com
headerbidding.staqdata.com
1    99.86.2.118 (United States)

ASN16509 (AMAZON-02, US)
check.analytics.rlcdn.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
10    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
45    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    65.9.66.21 (United States)

ASN16509 (AMAZON-02, US)
blue.fox4kc.com
17    54.194.104.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
14    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2600:9000:20e8:be00:0:70b1:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync-amz.ads.yieldmo.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
us-u.openx.net
5    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    3.121.70.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
92    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
9    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    52.30.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    52.48.151.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-151-83.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    34.196.186.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
9    18.159.2.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
protected-by.clarium.io
3    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
8    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
9    18.158.181.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    3.225.15.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    3.222.149.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
7    52.28.69.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
6    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    124.146.215.44 (Setagaya-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
3    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
77    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    54.220.146.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
global.imrworldwide.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
16    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4264:7c39:f94b:b1fb:416c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
4    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
44    3.141.126.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)
includemodal.com
4    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    65.9.66.71 (United States)

ASN16509 (AMAZON-02, US)
cm.smadex.com
5    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    139.162.78.222 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
a.c.appier.net
2    52.17.35.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
1    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
google-sync.rutarget.ru
3    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
cs.media.net
2    3.124.33.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    35.157.48.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
6    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    54.64.53.220 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
cc.adingo.jp
2    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
4    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
tracking.m6r.eu
2    54.76.217.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.yieldmo.com
6    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.avads.net
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    217.66.147.166 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
sm.rtb.mts.ru
3    213.87.44.207 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru
tech.rtb.mts.ru
2    213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
5    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gcm.ctnsnet.com
2    52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
1    99.84.144.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-107.txl52.r.cloudfront.net
s.ad.smaato.net
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
8    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
ade.googlesyndication.com
1    2600:9000:206f:7600:10:f35:4380:21 (United States)

ASN16509 (AMAZON-02, US)
dgcbxsxpz6nta.cloudfront.net
Apex Domain
Subdomains		 Transfer
136 googlesyndication.com
pagead2.googlesyndication.com
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
576 KB
132 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
370 KB
77 2mdn.net
s0.2mdn.net
2 MB
55 fox4kc.com
fox4kc.com
blue.fox4kc.com
953 KB
44 includemodal.com
includemodal.com
8 KB
20 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
29 KB
20 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
503 KB
17 gumgum.com
rtb.gumgum.com
5 KB
15 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
15 KB
15 gstatic.com
fonts.gstatic.com
279 KB
15 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
42 KB
15 googleapis.com
fonts.googleapis.com
9 KB
14 facebook.com
www.facebook.com
427 KB
14 cloudfront.net
d15kdpgjg3unno.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d1bvk193qme2fc.cloudfront.net
dgcbxsxpz6nta.cloudfront.net
200 KB
13 adsrvr.org
insight.adsrvr.org
match.adsrvr.org
4 KB
12 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
33 KB
12 fastly.net
includemodal.global.ssl.fastly.net
confiant-integrations.global.ssl.fastly.net
232 KB
11 openx.net
u.openx.net
us-u.openx.net
rtb.openx.net
3 KB
10 googletagservices.com
www.googletagservices.com
345 KB
10 lijit.com
ap.lijit.com
ce.lijit.com
9 KB
9 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
7 KB
9 bidswitch.net
x.bidswitch.net
3 KB
9 clarium.io
protected-by.clarium.io
3 KB
9 adnxs.com
ib.adnxs.com
secure.adnxs.com
8 KB
9 google.com
ampcid.google.com
www.google.com
adservice.google.com
1 KB
8 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
6 KB
8 adform.net
c1.adform.net
4 KB
7 360yield.com
ad.360yield.com
match.360yield.com
2 KB
7 imrworldwide.com
cdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
evbrhuvkwtis8r5qk6dfliicscirv1619732141.nuid.imrworldwide.com
global.imrworldwide.com
66 KB
6 avads.net
ads.avads.net
1 KB
6 sitescout.com
pixel-sync.sitescout.com
3 KB
6 w55c.net
pm.w55c.net
5 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
4 m6r.eu
tracking.m6r.eu
3 KB
4 createjs.com
code.createjs.com
251 KB
4 smartadserver.com
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
2 KB
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 fbcdn.net
scontent-frx5-1.xx.fbcdn.net
56 KB
4 google.de
ampcid.google.de
www.google.de
1 KB
4 3lift.com
tlx.3lift.com
eb2.3lift.com
2 KB
3 sonobi.com
sync.go.sonobi.com
2 KB
3 creativecdn.com
creativecdn.com
970 B
3 mathtag.com
sync.mathtag.com
2 KB
3 zemanta.com
b1sync.zemanta.com
2 KB
3 quantserve.com
pixel.quantserve.com
cms.quantserve.com
1 KB
3 yieldmo.com
sync-amz.ads.yieldmo.com
ads.yieldmo.com
1 KB
3 moatads.com
z.moatads.com
s-jsonp.moatads.com
57 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 addthis.com
s7.addthis.com
191 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
24 KB
3 blueconic.net
cdn.blueconic.net
nexstar.blueconic.net
46 KB
2 advertising.com
pixel.advertising.com
sync.adaptv.advertising.com Failed
936 B
2 turn.com
ad.turn.com
r.turn.com
857 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 fiftyt.com
visitor.fiftyt.com
992 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 dotomi.com
dclk-match.dotomi.com
207 B
2 adingo.jp
cc.adingo.jp
87 B
2 sharethrough.com
match.sharethrough.com
624 B
2 media.net
cs.media.net
2 KB
2 scoota.co
r.scoota.co
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1011 B
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 teads.tv
sync.teads.tv
406 B
2 rfihub.com
p.rfihub.com
a.rfihub.com
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
937 B
2 bidr.io
match.prod.bidr.io
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 clean.gg
i.clean.gg
104 B
2 postrelease.com
jadserve.postrelease.com
4 KB
2 googleadservices.com
www.googleadservices.com
15 KB
2 chartbeat.net
ping.chartbeat.net
337 B
2 facebook.net
connect.facebook.net
64 KB
2 rlcdn.com
ats.rlcdn.com
check.analytics.rlcdn.com
61 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 googletagmanager.com
www.googletagmanager.com
87 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 brandcdn.com
tag.brandcdn.com
adservices.brandcdn.com
2 KB
2 nexstardigital.net
ccpa.psg.nexstardigital.net
weather.psg.nexstardigital.net
13 KB
1 addthisedge.com
v1.addthisedge.com
708 B
1 smaato.net
s.ad.smaato.net
687 B
1 ctnsnet.com
gcm.ctnsnet.com
481 B
1 simpli.fi
um.simpli.fi
609 B
1 zeotap.com
mwzeom.zeotap.com
595 B
1 adition.com
dsp.adfarm1.adition.com
584 B
1 rutarget.ru
google-sync.rutarget.ru
578 B
1 appier.net
a.c.appier.net
555 B
1 smadex.com
cm.smadex.com
524 B
1 tremorhub.com
partners.tremorhub.com
183 B
1 socdm.com
tg.socdm.com
834 B
1 emxdgt.com
cs.emxdgt.com
1 contextweb.com
bh.contextweb.com
659 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
618 B
1 outbrain.com
sync.outbrain.com
627 B
1 advangelists.com
nep.advangelists.com
232 B
1 ad4m.at
ad4m.at
1 google.ch
adservice.google.ch
799 B
1 staqdata.com
headerbidding.staqdata.com
273 B
1 criteo.com
gum.criteo.com
378 B
1 privacymanager.io
geo.privacymanager.io
603 B
1 tru.am
tru.am
1 amazonaws.com
sqs.us-east-1.amazonaws.com
658 B
1 ntv.io
s.ntv.io
103 KB
1 lkqd.net
ad.lkqd.net
1 KB
1 dmpxs.com
bob.dmpxs.com
700 B
1 anvato.net
w3.cdn.anvato.net
79 KB
1 sail-horizon.com
ak.sail-horizon.com
43 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 nxstrib.com
nxstrib.com
76 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
0 wbtrk.net Failed
um.wbtrk.net Failed
723 116
Domain Requested by
92 cm.g.doubleclick.net 20 redirects u.openx.net
rtb.gumgum.com
googleads.g.doubleclick.net
eus.rubiconproject.com
fox4kc.com
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
77 s0.2mdn.net fox4kc.com
s0.2mdn.net
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
code.createjs.com
73 pagead2.googlesyndication.com securepubads.g.doubleclick.net
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
fox4kc.com
s0.2mdn.net
tpc.googlesyndication.com
45 tpc.googlesyndication.com d1bvk193qme2fc.cloudfront.net
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
fox4kc.com
s0.2mdn.net
44 includemodal.com 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
39 fox4kc.com fox4kc.com
20 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
fox4kc.com
17 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
16 googleads4.g.doubleclick.net fox4kc.com
16 blue.fox4kc.com cdn.blueconic.net
d1bvk193qme2fc.cloudfront.net
15 fonts.gstatic.com fonts.googleapis.com
15 fonts.googleapis.com fox4kc.com
s0.2mdn.net
14 www.facebook.com connect.facebook.net
www.facebook.com
fox4kc.com
d1bvk193qme2fc.cloudfront.net
11 aax-eu.amazon-adsystem.com 1 redirects d1bvk193qme2fc.cloudfront.net
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
u.openx.net
rtb.gumgum.com
eus.rubiconproject.com
ap.lijit.com
10 dsum-sec.casalemedia.com 5 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
10 www.googletagservices.com d1bvk193qme2fc.cloudfront.net
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
10 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com d1bvk193qme2fc.cloudfront.net
9 x.bidswitch.net 8 redirects rtb.gumgum.com
9 protected-by.clarium.io 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
9 match.adsrvr.org 5 redirects ssum-sec.casalemedia.com
u.openx.net
fox4kc.com
eus.rubiconproject.com
9 images.revcontent.com fox4kc.com
9 d2s8wlbatk24s7.cloudfront.net includemodal.global.ssl.fastly.net
9 includemodal.global.ssl.fastly.net fox4kc.com
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
8 ade.googlesyndication.com
8 c1.adform.net 7 redirects u.openx.net
8 trends.revcontent.com assets.revcontent.com
d1bvk193qme2fc.cloudfront.net
8 fastlane.rubiconproject.com nxstrib.com
8 ib.adnxs.com 6 redirects nxstrib.com
googleads.g.doubleclick.net
7 us-u.openx.net 4 redirects u.openx.net
googleads.g.doubleclick.net
7 www.google.com 1 redirects fox4kc.com
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
6 sm.rtb.mts.ru 6 redirects
6 ads.avads.net 6 redirects
6 pixel-sync.sitescout.com 6 redirects
6 pm.w55c.net 6 redirects
5 match.360yield.com 5 redirects
5 ce.lijit.com ap.lijit.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 sync-tm.everesttech.net 5 redirects
5 ap.lijit.com 4 redirects aax-eu.amazon-adsystem.com
4 tracking.m6r.eu 4 redirects
4 code.createjs.com s0.2mdn.net
4 pixel.rubiconproject.com eus.rubiconproject.com
4 ups.analytics.yahoo.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.1rx.io 4 redirects
4 ssum-sec.casalemedia.com 2 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
4 scontent-frx5-1.xx.fbcdn.net www.facebook.com
4 insight.adsrvr.org 1 redirects fox4kc.com
d1eoo1tco6rr5e.cloudfront.net
3 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
3 tech.rtb.mts.ru 3 redirects
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 sync.go.sonobi.com 3 redirects
3 rtb-csync.smartadserver.com 1 redirects googleads.g.doubleclick.net
3 creativecdn.com 3 redirects
3 ads.pubmatic.com rtb.gumgum.com
ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 eb2.3lift.com 3 redirects
3 www.google.de fox4kc.com
3 cdn-gl.imrworldwide.com fox4kc.com
cdn-gl.imrworldwide.com
3 sb.scorecardresearch.com 1 redirects fox4kc.com
3 c.amazon-adsystem.com fox4kc.com
c.amazon-adsystem.com
3 s7.addthis.com fox4kc.com
d1bvk193qme2fc.cloudfront.net
3 securepubads.g.doubleclick.net fox4kc.com
securepubads.g.doubleclick.net
3 confiant-integrations.global.ssl.fastly.net fox4kc.com
confiant-integrations.global.ssl.fastly.net
2 pixel.advertising.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 cms.quantserve.com 1 redirects 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
2 ads.yieldmo.com 2 redirects
2 dclk-match.dotomi.com 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
2 cc.adingo.jp 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
2 rtb.openx.net 2 redirects
2 match.sharethrough.com 2 redirects
2 cs.media.net 2 redirects
2 r.scoota.co 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 ads.stickyadstv.com 1 redirects googleads.g.doubleclick.net
2 ads.yahoo.com googleads.g.doubleclick.net
eus.rubiconproject.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.360yield.com 1 redirects rtb.gumgum.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 i.clean.gg d1bvk193qme2fc.cloudfront.net
2 secure-dcr.imrworldwide.com fox4kc.com
2 jadserve.postrelease.com s.ntv.io
fox4kc.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 ping.chartbeat.net fox4kc.com
2 z.moatads.com s7.addthis.com
d1bvk193qme2fc.cloudfront.net
2 connect.facebook.net fox4kc.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
fox4kc.com
2 www.googletagmanager.com fox4kc.com
www.googletagmanager.com
2 nexstar.blueconic.net cdn.blueconic.net
d1bvk193qme2fc.cloudfront.net
2 static.chartbeat.com fox4kc.com
1 dgcbxsxpz6nta.cloudfront.net d15kdpgjg3unno.cloudfront.net
1 v1.addthisedge.com d1bvk193qme2fc.cloudfront.net
1 ssbsync.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 r.turn.com 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 s.tribalfusion.com fox4kc.com
1 a.tribalfusion.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 a.rfihub.com 1 redirects
1 google-sync.rutarget.ru 1 redirects
1 a.c.appier.net 1 redirects
1 cm.smadex.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 pixel-eu.rubiconproject.com 1 redirects
1 global.imrworldwide.com fox4kc.com
1 p.rfihub.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.outbrain.com 1 redirects
1 secure.adnxs.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 nep.advangelists.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 s.amazon-adsystem.com ssum-sec.casalemedia.com
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 s-jsonp.moatads.com d1bvk193qme2fc.cloudfront.net
1 adservice.google.com d1bvk193qme2fc.cloudfront.net
1 adservice.google.ch d1bvk193qme2fc.cloudfront.net
1 check.analytics.rlcdn.com nxstrib.com
1 headerbidding.staqdata.com nxstrib.com
1 weather.psg.nexstardigital.net d1bvk193qme2fc.cloudfront.net
1 cdn.revcontent.com fox4kc.com
1 img.revcontent.com fox4kc.com
1 d1bvk193qme2fc.cloudfront.net assets.revcontent.com
1 evbrhuvkwtis8r5qk6dfliicscirv1619732141.nuid.imrworldwide.com fox4kc.com
1 gum.criteo.com assets.revcontent.com
1 stats.g.doubleclick.net www.google-analytics.com
1 geo.privacymanager.io ats.rlcdn.com
1 ampcid.google.de www.google-analytics.com
1 tru.am www.googletagmanager.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 htlb.casalemedia.com nxstrib.com
1 tlx.3lift.com nxstrib.com
1 dyv1bugovvq1g.cloudfront.net nxstrib.com
1 ampcid.google.com www.google-analytics.com
1 pixel.wp.com fox4kc.com
1 ats.rlcdn.com fox4kc.com
1 s.ntv.io fox4kc.com
1 ad.lkqd.net www.googletagmanager.com
1 mab.chartbeat.com static.chartbeat.com
1 d1eoo1tco6rr5e.cloudfront.net tag.brandcdn.com
1 adservices.brandcdn.com fox4kc.com
1 bob.dmpxs.com fox4kc.com
1 stats.wp.com fox4kc.com
1 d15kdpgjg3unno.cloudfront.net fox4kc.com
1 tag.brandcdn.com fox4kc.com
1 assets.revcontent.com fox4kc.com
1 w3.cdn.anvato.net fox4kc.com
1 ak.sail-horizon.com fox4kc.com
1 cdn.onesignal.com fox4kc.com
1 nxstrib.com fox4kc.com
1 cdn.blueconic.net fox4kc.com
1 ccpa.psg.nexstardigital.net fox4kc.com
0 sync.adaptv.advertising.com Failed 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
0 google2waycm.netmng.com Failed 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
0 um.wbtrk.net Failed 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
723 176
Subject Issuer Validity Valid
fox4kc.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
ccpa.psg.nexstardigital.net
R3		 2021-04-13 -
2021-07-12		 3 months crt.sh
*.blueconic.net
Thawte TLS RSA CA G1		 2019-12-04 -
2022-02-01		 2 years crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
dev.nxstrib.com
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
ak.sail-horizon.com
Amazon		 2021-01-07 -
2022-02-04		 a year crt.sh
w3.cdn.anvato.net
GTS CA 1D2		 2021-04-01 -
2021-06-30		 3 months crt.sh
assets.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.brandcdn.com
RapidSSL RSA CA 2018		 2019-06-10 -
2021-07-01		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.dmpxs.com
Amazon		 2021-01-07 -
2022-02-05		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
ad.lkqd.net
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
queue.amazonaws.com
Amazon		 2020-12-04 -
2021-12-03		 a year crt.sh
revcontent.com
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2020-06-26 -
2021-07-26		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-04-15 -
2021-07-14		 3 months crt.sh
img.revcontent.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
cdn.revcontent.com
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
weather.psg.nexstardigital.net
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
images.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
headerbidding.staqdata.com
GTS CA 1D2		 2021-03-05 -
2021-06-03		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.google.ch
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
blue.yourerie.com
Amazon		 2021-04-12 -
2022-05-11		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-01-18 -
2022-02-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-04-26 -
2021-06-16		 2 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
includemodal.com
Amazon		 2020-11-15 -
2021-12-14		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh

This page contains 80 frames:

Primary Page: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Frame ID: FBA54C2EC7A24E48B4C3D67D102A8526
Requests: 184 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/o6zqvps/kjs3ype/iframe
Frame ID: E008F0FF2D191B21C5CACDDE26F87400
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Frame ID: 64BB65781996FFF5CB2FEC2F7F4F023D
Requests: 9 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 411A2872E7778650EE97D047AEABEC3D
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Frame ID: 797068EA229CA7AB810DFBC93BA7ABB7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 686AB15CE8746BC7A7E5E66EB61AA5F7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 92308EE0B84BA496812D438833F93AE2
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 9C3C5D43C2A65AE0A4038E433558ACE1
Requests: 10 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 06C7DE4182C95FAC78ECA48B5BC2DB5D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: CDDDF8DADB9C167DB3143A4D03C56DA9
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 7C061BD28EC47598841AFC7ED4BA18EA
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8343462001237815311&ex=districtm
Frame ID: 5DFD7CDCC3A4FCD9FC0676F09EFF4888
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=6576930246821193324&ex=appnexus.com
Frame ID: B6B5BD43D44DE5E2BDEBEDD91B3C38DD
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 0FAD9765FDD261690EF0F600C7576B32
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6837921043824557855
Frame ID: DBC3D57F501557E6C41B2AD2DF15353F
Requests: 1 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 699B99D43635C9998657A2C64D63F776
Requests: 24 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DED073398BA673DF6B4E8C8417D43B4B
Requests: 23 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86EFD1B090210BC4B2890CF6FD7D0C40
Requests: 9 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 895579DBA8FEA1EF3416A7C21887C047
Requests: 22 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E53530D6FDE279D683E7E8BF2C4AE88
Requests: 24 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 544AA956CA961925F50EB595EFDA38EF
Requests: 24 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B8625FF9CA384E2D0E2539F2A65D56E6
Requests: 22 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C6580E7546498F4F778E2F8BFADF21B
Requests: 23 HTTP requests in this frame

Frame: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 294B2A8D3DB8C2793BFF95B8A6FFBB44
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNXbIyICyQaZ6TFi9JXOkAgoyl3Ynw2G0XE58gIsu9Hfy3dadL-Rc0GNaMwKOpRD75vU85MVyftC3ly_SY77-DezTGf6BA
Frame ID: 1E9AC9D29F64AA9E81CE89D1BD19335B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNWI_uFZWKeAtv00LwLRJWnCU_0Ld2aZ-aEXc7GY-N96FcaDQSrZ0Ajk8olsQHAc3rLuMT03nEAoTWJRDPIZ31xA2j3tLw
Frame ID: 5813207D1EBFA4151A3E0EB4D4F0D169
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVznzrlcfAdIE_nP1jcZ04C7bRXNfUg9RsXBwakfgT-OOK2x-0cAiNnGV8V5m3Vh9aGdpCxy0ua_NCdGpcoMPDzXFiklQ
Frame ID: D9140E816BAFEFBB80579E77A4CC7F12
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=adff608b-26b1-4d00-8480-2197b8001798&gdpr=&gdpr_consent=
Frame ID: 206AEDC4934FC4D1009C0F72644CF826
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YIsmsQAAm53AqwA4&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4
Frame ID: B5DFA3B22F666B7B629B1FEA4A05FBDC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lNTE2NDExYi1jMWNmLTQ3NzktODhkYS1jNDVlYzdiMTNkZWE=&gdpr=&gdpr_consent=
Frame ID: 28E3825B3C09AFA12B971A2F48F6460F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 1260FE11D90791E02F423D61C1538544
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=02f5a2de-1a50-4bab-86b8-9417f32dd271&t=1622324144
Frame ID: 677FF815E82EDD6FA0244C0CD65A8142
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 618A7A16CBFE5C875348DEDBE496665F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YIsmssCo8WcAAQaivxIAAAAA
Frame ID: D4D36FB481F7AA303ACA9AD7AEF6D672
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878969642673960
Frame ID: 0711934E596652EE5A0DEDB035D7CA5D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=OzRlVE8F3dlf5hWEYO3C&pi=gumgum&tc=1
Frame ID: 7D6D8626899552A64608A152332BB315
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNUmL0jMXMo2GJYp0TlQ1Z_CbRmQLmQ6KLEfmWCY-qZbCT9pY8EDzyb9TXUS6ORaZrBR1abPeWqKOoeIjTjimE_k5D-zdw
Frame ID: 336626DF9AB1667D24963D5EF2A2B549
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGIyn8poBMAE&v=APEucNWMa0rtVP3Q2bwiY_dF-Vo3JopLzh1MfS--U7X67t1dO1FqEeXeX18LBx57puUMYG_JcJ4nZg6h3JucCythGwnfF-tfjg
Frame ID: 680ED1FE97DDBDFB9423EF123F6C579C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKiS8poBMAE&v=APEucNV4k3Clj83xCaJcaPvaXmFHRfyMQYTEDsr4298mEEgR6S3dgauCtiYWkxu7Pqjq40ESUbJMVmYYAk5WcOZRFZSxE7-cXg
Frame ID: 2EC24A8618D0094ACE1C16E548B43594
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVeT32U-rVNZ0Kzq8ftoj7OhhXhZGOj9hnVmu9c_YsULtDHExoIwJBubSYH--eF8OzOuhScGrEGGHK-PsjpMrUDTfuI1g
Frame ID: D0ED3D44FFD5AB4C8D30DA3B8FAB324E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVHpBq8Is9f4YnLSuVNGYfC5O4VVz5CIZ8eAn5p2r8xNGLNgVZTJExSDW4RF_p_3VXUSrfRzjJmkJPqOaxu2RUAGXrghg
Frame ID: CECA8FCED9801858D44C2B29D9D9A0B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNUesS9H8MPxYZueTdj5vc6FWjiGzj4CQfCwTxpOmRygiw6_LBHJKXyMWAUPYEmcWzUyBOliioVH-XCp_0rEAQEOqgMhwg
Frame ID: 826C40A6505B27C9D24434D474E24744
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C310FD09676BB21DFF5288F6279C359
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Frame ID: AD3AB4AC9A73BE7B3A82557D4F868602
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Frame ID: D63FFEDA7C0F5F760AE3A4C2DD547371
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29D823BEC1555FB7037CC5ACBF77999E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7800A0122DA19581527B5006F8D85FB1
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 837DD578D4F4235555C14D411545061C
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Frame ID: 13A75C3FF8C195951BE1597DCD39BA35
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Frame ID: 2FFB4772A8075D041D40042E9B3F9DBB
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Frame ID: 26C8ED05F01FC0B88F16FF06E7C8A5B5
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Frame ID: FB4B15AE533F0F99DC834148D37C25D9
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Frame ID: 831728BB42D32726A91790340E83F87E
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 045045C20C207261E48D76EA1881D40A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC9B0CF4EE461417CB21554C95CFF97D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC1FBB9CBDE68B82DE7434E40DF9CC2E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA660BFF7B88794D2C491E5D42E28BA8
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Frame ID: 1D1A300119E5F538980BA572089DFB8D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 454247D4F944C75E9CE36C503C6A380C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D63C3A0F4CA2FCFD6708FA94412EBE2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A06D502A38296A07310715B98726A5B2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A45D5F0BF496BAF259219C03B2092385
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 66C220F8E1E72051D9407BA040991629
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8FB5AA62B5CFCA150EDC789F84185A3F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CDC49257A25E8AC0132C6B1532DDAAE4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A1992619229B89F8CD2EDE1756E2C4B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD8E07103CB3E6ED38B24FA18E9CE3DB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9FCC2FE0C957A2C86FD2E2E3774C6E51
Requests: 3 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6171827806238432927
Frame ID: 1F73F9764A7EF4685ECA74895D851F63
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=58E84782-7B05-4B45-9CA7-40645D439258
Frame ID: 2FEF75F9C4EDF23B7E9DB02D3FF7DAE4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: 30DE9A8269EF2E7E6ABF9E6D4A70145A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: 0407A1722049BA1377836E2263142B54
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: 9B3EBE22A05317AE722BD2F0CFCC098B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: EA470E713DA52F43859CB076B35B273B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: D85EF8D1DFA0A0F8B45B2F3EC8FB6C14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: CD704C9DD6C45F7F9C931CCF26043B37
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: C9792FE9597A2CD5783C19F45EFAC5EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Frame ID: 26E2ED34F46C4E54A6E773E33A090EAC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Frame ID: ED107A2CD214816C02DC405F85C4E491
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 856BDA16CF070160B0AC0FAB4D6D5874
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

723
Requests

100 %
HTTPS

29 %
IPv6

116
Domains

176
Subdomains

114
IPs

11
Countries

6876 kB
Transfer

18099 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://insight.adsrvr.org/tags/o6zqvps/kjs3ype/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/o6zqvps/kjs3ype/iframe
Request Chain 111
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036439&cs_ucfr=&ns__t=1619732141763&ns_c=UTF-8&cv=3.5&c8=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&c7=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036439&cs_ucfr=&ns__t=1619732141763&ns_c=UTF-8&cv=3.5&c8=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&c7=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&c9=
Request Chain 139
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rSaLYPj8OoL57gO2l6z4DQ&sscte=1&crd=&eitems=ChEI8LKphAYQ6fiB9YrN_Kq3ARIdAIKodh33w2lxm7f1P_zWkbhXQQX9IPPQJ7vnVW8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rSaLYPj8OoL57gO2l6z4DQ&cid=CAQSKQCNIrLM6W9ZT6ZU29rA6yCZcUpBKWi4gkXRqq7NQme4_v-vsPoM4EKl&eitems=ChEI8LKphAYQ6fiB9YrN_Kq3ARIdAIKodh3A-YpYJcWwJmAffYFWiR9BJPuGYbAm7jY&random=571196385&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rSaLYPj8OoL57gO2l6z4DQ&cid=CAQSKQCNIrLM6W9ZT6ZU29rA6yCZcUpBKWi4gkXRqq7NQme4_v-vsPoM4EKl&eitems=ChEI8LKphAYQ6fiB9YrN_Kq3ARIdAIKodh3A-YpYJcWwJmAffYFWiR9BJPuGYbAm7jY&random=571196385&resp=GooglemKTybQhCsO&ipr=y
Request Chain 148
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Request Chain 175
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 176
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=8343462001237815311&ex=districtm
Request Chain 177
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=6576930246821193324&ex=appnexus.com
Request Chain 178
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 179
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6837921043824557855
Request Chain 193
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIsmrSFb.jqvKg5tiQSx.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbAswiMcv3U2h3AZlsHcmk&google_cver=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbAswiMcv3U2h3AZlsHcmk&google_cver=1&google_hm=2&C=1
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIsmrSFb-jqvKg5tiQSx-wAABGQAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1
Request Chain 196
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIsmrSFb.jqvKg5tiQSx.wAA%261124 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIsmrSFb.jqvKg5tiQSx.wAA%261124
Request Chain 198
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEnJE7BFk0AACvCvryw8A&expiration=1620941744 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEnJE7BFk0AACvCvryw8A&expiration=1620941744&C=1
Request Chain 199
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-58b1f203-65d7-4520-b56f-b83c1700050f HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-58b1f203-65d7-4520-b56f-b83c1700050f&C=1
Request Chain 229
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=JgLkXiIEvgw9Ab1ecgLxDyNRuVk9UOxYJVAdwQrq HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=0&val=JgLkXiIEvgw9Ab1ecgLxDyNRuVk9UOxYJVAdwQrq
Request Chain 230
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKPRTbCwp_12qQWf1RRjCQ&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKPRTbCwp_12qQWf1RRjCQ&google_cver=1
Request Chain 234
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=6576930246821193324
Request Chain 235
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy=
Request Chain 236
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28iR8PUOftgUSZlcMiC-7tBMUH-58d5l4wiZj2jALV2_JojisIY7HatLESsuVN5LRr%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28iR8PUOftgUSZlcMiC-7tBMUH-58d5l4wiZj2jALV2_JojisIY7HatLESsuVN5LRr%29
Request Chain 237
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=5fa6d05a-b93b-08f2-1ca3-dc3221031dea
Request Chain 238
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-6a8dcc5d-c282-49f9-6b6c-a6c0509b66a5$ip$185.236.201.132
Request Chain 239
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-1NU1yy9E2peJCJ0E9_LM.1VuzEnUw29qicU8~A
Request Chain 240
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=dad149b5-a932-11eb-b6f1-9925b6e8c514
Request Chain 243
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 244
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Request Chain 245
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2658730229 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2658730229 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/2919fc60-ade0-4564-ab0b-d5a4d241a4ba HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
Request Chain 246
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=swFfu9arcOS1&ev=1&pid=558355
Request Chain 248
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=adff608b-26b1-4d00-8480-2197b8001798&gdpr=&gdpr_consent=
Request Chain 249
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4 HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YIsmsQAAm53AqwA4&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4
Request Chain 252
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=02f5a2de-1a50-4bab-86b8-9417f32dd271&t=1622324144
Request Chain 254
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YIsmssCo8WcAAQaivxIAAAAA
Request Chain 255
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878969642673960
Request Chain 256
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=OzRlVE8F3dlf5hWEYO3C&pi=gumgum&tc=1
Request Chain 316
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEObq2cRZzt7_6qqQMOFl6os&google_cver=1
Request Chain 335
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIsmsbk5ZhC2EgZ5x61NawAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECo-pGo0UsvmmIZnFSYVIdE&google_cver=1
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKd4J4gGmw54386QST4TuR0&google_cver=1
Request Chain 337
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNDQxMTc4MDIwNDQyNjM2MQ%3D%3D
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP-ySoDoV93exjxglt3i30o&google_cver=1
Request Chain 339
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlOWRhNGQtYTIxNi0yNDgxLWRkZWYtMmFlNzdkOWNkYWYz
Request Chain 348
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO3EP5VJ-N-2JEF&ex=d-rubiconproject.com&status=ok
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEFW3KzDiyrEp6v_5qVHntI&google_cver=1
Request Chain 354
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTc2NzMyODctZGRiMC00OWQ4LWJiMGMtMDg5Mjk3Y2VhMTM3
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEI69YXOv2dmn78IADzj_mtY&google_cver=1
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2bzEiMFMqBThXbXKHzdDw&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2bzEiMFMqBThXbXKHzdDw&google_cver=1&__user_check__=1&sync_id=dc16bbd7-a932-11eb-bd9b-15758c630306
Request Chain 359
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=dbb62523-a932-11eb-9dd8-1131174c0406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJiNjI0ZWUtYTkzMi0xMWViLTlkZDgtMTEzMTE3NGMwNDA2
Request Chain 361
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS14TWlXRm81RTJ1RzVRTWJ5aUxkNjU5UEF1UGtEelBINn5B
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDPPePHO_TZjo5pG8hVgSSg&google_cver=1
Request Chain 363
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTc0ZTU3NjI0MjdhM2FlZWQ1N2I3ZDljZmZmYTRk&gdpr=0&gdpr_consent=
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
Request Chain 365
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=MzAzNDc4NzY5MzU0Nzk4MjY1Mg== HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
Request Chain 366
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zRVA1VkotTi0ySkVG
Request Chain 367
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO3EP5VJ-N-2JEF&sigv=1&esig=2~9bd331c2b2838335c3ec9a2f6f64dab93bfd0939
Request Chain 368
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dJZO5FW71FyvPMB9lMBBaA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003722113116369382
Request Chain 369
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=adff608b-26b1-4d00-8480-2197b8001798
Request Chain 370
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZjNiM2I4YmM2MWFkODgxYjczODVmNGRlNmMzYmI2ZjhkYTA0ZA
Request Chain 371
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIsmsQAAm53AqwA4
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM702_Mh8cLza5eG42je-jE&google_cver=1
Request Chain 477
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=fmx&bds_param=e53f2612-cf9d-4737-9c10-2ad29c600323 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=d4fa85ce-e4a8-4700-8ba5-e1a761b4f0e9&expires=10&ssp=fmx&bsw_param=e53f2612-cf9d-4737-9c10-2ad29c600323 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=e53f2612-cf9d-4737-9c10-2ad29c600323
Request Chain 478
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=afe7bbce5aba2f94241a2413/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=afe7bbce5aba2f94241a2413/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=78bc2be552ad241dd9492bd95f40e586&gdpr=0&gdpr_consent=
Request Chain 479
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003&rndcb=8547869861 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e53f2612-cf9d-4737-9c10-2ad29c600323&google_hm=ZTUzZjI2MTItY2Y5ZC00NzM3LTljMTAtMmFkMjljNjAwMzIz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBDQJI1R0V7GV_6pqJgFc4o&google_cver=1&ssp=adconductor&bsw_param=e53f2612-cf9d-4737-9c10-2ad29c600323 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e53f2612-cf9d-4737-9c10-2ad29c600323?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
Request Chain 480
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=OzRlVE8F3dlf5hWEYO3C&pi=sovrn&gdpr_consent=&gdpr=0
Request Chain 481
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=afe7bbce5aba2f94241a2413&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=adff608b-26b1-4d00-8480-2197b8001798&gdpr=0&gdpr_consent=
Request Chain 499
  • https://a.c.appier.net/gcm?google_gid=CAESEN9dicjrBSEwxMaeoUqdFsQ&google_cver=1&google_push=AQvitUKH_pkXIKbekamw3vQ_1LqdNaWPu0KTLtDaJdk5J7HY5er-2RGaDgO50CGS4Dxm88z9IN96MJGY7diwb01a0iDir3jzGLKn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WXZWY1hhaVZCMy1tR3lpSXRTYUxZQQ%3D%3D&google_push=AQvitUKH_pkXIKbekamw3vQ_1LqdNaWPu0KTLtDaJdk5J7HY5er-2RGaDgO50CGS4Dxm88z9IN96MJGY7diwb01a0iDir3jzGLKn
Request Chain 500
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKzsvVqiS08DVcH_EmxHIco&google_cver=1&google_push=AQvitUJmZc-wxJbOuK0dMqSd_-REprmef2hwaU9C51kOmlYUX2wWp4rC5owTf_X33ThO-qB7rX_A9cVcXL0Z1rJV8EEKxB0grrwU HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=61c13c9f-1000-4c62-b505-87b92890816d&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJmZc-wxJbOuK0dMqSd_-REprmef2hwaU9C51kOmlYUX2wWp4rC5owTf_X33ThO-qB7rX_A9cVcXL0Z1rJV8EEKxB0grrwU&google_hm=5T8mEs-dRzecECrSnGADIw==
Request Chain 501
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEOhnDoSRvjwj5uymU_8MhhQ&google_cver=1&google_push=AQvitUKieNmS2SPfiYXbpIUp5Nc063SSJZAi8asOrxjfHc6Yk_jTaOT_idzS7JWNbdeXVl329vq7jgsb0WVdYK1EHqL1dfQW7WE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZFdOTE4yU1hUY2ls&google_ula=2046794&google_push=AQvitUKieNmS2SPfiYXbpIUp5Nc063SSJZAi8asOrxjfHc6Yk_jTaOT_idzS7JWNbdeXVl329vq7jgsb0WVdYK1EHqL1dfQW7WE
Request Chain 502
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&google_push=AQvitUJO0ekAk1AQVIFLaXmtiFCXUu_Qh5gAFa6IaDce3l-X4ocB_G-If2EYlweJarDI6xCy2JgxdaoVUaGmufr3YLmPEWJskLPZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&google_push=AQvitUJO0ekAk1AQVIFLaXmtiFCXUu_Qh5gAFa6IaDce3l-X4ocB_G-If2EYlweJarDI6xCy2JgxdaoVUaGmufr3YLmPEWJskLPZ
Request Chain 503
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUKAVWcvLvRCLgMctGyTo1LykrqruBXt1SOtxUSAkoqWeTYTnhVJe_Q_NRa7nbRTqgy2NU96BiOdybNZHA22JrLrvU15bNI%26google_hm%3D%5BUID%5D&google_gid=CAESEOMZOewN-bCLe347zH4DYl8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKAVWcvLvRCLgMctGyTo1LykrqruBXt1SOtxUSAkoqWeTYTnhVJe_Q_NRa7nbRTqgy2NU96BiOdybNZHA22JrLrvU15bNI&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Request Chain 504
  • https://cs.media.net/cksync?type=g&google_gid=CAESEF3s8QIHXdMSsqNQxRYSjZ8&google_cver=1&google_push=AQvitUK6PKjNc1L9BUuXhYG5YDa1Wuv8aPdvS33ayhLzqwZCaoT8Zba253sXaHU-eSPD5uXJKgbfIu2TLTLCnAv7IQ9FOEP2pYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK6PKjNc1L9BUuXhYG5YDa1Wuv8aPdvS33ayhLzqwZCaoT8Zba253sXaHU-eSPD5uXJKgbfIu2TLTLCnAv7IQ9FOEP2pYg
Request Chain 505
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMJydClL95A1SRN2v-7oMLo&google_cver=1&google_push=AQvitUKPaJ5_cVFye1ThftVtpff3Xqx6RXmGIDunf5ya5uFtKc7gS196B6XZ2GHe-LqJ7wBMZYTmRQ9yps46x__AAIggPbBjyQpFxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKPaJ5_cVFye1ThftVtpff3Xqx6RXmGIDunf5ya5uFtKc7gS196B6XZ2GHe-LqJ7wBMZYTmRQ9yps46x__AAIggPbBjyQpFxA
Request Chain 559
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUL0RAUl2qPaXkWDnyi9tR8SBlVm5wbkKrMdC1Ngdy4y-JfYXYoHc-GAfLvYuIWcUtqQGU5TVf1EEvQAC2chdfx9qe1QAbra HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUL0RAUl2qPaXkWDnyi9tR8SBlVm5wbkKrMdC1Ngdy4y-JfYXYoHc-GAfLvYuIWcUtqQGU5TVf1EEvQAC2chdfx9qe1QAbra HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1pHZVN3am8xTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUL0RAUl2qPaXkWDnyi9tR8SBlVm5wbkKrMdC1Ngdy4y-JfYXYoHc-GAfLvYuIWcUtqQGU5TVf1EEvQAC2chdfx9qe1QAbra
Request Chain 560
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUIQyXPaENRaw8NvNw1z7Wxokz9paWk1LwnQvaMkm_NKA_jCa4Ta9qfHxKRN851xXgwTU4ohnD_UZaYHwtqaqxQThM9RJMsB HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUIQyXPaENRaw8NvNw1z7Wxokz9paWk1LwnQvaMkm_NKA_jCa4Ta9qfHxKRN851xXgwTU4ohnD_UZaYHwtqaqxQThM9RJMsB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
Request Chain 561
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJBMjrZWsAx9Jde-ZXN0Bpo&google_cver=1&google_push=AQvitUIPDJvHMomj_rSqhdQKJeIPTxWjqdVBUAefWLQENAQlBODsuemQ0gAU0d-xFXLddSxPajfbLk9Fw82YntAR_6wF_uF2baBl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIPDJvHMomj_rSqhdQKJeIPTxWjqdVBUAefWLQENAQlBODsuemQ0gAU0d-xFXLddSxPajfbLk9Fw82YntAR_6wF_uF2baBl&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
Request Chain 562
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBc5iU8GpAPyViF_7cfWmoQ&google_cver=1&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1mwVYEze7-mb4zVF HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBc5iU8GpAPyViF_7cfWmoQ&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1mwVYEze7-mb4zVF&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1mwVYEze7-mb4zVF&google_hm=czZkMjdkQW5UUlczVE9xSFZISzQ=
Request Chain 563
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF61YZw1FvgS6KrO0Zstge8&google_cver=1&google_push=AQvitUJXp0dRavBKTW2WyuR1uv_Jp4P4j2VCKfzDatLb0Ag0egTivqz3xGaiLf9NceipryzWetv89gbxmPZs1c5oWQB_jLOWIdo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJXp0dRavBKTW2WyuR1uv_Jp4P4j2VCKfzDatLb0Ag0egTivqz3xGaiLf9NceipryzWetv89gbxmPZs1c5oWQB_jLOWIdo
Request Chain 564
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzvNRzsPyodlND0a HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzvNRzsPyodlND0a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzvNRzsPyodlND0a
Request Chain 568
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIL8YArD492fv746LvA2me5mB1I-RDEwA2hFU5OKRQjG0cj1F9t4IjzoLXvkaEBazpB4fM25NVAV_w3xo9iamlXah788lY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIL8YArD492fv746LvA2me5mB1I-RDEwA2hFU5OKRQjG0cj1F9t4IjzoLXvkaEBazpB4fM25NVAV_w3xo9iamlXah788lY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aVI2cFcyQnAxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIL8YArD492fv746LvA2me5mB1I-RDEwA2hFU5OKRQjG0cj1F9t4IjzoLXvkaEBazpB4fM25NVAV_w3xo9iamlXah788lY
Request Chain 570
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991LwQ8_9OSvVGyTr6pxU5Dv2F4M3FvKVPD3OgSUGy HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991LwQ8_9OSvVGyTr6pxU5Dv2F4M3FvKVPD3OgSUGy&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D4YXMWsO5iFgzdHe8OV-fA&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991LwQ8_9OSvVGyTr6pxU5Dv2F4M3FvKVPD3OgSUGy
Request Chain 571
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGObvzX4xtFm3ubfR7nVy4k&google_cver=1&google_push=AQvitUKXL1yBkhvEA3bsrzuCNZtNfCeGF2Gny1XKVk0uRnpSRxeXxtssewyhTX5ISseBN3e2WepFIA5gwpxsQmhyV7SV5-txuLM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUKXL1yBkhvEA3bsrzuCNZtNfCeGF2Gny1XKVk0uRnpSRxeXxtssewyhTX5ISseBN3e2WepFIA5gwpxsQmhyV7SV5-txuLM&google_hm=Z2M4NzRlMTZiMzdhN2RiZjAyZjA=
Request Chain 572
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEFW8IWkJPB6NYKA2JEhkp0U&google_cver=1&google_push=AQvitUJuokXXzQ8BPwwi9lctb3ba5KKyaa_otRUZnAzi7GFs2hLkVgBUXgAlV6bNVZ2EWq1hQAxrjC-qlvGGf4RylpElSlT955rtww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJuokXXzQ8BPwwi9lctb3ba5KKyaa_otRUZnAzi7GFs2hLkVgBUXgAlV6bNVZ2EWq1hQAxrjC-qlvGGf4RylpElSlT955rtww&google_hm=ODYzNDE1NTUyMzA1NzM4NDg4Ng==
Request Chain 573
  • https://ads.avads.net/sync/ggl?google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk&google_cver=1&google_push=AQvitUItg5tfUKMpBCleAmeYoQpRZTLcBocWBW6x5Wta0VnMGIcVElCkGbTfiIfC1XKVv1TX1m7TQ1so_ksKimaiLQqeuaRu0licJA HTTP 302
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUItg5tfUKMpBCleAmeYoQpRZTLcBocWBW6x5Wta0VnMGIcVElCkGbTfiIfC1XKVv1TX1m7TQ1so_ksKimaiLQqeuaRu0licJA&av_tc=True&google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk HTTP 302
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUItg5tfUKMpBCleAmeYoQpRZTLcBocWBW6x5Wta0VnMGIcVElCkGbTfiIfC1XKVv1TX1m7TQ1so_ksKimaiLQqeuaRu0licJA&google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
Request Chain 580
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIbjrYDXCXsFSZLNd7cwMI-kORW-v9IsG_XLEP7f7bRdxFruZWL_XZZGArFdzNI1FkB6GWFshjMWUW9O6a-hMui70AD5TJW HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIbjrYDXCXsFSZLNd7cwMI-kORW-v9IsG_XLEP7f7bRdxFruZWL_XZZGArFdzNI1FkB6GWFshjMWUW9O6a-hMui70AD5TJW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWFxWHpqUzkxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIbjrYDXCXsFSZLNd7cwMI-kORW-v9IsG_XLEP7f7bRdxFruZWL_XZZGArFdzNI1FkB6GWFshjMWUW9O6a-hMui70AD5TJW
Request Chain 581
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOoeK_Ek9lekZcOufW0pxtE&google_cver=1&google_push=AQvitUJ8aVf1QDbcFvGACRzOY5VyvEmrAgmVQQVAEbwF0AAYST9k0kCKhHcAgVUXsTh-zV5dlj5ZsRp5D3Z9WpdygWiX0IM5Z_bV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk1NjY5NjYwODIzOTk3NDU1MQ%3D%3D&google_push=AQvitUJ8aVf1QDbcFvGACRzOY5VyvEmrAgmVQQVAEbwF0AAYST9k0kCKhHcAgVUXsTh-zV5dlj5ZsRp5D3Z9WpdygWiX0IM5Z_bV
Request Chain 582
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7nU6yxGNnOKlGlb7u4YCDmcFhnvH1BYY-ytVvp5s HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7nU6yxGNnOKlGlb7u4YCDmcFhnvH1BYY-ytVvp5s&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=UuQaJbNo5-xemy1s8toHoA&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7nU6yxGNnOKlGlb7u4YCDmcFhnvH1BYY-ytVvp5s
Request Chain 583
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur0E1gn2rfiQRDDlR8t7tEw6vf4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur0E1gn2rfiQRDDlR8t7tEw6vf4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur0E1gn2rfiQRDDlR8t7tEw6vf4
Request Chain 584
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM0BjjO0IqmJlkibzNJeQ7Y&google_cver=1&google_push=AQvitUIWU1jf-H4BpBlku6k_oBcN-kNlrddCNGSXodbCRHJNPakttzG-76R_jmihYie7MSFszPEEZsqYB9T8NG_5MjkbLroJUdM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIWU1jf-H4BpBlku6k_oBcN-kNlrddCNGSXodbCRHJNPakttzG-76R_jmihYie7MSFszPEEZsqYB9T8NG_5MjkbLroJUdM&google_hm=afe7bbce5aba2f94241a2413
Request Chain 585
  • https://ads.avads.net/sync/ggl?google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk&google_cver=1&google_push=AQvitUL2UHC38AhZ_rTY_yLqghJgb8pEhRxIG2d365NwE1BYrcj4fgvvDH4EP6V99GcejgE4eZoCpz1B1Xjs5GBULUNPcDOTbCjU5A HTTP 302
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUL2UHC38AhZ_rTY_yLqghJgb8pEhRxIG2d365NwE1BYrcj4fgvvDH4EP6V99GcejgE4eZoCpz1B1Xjs5GBULUNPcDOTbCjU5A&av_tc=True&google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk HTTP 302
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUL2UHC38AhZ_rTY_yLqghJgb8pEhRxIG2d365NwE1BYrcj4fgvvDH4EP6V99GcejgE4eZoCpz1B1Xjs5GBULUNPcDOTbCjU5A&google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
Request Chain 588
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUIIkQ_Xojan3Kd5va0Eoqyza6YD8XrEP44J8ISL6U3qr6O_i-SeK08oHedq75I4P9plTqr4hEffLrPIRBvlxcf29wJq7PVVxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUIIkQ_Xojan3Kd5va0Eoqyza6YD8XrEP44J8ISL6U3qr6O_i-SeK08oHedq75I4P9plTqr4hEffLrPIRBvlxcf29wJq7PVVxA
Request Chain 589
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr8tPwdpNwilDH2SUk5gNk5LEBg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr8tPwdpNwilDH2SUk5gNk5LEBg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr8tPwdpNwilDH2SUk5gNk5LEBg
Request Chain 590
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF61YZw1FvgS6KrO0Zstge8&google_cver=1&google_push=AQvitUIwcrm0oCrFNkl26ESccu16OTKEKCPV-v2O0ZUF_uvGVWYVj9Bu_TAMqajwVkMcioXt73exaF3Io-0K5nI4bN0vT4yAeOKLOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIwcrm0oCrFNkl26ESccu16OTKEKCPV-v2O0ZUF_uvGVWYVj9Bu_TAMqajwVkMcioXt73exaF3Io-0K5nI4bN0vT4yAeOKLOw
Request Chain 591
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&google_push=AQvitUKotmjtA7zMWXrEqyAD8vcMqJ0Eyem_V3EDCa77XGoelzOjPpEajIAGZ1_qNRPgxgSyShvSaYtMwQ18L3ulpltdL6DH0FHN1Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_push=AQvitUKotmjtA7zMWXrEqyAD8vcMqJ0Eyem_V3EDCa77XGoelzOjPpEajIAGZ1_qNRPgxgSyShvSaYtMwQ18L3ulpltdL6DH0FHN1Q&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1
Request Chain 592
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJhCsYWaqzouotnY40ZU72UBz_Dh3tBzsydN8lm_Yc40NgtNU8OuvIg_Y6bqpw5URN-W_FuVptPAEiqnXuGgQN5mte1Ogdwxw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJhCsYWaqzouotnY40ZU72UBz_Dh3tBzsydN8lm_Yc40NgtNU8OuvIg_Y6bqpw5URN-W_FuVptPAEiqnXuGgQN5mte1Ogdwxw
Request Chain 593
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIB1U6TCvNxX6AhAxAER2zQ&google_cver=1&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zojpaX24GrUl53BYk HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Df305a4a8-b816-4944-9d9e-2f693d30e6c4%26google_push%3DAQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zojpaX24GrUl53BYk&ssp=googlevid&exu=CAESEIB1U6TCvNxX6AhAxAER2zQ HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=f305a4a8-b816-4944-9d9e-2f693d30e6c4&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Df305a4a8-b816-4944-9d9e-2f693d30e6c4%26google_push%3DAQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zojpaX24GrUl53BYk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=f305a4a8-b816-4944-9d9e-2f693d30e6c4&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zojpaX24GrUl53BYk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=f305a4a8-b816-4944-9d9e-2f693d30e6c4&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zojpaX24GrUl53BYk&google_tc=
Request Chain 595
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6171827806238432927
Request Chain 597
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 599
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=58E84782-7B05-4B45-9CA7-40645D439258&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=58E84782-7B05-4B45-9CA7-40645D439258&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 600
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=58E84782-7B05-4B45-9CA7-40645D439258&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=58E84782-7B05-4B45-9CA7-40645D439258&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=58E84782-7B05-4B45-9CA7-40645D439258&addseg=31
Request Chain 601
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NThFODQ3ODItN0IwNS00QjQ1LTlDQTctNDA2NDVENDM5MjU4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 602
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-2QvHaG2f_mxGxAywDix4&google_cver=1
Request Chain 604
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1934972794013617698
Request Chain 605
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2919fc60-ade0-4564-ab0b-d5a4d241a4ba
Request Chain 606
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJz_mCnjgjJGzMEgB-HZwl0&google_cver=1&google_push=AQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJz_mCnjgjJGzMEgB-HZwl0&google_cver=1&google_push=AQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 607
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUInCumbOb9HFHw64sCLLPLQWKvczlC1IlBnRxLvOQDwzEgnF_dmLOfW2Crjd8f46e-ToHDddYbHR6qR7cHazwgQ5GUn2Lc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUInCumbOb9HFHw64sCLLPLQWKvczlC1IlBnRxLvOQDwzEgnF_dmLOfW2Crjd8f46e-ToHDddYbHR6qR7cHazwgQ5GUn2Lc
Request Chain 608
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJjXmC-xYe--MmPGMjYeYrVQ4WbVa3Ml2NQ-x9M5nBMN1WC4mHLxau3nn8ApZrGsNkVAXFqwm_MydPqYsP95qmLSq0ycChU HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJjXmC-xYe--MmPGMjYeYrVQ4WbVa3Ml2NQ-x9M5nBMN1WC4mHLxau3nn8ApZrGsNkVAXFqwm_MydPqYsP95qmLSq0ycChU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
Request Chain 609
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM0BjjO0IqmJlkibzNJeQ7Y&google_cver=1&google_push=AQvitUKpAXI2vHg3UO-aYQlMaveNZZQjIcfBJMU2oxwWdq8t2-Rtgj5D5UR2_otWzg5xzWFguAVOkLkgH3aK_jgPTMpUyOZcvgF0 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKpAXI2vHg3UO-aYQlMaveNZZQjIcfBJMU2oxwWdq8t2-Rtgj5D5UR2_otWzg5xzWFguAVOkLkgH3aK_jgPTMpUyOZcvgF0&google_hm=afe7bbce5aba2f94241a2413
Request Chain 610
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitULBRJr_qWttB49mkkGUhWnWaJKwhy6TeAj9RN6az9PXJ7HhdEe5C8ZvN1QJy8P8uH3z9D_Hgu0WBVKiCQEhO54tm7BRaCkH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitULBRJr_qWttB49mkkGUhWnWaJKwhy6TeAj9RN6az9PXJ7HhdEe5C8ZvN1QJy8P8uH3z9D_Hgu0WBVKiCQEhO54tm7BRaCkH
Request Chain 611
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEF77jFXDlOl5qlpx7QDTmnE&google_cver=1&google_push=AQvitULvGs-G0Z9GvlksFw60pqcwzO8QcBJNC72yyou7FOuBuCvV3tnCie3WufNm72Q0LHwmthVGB7ICeOqtGwafbdLmpIh8K_p7iQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EM1RRN3E5RTJ1RzZmMmFOOV9NcFV2ODVYSDFYY0RoeX5B&google_push=AQvitULvGs-G0Z9GvlksFw60pqcwzO8QcBJNC72yyou7FOuBuCvV3tnCie3WufNm72Q0LHwmthVGB7ICeOqtGwafbdLmpIh8K_p7iQ
Request Chain 612
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIB1U6TCvNxX6AhAxAER2zQ&google_cver=1&google_push=AQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQMtpN62MF44B70NA1g HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db046af40-7ba6-4486-a0df-237f3a92338a%26google_push%3DAQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQMtpN62MF44B70NA1g&ssp=googlevid&exu=CAESEIB1U6TCvNxX6AhAxAER2zQ HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=b046af40-7ba6-4486-a0df-237f3a92338a&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db046af40-7ba6-4486-a0df-237f3a92338a%26google_push%3DAQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQMtpN62MF44B70NA1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b046af40-7ba6-4486-a0df-237f3a92338a&google_push=AQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQMtpN62MF44B70NA1g
Request Chain 614
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGSeGBUs139UxEG0nszMW60&google_cver=1&google_push=AQvitULm4C7l0Lvrvyp0f4eRkXHWXkQ6y9VKgkt15ZtIHHv2600GSosjtwk9xyEIrAkG_feLWA80QHOQSooD-XrIV1rOCb9Xrp5l HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU0MzIzNjA5OTU2NjU2NjA2Mg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKwfnMU1MDt2ffGk1joHIHo&google_cver=1
Request Chain 615
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBOJRbqelVEDlBoVBHG7k3Y&google_cver=1&google_push=AQvitUIiVteNwZ-Vi6bzWnhIHl0ttVs2kIYDrxlTBzPXKdh8kvGXppjvYjaapRR3jKLZU3GjJuK5gNzlziJ6vqM8vNg8AYMcsJQ3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIiVteNwZ-Vi6bzWnhIHl0ttVs2kIYDrxlTBzPXKdh8kvGXppjvYjaapRR3jKLZU3GjJuK5gNzlziJ6vqM8vNg8AYMcsJQ3&google_hm=8rbHodeVQGOYxZVUZSfXoYQ
Request Chain 617
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUJ3qMtYkbtQJCj5amcjhcQFE49XJm8-SY47bWRbP6QmfDQvW-ArwLvVv6MR9IRvpkE9IbLjLi3Zby86mzJwC-LPZib9q8Hs%26google_hm%3D%5BUID%5D&google_gid=CAESEOMZOewN-bCLe347zH4DYl8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJ3qMtYkbtQJCj5amcjhcQFE49XJm8-SY47bWRbP6QmfDQvW-ArwLvVv6MR9IRvpkE9IbLjLi3Zby86mzJwC-LPZib9q8Hs&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Request Chain 618
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGObvzX4xtFm3ubfR7nVy4k&google_cver=1&google_push=AQvitUIzw44I19fWVHU0PddGOf5k-KFARUURS6ZxNCr7Lldlw3i7r7YNECQ0RwsfK-vd68XbEYP8Puy-2QbN86urBS8TZnbGGTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUIzw44I19fWVHU0PddGOf5k-KFARUURS6ZxNCr7Lldlw3i7r7YNECQ0RwsfK-vd68XbEYP8Puy-2QbN86urBS8TZnbGGTA&google_hm=ZzY5MGU4N2E3NDYzZDdkM2UxNjU=
Request Chain 619
  • https://cs.media.net/cksync?type=g&google_gid=CAESEF3s8QIHXdMSsqNQxRYSjZ8&google_cver=1&google_push=AQvitUJ_g47ImuyUSKi1BXnTr5usMubTLV_X_QI13V5Wqa8PGjuf2XYRPbRkWnfcZ1bPMnF6gJafVnjbRboixc50z1V1oc-TI6Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ_g47ImuyUSKi1BXnTr5usMubTLV_X_QI13V5Wqa8PGjuf2XYRPbRkWnfcZ1bPMnF6gJafVnjbRboixc50z1V1oc-TI6Y
Request Chain 620
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHEWyaQGte44M3r2gXei8L8&google_cver=1&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roGWtJZGLW8TyKhlgBGsJBiER0IG5R9I7NDzLZATHc43VtPsA HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHEWyaQGte44M3r2gXei8L8&google_cver=1&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roGWtJZGLW8TyKhlgBGsJBiER0IG5R9I7NDzLZATHc43VtPsA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHEWyaQGte44M3r2gXei8L8&google_cver=1&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roGWtJZGLW8TyKhlgBGsJBiER0IG5R9I7NDzLZATHc43VtPsA&apid=UPdd74f291-a932-11eb-8cad-027b24c1f9ac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkZDc0ZjI5MS1hOTMyLTExZWItOGNhZC0wMjdiMjRjMWY5YWM%3D&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roGWtJZGLW8TyKhlgBGsJBiER0IG5R9I7NDzLZATHc43VtPsA
Request Chain 625
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB4rac3A_h_ocnBtOd3IbY8&google_cver=1&google_push=AQvitUIXfBspMkTqr5fOSsWZ9YjLc2CelutDwE1wPc-Tt2T6EqHWvyN12saNTrx6wJb_JNcAMKYWL-GUDW_86Pz5C0Lh5ONsJFgM HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIXfBspMkTqr5fOSsWZ9YjLc2CelutDwE1wPc-Tt2T6EqHWvyN12saNTrx6wJb_JNcAMKYWL-GUDW_86Pz5C0Lh5ONsJFgM&google_hm=b25S2WpUno8oT4y9LlNedQ
Request Chain 626
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUJThegIlpvo-xHXwbyfvM7ulrvFjmm3M0WOrzHcKYc6mZ993HvMB6iSoGaC-c55tGILVJZBt36kv7jOoHYo6jAEksyX4xqL%26google_hm%3D%5BUID%5D&google_gid=CAESEOMZOewN-bCLe347zH4DYl8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJThegIlpvo-xHXwbyfvM7ulrvFjmm3M0WOrzHcKYc6mZ993HvMB6iSoGaC-c55tGILVJZBt36kv7jOoHYo6jAEksyX4xqL&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Request Chain 627
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM0BjjO0IqmJlkibzNJeQ7Y&google_cver=1&google_push=AQvitUIoviyu5DItqQMyZ6sinB7fs2DhgsM0sdYaZUPvERMkC0Zzg7lqm6YKO-ji5lbLKwTcwS9vTT6gdSqxcTM8ZY8W_BJKKy5w HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoviyu5DItqQMyZ6sinB7fs2DhgsM0sdYaZUPvERMkC0Zzg7lqm6YKO-ji5lbLKwTcwS9vTT6gdSqxcTM8ZY8W_BJKKy5w&google_hm=afe7bbce5aba2f94241a2413
Request Chain 628
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEFC-CY8g0dtpYVRtDDz36c&google_cver=1&google_push=AQvitUI842VFdG_jfgowNRbOvBggBrCMbLcp5oJ9bDImuHDhryksOGKzfpgDyoByKKawj146BgZwT_lWL2hOWmaa6QJD1WK2JUg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed862ac2176af6471d9a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUI842VFdG_jfgowNRbOvBggBrCMbLcp5oJ9bDImuHDhryksOGKzfpgDyoByKKawj146BgZwT_lWL2hOWmaa6QJD1WK2JUg
Request Chain 629
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJCSdB2xfHIJ462gKjoCIcOeDnInPeh5IETEBnihdkzPu2NJQ6vAbK8JksLo8ZeZdDDs8RZpkyVf4UFZbAzVNiOjdgkwlK_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJCSdB2xfHIJ462gKjoCIcOeDnInPeh5IETEBnihdkzPu2NJQ6vAbK8JksLo8ZeZdDDs8RZpkyVf4UFZbAzVNiOjdgkwlK_
Request Chain 630
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENDMY92jWckxLrxxrh8Neh8&google_cver=1&google_push=AQvitUJWGdyavr30JUf_O6eV3PrNJjQXcg0MatXlVq8fCbSlNdiRJ3msWkfYS2WRf9lLdo7lI9FSy2bHvHWUnqP8GxBwSkEHcgnp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJWGdyavr30JUf_O6eV3PrNJjQXcg0MatXlVq8fCbSlNdiRJ3msWkfYS2WRf9lLdo7lI9FSy2bHvHWUnqP8GxBwSkEHcgnp&google_hm=NzE4MTQzOTk4MDU4NjYzNTA0OA%3D%3D
Request Chain 637
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJoBV-z15rioabhdsesDjPgN1DqmkxV60BBQ8lF13MohnHIlj29rQLiozdIt3rYICGm2mKKoVclrQWGZo7K8NHkSORtS5k HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJoBV-z15rioabhdsesDjPgN1DqmkxV60BBQ8lF13MohnHIlj29rQLiozdIt3rYICGm2mKKoVclrQWGZo7K8NHkSORtS5k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
Request Chain 639
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUIbxOfXSx_LnnQBnZ4lGuMS-ESh_5IP5AxnohTsfLrNmn8_NohvJqlvS1ERZhiw3jLuDCSpwU_KqA3tFePNFbWA3e6OLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUIbxOfXSx_LnnQBnZ4lGuMS-ESh_5IP5AxnohTsfLrNmn8_NohvJqlvS1ERZhiw3jLuDCSpwU_KqA3tFePNFbWA3e6OLQ
Request Chain 640
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJBMjrZWsAx9Jde-ZXN0Bpo&google_cver=1&google_push=AQvitUI_bJjFH1qcvpGDjA4tskcKPU7_yj-FSE4ZKW6-MWdNpQZNWIQrZXO4BpAUycA_OmP1kjm9ghg4Hc_WXszxq8lka8Ilz0I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI_bJjFH1qcvpGDjA4tskcKPU7_yj-FSE4ZKW6-MWdNpQZNWIQrZXO4BpAUycA_OmP1kjm9ghg4Hc_WXszxq8lka8Ilz0I&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
Request Chain 641
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMJydClL95A1SRN2v-7oMLo&google_cver=1&google_push=AQvitUKogx9F7M8LByEnT1HmF8JNNi287QV5Nn6thz2hv07raqAHEQwmBA6uESsiouozJclgdMAL8pRTMvhOaid9pHEKN9WYOhgR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKogx9F7M8LByEnT1HmF8JNNi287QV5Nn6thz2hv07raqAHEQwmBA6uESsiouozJclgdMAL8pRTMvhOaid9pHEKN9WYOhgR
Request Chain 642
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIB1U6TCvNxX6AhAxAER2zQ&google_cver=1&google_push=AQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPRB9pUfpQTrdw8o HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D7e703249-2c6b-4647-a3f1-e245fc729fa5%26google_push%3DAQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPRB9pUfpQTrdw8o&ssp=googlevid&exu=CAESEIB1U6TCvNxX6AhAxAER2zQ HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=7e703249-2c6b-4647-a3f1-e245fc729fa5&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D7e703249-2c6b-4647-a3f1-e245fc729fa5%26google_push%3DAQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPRB9pUfpQTrdw8o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=7e703249-2c6b-4647-a3f1-e245fc729fa5&google_push=AQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPRB9pUfpQTrdw8o

723 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/ 		298 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
b8afcdffc5da6f960c4483164cc92efaa97cb8c410cb9ef18a39ab6ac80820d8

Request headers

:method
GET
:authority
fox4kc.com
:scheme
https
:path
/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Thu, 29 Apr 2021 21:35:40 GMT
content-type
text/html; charset=UTF-8
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://fox4kc.com/wp-json/>; rel="https://api.w.org/" <https://fox4kc.com/?p=1678631>; rel=shortlink
content-encoding
gzip
x-rq
hhn2 85 111 3128
age
0
x-cache
miss
cache-control
private, no-store
accept-ranges
bytes
css
fonts.googleapis.com/ 		11 KB
950 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto+Condensed:400,700&display=swap
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15dd736eff62a4c9e537fd9e1b7d1a8102157106917ee4b7fc0fafa8e89a696c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 19:40:41 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:40 GMT
fox4kc
ccpa.psg.nexstardigital.net/site/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.psg.nexstardigital.net/site/fox4kc?perf=jsmin
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40be25694f2534ba4f14b59084eaedc6c495e6046f7ba4108b8d8197fae8fd26
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-content-type-options
nosniff
age
59134
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ccpa-geoip
CH-25
vary
Accept-Encoding
content-length
9252
x-xss-protection
1; mode=block
x-served-by
cache-lax10678-LGB, cache-hhn4083-HHN
server
nginx
x-timer
S1619732141.014103,VS0,VE1
x-frame-options
SAMEORIGIN
date
Thu, 29 Apr 2021 21:35:41 GMT
strict-transport-security
max-age=300
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
x-ua-compatible
IE=Edge
accept-ranges
bytes
link
<https://ccpa-admin.psg.nexstardigital.net/wp-json/>; rel="https://api.w.org/", <https://ccpa-admin.psg.nexstardigital.net/?p=337>; rel=shortlink
x-ccpa-client-geo
CH-GR
x-cache-hits
3, 1
udl.js
fox4kc.com/wp-content/plugins/universal-data-layer/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/universal-data-layer/js/udl.js?ver=1.1.0
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c84c4d9c2ffe6d4312a497e6efc96d8a88d11bc80a52b97d1f0828de23fc4b12

Request headers

:path
/wp-content/plugins/universal-data-layer/js/udl.js?ver=1.1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 87 24 3206
last-modified
Wed, 09 Dec 2020 17:42:25 GMT
server
nginx
age
693606
etag
W/"5fd10c81-26b6"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2608
expires
Fri, 29 Apr 2022 21:35:40 GMT
nexstar.js
cdn.blueconic.net/ 		146 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blueconic.net/nexstar.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-129.mad50.r.cloudfront.net
Software
- /
Resource Hash
72dc9d30f2ab602a2cf4d217bc63be6a3ebb2cbab40abcced67375a44dea5892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
201
x-cache
Hit from cloudfront
content-length
45459
x-xss-protection
1; mode=block
last-modified
Wed, 28 Apr 2021 16:26:16 GMT
server
-
etag
"24692-5c10ad67f83a0-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 6e828213221a8cbea0c54b35955f0008.cloudfront.net (CloudFront)
cache-control
public, max-age=600, s-maxage=500
x-amz-cf-pop
MAD50-C1
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
lRXcS5n1ExEkU6z9fC1SbK1fR3ACUTAzxPyCo44NMj4mN07DJHoWwQ==
sp.js
includemodal.global.ssl.fastly.net/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/sp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JCe5I2lNvuti8Cl.nqdofRN.76AQPq.e
Content-Encoding
gzip
ETag
"43eefb7f4eb22e1ecc914737224f37ed"
Age
972
X-Cache
HIT
Connection
keep-alive
Content-Length
11168
x-amz-id-2
Z1KMu4858bnMlYkBWtf5EF4jK96MZ+cbWJC5/Z4/jHA2gqQ+uAwQ2XRiwVIQDzrwd2jzitEm+yo=
X-Served-By
cache-fra19123-FRA
Last-Modified
Tue, 20 Apr 2021 17:12:31 GMT
Server
AmazonS3
X-Timer
S1619732141.323505,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:41 GMT
Vary
Accept-Encoding
x-amz-request-id
RCGJKASNZ40XXK45
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
8
pbjs-4.30.0.js
nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/ 		240 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ae74bbec8d62a1971da17c1ba24ef94e3d59bfdc47040de9551040dc93719b13

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 86 175 3193
last-modified
Wed, 21 Apr 2021 20:29:37 GMT
server
nginx
age
694842
etag
W/"60808b31-3c10b"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
77388
expires
Fri, 29 Apr 2022 21:35:41 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Y2Nn8JmiAY8HpnF4sl5n7J71jaI/gpt_and_prebid/ 		201 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Y2Nn8JmiAY8HpnF4sl5n7J71jaI/gpt_and_prebid/config.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a77d6117fcffe139d9bcc81839acf2dcae7b3481b4500535042fe8b587f1dac

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:41 GMT
Content-Encoding
gzip
Age
610
X-Cache
HIT
Connection
keep-alive
Content-Length
45062
x-amz-id-2
mqDv0iae9cW+6u2YHLl+hAlqcK4J4OPZTHoDi1gblHHK4/OL//wlSUWMysV9nFc6W0IWzHDQ4qM=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Thu, 29 Apr 2021 20:57:42 GMT
Server
AmazonS3
X-Timer
S1619732141.300100,VS0,VE0
ETag
"492789da65c6a821a7af5940e4abaf86"
x-amz-request-id
W589EBE4B411E5R3
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
3
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:50:38 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 01:43:44 GMT
server
nginx
age
20703
etag
W/"5fc6f150-5976"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
6mSQpe-vlWJIed8NfFkh5PMDTlRWu-FZh0TThXnx8pOyZfbavH45xg==
expires
Fri, 30 Apr 2021 15:50:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
06e5450622ae6de63870c215e3858d451c7d2258493bd74b57d4f38fe5c6f33e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"857 / 153 of 1000 / last-modified: 1619694582"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21249
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:41 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
927
etag
W/"e96732c560b171a3c798575723231e7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
647ba95aac4e325c-FRA
cf-request-id
09c1282cab0000325cf11eb000000001
expires
Sun, 02 May 2021 21:35:41 GMT
style.min.css
fox4kc.com/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 87 24 3206
last-modified
Mon, 22 Feb 2021 16:05:53 GMT
server
nginx
age
693606
etag
W/"6033d661-c88a"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8070
expires
Fri, 29 Apr 2022 21:35:40 GMT
os-custom-link.css
fox4kc.com/wp-content/plugins/onesignal/dist/ 		544 B
368 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/onesignal/dist/os-custom-link.css?ver=3.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6f08294407bd8c1164457a3fe183bab69082405f0a333337664275d81b783ab2

Request headers

:path
/wp-content/plugins/onesignal/dist/os-custom-link.css?ver=3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 82 138 3116
last-modified
Thu, 22 Apr 2021 17:54:07 GMT
server
nginx
age
616905
etag
W/"6081b83f-220"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
265
expires
Fri, 29 Apr 2022 21:35:40 GMT
main.css
fox4kc.com/wp-content/plugins/hurrytimer/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/hurrytimer/assets/css/main.css?ver=2.8.3
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
230fe99dbab4624d33f25e7a237f9fb1fdd19b1859841dfa728821f6094a98a4

Request headers

:path
/wp-content/plugins/hurrytimer/assets/css/main.css?ver=2.8.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 87 48 3279
last-modified
Mon, 07 Dec 2020 22:38:35 GMT
server
nginx
age
693606
etag
W/"5fceaeeb-1840"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1498
expires
Fri, 29 Apr 2022 21:35:40 GMT
css
fonts.googleapis.com/ 		11 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700&display=swap&ver=1.0
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15dd736eff62a4c9e537fd9e1b7d1a8102157106917ee4b7fc0fafa8e89a696c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://fox4kc.com
Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:30:11 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:40 GMT
global.min.css
fox4kc.com/wp-content/themes/nexstar/client/build/css/ 		149 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/css/global.min.css?ver=688c7d5c5b8fe9181371
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ffcf0820dcb04ad7d58c2a1fe1fbd3b3ccd47acd73df0cf32aac887c6751323a

Request headers

:path
/wp-content/themes/nexstar/client/build/css/global.min.css?ver=688c7d5c5b8fe9181371
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 85 111 3128
last-modified
Wed, 28 Apr 2021 22:45:50 GMT
server
nginx
age
81720
etag
W/"6089e59e-252c7"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18449
expires
Fri, 29 Apr 2022 21:35:40 GMT
common.chunk.min.css
fox4kc.com/wp-content/themes/nexstar/client/build/css/ 		26 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/css/common.chunk.min.css?ver=73821cfd8abbfdadbbd7
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a5baf2b1d1e9d9747370302bac5830457761a948cb3d8a6e1a547714758381a7

Request headers

:path
/wp-content/themes/nexstar/client/build/css/common.chunk.min.css?ver=73821cfd8abbfdadbbd7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 89 62 3115
last-modified
Thu, 14 Jan 2021 05:14:41 GMT
server
nginx
age
104207
etag
W/"5fffd341-6913"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9633
expires
Fri, 29 Apr 2022 21:35:40 GMT
weatherIcons.min.css
fox4kc.com/wp-content/themes/nexstar/client/build/css/ 		314 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/css/weatherIcons.min.css?ver=46846cceacd5c89fefb2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a62a50741963e587d42b905ce9f22c55a19453096d308c5cdbc5762ded77c27

Request headers

:path
/wp-content/themes/nexstar/client/build/css/weatherIcons.min.css?ver=46846cceacd5c89fefb2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 91 223 3107
last-modified
Thu, 19 Nov 2020 23:50:31 GMT
server
nginx
age
104207
etag
W/"5fb704c7-4e723"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28365
expires
Fri, 29 Apr 2022 21:35:40 GMT
article.min.css
fox4kc.com/wp-content/themes/nexstar/client/build/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/css/article.min.css?ver=5f75dca586d86fd7784f
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
78b9dc5d0987b605b295bc7ba71ff897a49ead3969dd0319de83c2491d575f0f

Request headers

:path
/wp-content/themes/nexstar/client/build/css/article.min.css?ver=5f75dca586d86fd7784f
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 91 221 3125
last-modified
Fri, 12 Mar 2021 16:36:57 GMT
server
nginx
age
104207
etag
W/"604b98a9-1f3f"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1992
expires
Fri, 29 Apr 2022 21:35:40 GMT
video-playlist.min.css
fox4kc.com/wp-content/themes/nexstar/client/build/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/css/video-playlist.min.css?ver=9869ec04ffa318af7b63
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e2c0f9c8b7c348defe012c165f5ba4c0e1f6ca10db7763733095bec3b380df1

Request headers

:path
/wp-content/themes/nexstar/client/build/css/video-playlist.min.css?ver=9869ec04ffa318af7b63
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 91 224 3100
last-modified
Wed, 21 Apr 2021 16:34:28 GMT
server
nginx
age
104207
etag
W/"60805414-25ee"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1797
expires
Fri, 29 Apr 2022 21:35:40 GMT
weather.min.css
fox4kc.com/wp-content/themes/nexstar/client/build/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/css/weather.min.css?ver=2bd9849b53c40ff9edf1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a1407b0c846c65977d7932af975a60934cde970ad97b72e01e9bc02afe29e7e4

Request headers

:path
/wp-content/themes/nexstar/client/build/css/weather.min.css?ver=2bd9849b53c40ff9edf1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 91 226 3117
last-modified
Thu, 14 Jan 2021 05:14:44 GMT
server
nginx
age
104207
etag
W/"5fffd344-3e8b"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2922
expires
Fri, 29 Apr 2022 21:35:40 GMT
widget.subscribe.css
fox4kc.com/wp-content/plugins/sailthru-widget/css/ 		2 KB
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=1.1.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
26e8db41813f87bb61da1529be0ca2d88fd523807d5125bf293025539754fce2

Request headers

:path
/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=1.1.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 91 202 3269
last-modified
Wed, 28 Apr 2021 16:19:27 GMT
server
nginx
age
104499
etag
W/"60898b0f-9ef"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
813
expires
Fri, 29 Apr 2022 21:35:40 GMT
display.css
fox4kc.com/wp-content/plugins/sailthru-widget/css/ 		2 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/sailthru-widget/css/display.css?ver=1.1.7
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
99a356372fc0a684abb476dae06879c03c499a0012921926e17e6a8c629afc28

Request headers

:path
/wp-content/plugins/sailthru-widget/css/display.css?ver=1.1.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 91 207 3279
last-modified
Wed, 28 Apr 2021 16:19:34 GMT
server
nginx
age
104499
etag
W/"60898b16-778"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
658
expires
Fri, 29 Apr 2022 21:35:40 GMT
jetpack.css
fox4kc.com/wp-content/client-mu-plugins/jetpack/css/ 		75 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/client-mu-plugins/jetpack/css/jetpack.css?ver=9.3.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b

Request headers

:path
/wp-content/client-mu-plugins/jetpack/css/jetpack.css?ver=9.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 87 26 3156
last-modified
Thu, 25 Feb 2021 08:58:00 GMT
server
nginx
age
693606
etag
W/"60376698-12d1d"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13985
expires
Fri, 29 Apr 2022 21:35:40 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.6.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-48.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50bf87dcf89e67ab9afe28b6c7f363610e46e8dc563db11291df3a73415c74b0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:26:36 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 21:15:24 GMT
server
AmazonS3
age
546
etag
W/"84774265ca1d01d1839ea005c6403f3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a72068a5d77ecba7daccda339a668499.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
1P0Tp7x23WFStOco8Mdh0u5XsrrDU0iJ5CDFoI1wnGYyRSphyio-ew==
jquery.min.js
fox4kc.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 87 42 3270
last-modified
Mon, 22 Feb 2021 16:05:50 GMT
server
nginx
age
693606
etag
W/"6033d65e-15d98"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
31153
expires
Fri, 29 Apr 2022 21:35:40 GMT
jquery-migrate.min.js
fox4kc.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 86 167 3176
last-modified
Mon, 22 Feb 2021 16:05:56 GMT
server
nginx
age
693606
etag
W/"6033d664-2bd8"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4176
expires
Fri, 29 Apr 2022 21:35:40 GMT
tag.js
fox4kc.com/wp-content/plugins/sailthru-widget/js/ 		603 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/sailthru-widget/js/tag.js?ver=5.6.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e7efcd6d780141149d6cfa70470b4518d2e4cbb421bc21d76df611f6b2969587

Request headers

:path
/wp-content/plugins/sailthru-widget/js/tag.js?ver=5.6.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 87 50 3276
last-modified
Wed, 11 Nov 2020 18:13:05 GMT
server
nginx
age
693606
etag
W/"5fac29b1-25b"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
260
expires
Fri, 29 Apr 2022 21:35:40 GMT
anvload.js
w3.cdn.anvato.net/player/prod/v3/scripts/ 		265 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w3.cdn.anvato.net/player/prod/v3/scripts/anvload.js?ver=3
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.69 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.40.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cafd1a850a911a7f1c6cc393addd14b13a8345bd6c1ed0f804227ea963ae8770

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 18:42:54 GMT
content-encoding
gzip
age
10367
x-guploader-uploadid
ABg5-Uw9blJvSoOpMvEaRNRJTY2tV3jA7MMoOz_EzY10GeTL3xJe5u0_EZPJ5_t8OzS0hn2NTxRX-rnz-F3GTWBfccLG7Fyxog
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
80025
last-modified
Tue, 13 Apr 2021 15:30:20 GMT
server
UploadServer
etag
"72fd52de6a6ef017d2b4c8b7bc26785e"
x-goog-hash
crc32c=IKrd6w==, md5=cv1S3mpu8BfStMi3vCZ4Xg==
x-goog-generation
1618327820435993
access-control-allow-origin
*
cache-control
public, max-age=21600,no-transform
x-goog-stored-content-length
80025
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 30 Apr 2021 00:42:54 GMT
widget.subscribe.js
fox4kc.com/wp-content/plugins/sailthru-widget/js/ 		2 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=1.1.5
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6adeb26b6f842e201590ec645431bbac69d08717fa59447e58bd8ccd835fc39e

Request headers

:path
/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=1.1.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 87 227 3091
last-modified
Wed, 28 Apr 2021 16:19:25 GMT
server
nginx
age
104499
etag
W/"60898b0d-6dd"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
779
expires
Fri, 29 Apr 2022 21:35:40 GMT
display.js
fox4kc.com/wp-content/plugins/sailthru-widget/js/ 		1 KB
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/sailthru-widget/js/display.js?ver=1.1.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ee9f313b24e5afd487e1d748e36e50c8ed84c081d91e9ce6d2799dc0e61aa627

Request headers

:path
/wp-content/plugins/sailthru-widget/js/display.js?ver=1.1.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-rq
hhn2 82 54 3232
last-modified
Wed, 28 Apr 2021 16:19:34 GMT
server
nginx
age
104499
etag
W/"60898b16-52f"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
412
expires
Fri, 29 Apr 2022 21:35:40 GMT
ChipotleCMG_Healthcare_Heroes.jpg
fox4kc.com/wp-content/uploads/sites/16/2021/04/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fox4kc.com/wp-content/uploads/sites/16/2021/04/ChipotleCMG_Healthcare_Heroes.jpg?w=876&h=493&crop=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
15cd3978b3f866e18ad230ac3a154d67c736cdc8b67d090d957bec14668a372d

Request headers

:path
/wp-content/uploads/sites/16/2021/04/ChipotleCMG_Healthcare_Heroes.jpg?w=876&h=493&crop=1
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
x-rq
hhn2 109 140 443
last-modified
Thu, 29 Apr 2021 15:35:26 GMT
server
nginx
etag
"5dab2f831612bc4a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
187310
expires
Fri, 29 Apr 2022 15:35:26 GMT
delivery.js
assets.revcontent.com/master/ 		359 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
962896c3cd299c3e2aee3765b116aa2c79c77e3dfe5f82d19784148e4328b357

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 16:04:06 GMT
server
AmazonS3
x-amz-request-id
7K3M0BJNK6A54RVT
etag
"f0a7bea6d7e2cf05f907bf2fd064d751"
x-hw
1619732141.cds107.fr8.hn,1619732141.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
103238
x-amz-id-2
AT0InX3MXLd1DWO85FzMwypq64h8Nd/qCWmzUI6HgKdBEZn6/ztEV5fLfGyCJ6UCF/S48h5yHps=
WDAF.js
tag.brandcdn.com/autoscript/kansascityhouse_vfzscmvfmxfzeja9/ 		791 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.brandcdn.com/autoscript/kansascityhouse_vfzscmvfmxfzeja9/WDAF.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:400:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ae1aca6f917e2299da77c45f88e606f3493199e11488037f254be1cbab4c425

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:54:50 GMT
via
1.1 f23d0814f3a7efcdd4936fa69b3d072b.cloudfront.net (CloudFront)
last-modified
Thu, 29 Apr 2021 09:41:05 GMT
server
AmazonS3
age
38452
etag
"80719f28589668dfe70b39400b93d18e"
x-cache
Hit from cloudfront
x-amz-version-id
fcUF8ABzWhPowp.JXqeyxGjdy0k_qzAb
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-type
text/javascript
content-length
791
x-amz-cf-id
1Sep7hCpEDGBep826WWZ_zJe8PsqYDRDK_G072zjN4k4Ft1PjMQt4Q==
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=67
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:800:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d564931f3fbbb99974231706405ce6fbff70eba61901b6d12bdca589db2fd60

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 16:45:02 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 16:44:57 GMT
server
AmazonS3
age
17440
etag
W/"c58d220facb1d6f75146d25bdbaaaa4d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
cache-control
max-age=84600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
sErvOu0KC9KP_hIA1QXg3FNeNR3md5ntP6gy4DIYYUV13u3WQORkdg==
facebook-embed.min.js
fox4kc.com/wp-content/client-mu-plugins/jetpack/_inc/build/ 		737 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/client-mu-plugins/jetpack/_inc/build/facebook-embed.min.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187

Request headers

:path
/wp-content/client-mu-plugins/jetpack/_inc/build/facebook-embed.min.js
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 87 200 3129
last-modified
Wed, 18 Nov 2020 18:49:48 GMT
server
nginx
age
13827332
etag
W/"5fb56ccc-2e1"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
460
expires
Fri, 29 Apr 2022 21:35:41 GMT
cookie.min.js
fox4kc.com/wp-content/plugins/hurrytimer/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/hurrytimer/assets/js/cookie.min.js?ver=3.14.1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a6c6d798abe06f6d7714ba4a4318007fdf9e095dd373160edf4134dbedcccdf3

Request headers

:path
/wp-content/plugins/hurrytimer/assets/js/cookie.min.js?ver=3.14.1
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 87 154 3174
last-modified
Mon, 07 Dec 2020 22:38:28 GMT
server
nginx
age
693606
etag
W/"5fceaee4-930"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1179
expires
Fri, 29 Apr 2022 21:35:41 GMT
jquery.countdown.min.js
fox4kc.com/wp-content/plugins/hurrytimer/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/hurrytimer/assets/js/jquery.countdown.min.js?ver=2.2.0
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

:path
/wp-content/plugins/hurrytimer/assets/js/jquery.countdown.min.js?ver=2.2.0
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 87 202 3104
last-modified
Mon, 07 Dec 2020 22:38:35 GMT
server
nginx
age
693606
etag
W/"5fceaeeb-14db"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2374
expires
Fri, 29 Apr 2022 21:35:41 GMT
hurrytimer.js
fox4kc.com/wp-content/plugins/hurrytimer/assets/js/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/plugins/hurrytimer/assets/js/hurrytimer.js?ver=2.8.3
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9101ac92634136631aba7d33d598442369f737d1aa75660f7e57017ebc87db8c

Request headers

:path
/wp-content/plugins/hurrytimer/assets/js/hurrytimer.js?ver=2.8.3
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 87 34 3160
last-modified
Mon, 07 Dec 2020 22:38:34 GMT
server
nginx
age
693606
etag
W/"5fceaeea-65a8"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6014
expires
Fri, 29 Apr 2022 21:35:41 GMT
common.chunk.min.js
fox4kc.com/wp-content/themes/nexstar/client/build/js/ 		274 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1ae1810e79aa302cb0cfe9a338dd7ced6366750a86ab18763771833fe6ee653a

Request headers

:path
/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 91 231 3162
last-modified
Wed, 28 Apr 2021 16:37:47 GMT
server
nginx
age
104207
etag
W/"60898f5b-4499b"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
81969
expires
Fri, 29 Apr 2022 21:35:41 GMT
api-request.min.js
fox4kc.com/wp-includes/js/ 		1 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-includes/js/api-request.min.js?ver=5.6.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e

Request headers

:path
/wp-includes/js/api-request.min.js?ver=5.6.2
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 87 42 3270
last-modified
Mon, 22 Feb 2021 16:05:50 GMT
server
nginx
age
693606
etag
W/"6033d65e-401"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
589
expires
Fri, 29 Apr 2022 21:35:41 GMT
global.bundle.min.js
fox4kc.com/wp-content/themes/nexstar/client/build/js/ 		120 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/js/global.bundle.min.js?ver=ebf3ee829a8a20009565
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
499a1c295f5cc1df1ce8d9456430112e36d8e6f8660d5f834daf77d1b87020b0

Request headers

:path
/wp-content/themes/nexstar/client/build/js/global.bundle.min.js?ver=ebf3ee829a8a20009565
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 91 231 3162
last-modified
Wed, 28 Apr 2021 21:36:44 GMT
server
nginx
age
84735
etag
W/"6089d56c-1deb7"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35918
expires
Fri, 29 Apr 2022 21:35:41 GMT
article.bundle.min.js
fox4kc.com/wp-content/themes/nexstar/client/build/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/js/article.bundle.min.js?ver=4a5132c6faf0d1f3be18
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8c7a99eb5c831752564cf752131ece2392055a1ff0fe0bb38656f029a9d944ee

Request headers

:path
/wp-content/themes/nexstar/client/build/js/article.bundle.min.js?ver=4a5132c6faf0d1f3be18
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 82 87 3118
last-modified
Wed, 28 Apr 2021 16:37:44 GMT
server
nginx
age
104207
etag
W/"60898f58-20c2"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2951
expires
Fri, 29 Apr 2022 21:35:41 GMT
weatherIcons.bundle.min.js
fox4kc.com/wp-content/themes/nexstar/client/build/js/ 		1 KB
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/js/weatherIcons.bundle.min.js?ver=6f079c90f45db30c740a
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d82b8dfb84f2f542649a004a93c236acf675477fcc5fe0ba222b8cf840f0bb09

Request headers

:path
/wp-content/themes/nexstar/client/build/js/weatherIcons.bundle.min.js?ver=6f079c90f45db30c740a
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 91 239 3108
last-modified
Wed, 28 Apr 2021 16:37:45 GMT
server
nginx
age
104207
etag
W/"60898f59-45c"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
560
expires
Fri, 29 Apr 2022 21:35:41 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js?ver=1.0.0
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Thu, 29 Apr 2021 21:35:41 GMT
x-host
s7.addthis.com
content-length
116325
video-playlist.bundle.min.js
fox4kc.com/wp-content/themes/nexstar/client/build/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/js/video-playlist.bundle.min.js?ver=88433529bbbe1ac1d09b
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d8c9e41e6b5dacbfffd977d65a37e6ce0e3db4ec52e60302a3ddc502a76ade4f

Request headers

:path
/wp-content/themes/nexstar/client/build/js/video-playlist.bundle.min.js?ver=88433529bbbe1ac1d09b
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 91 231 3162
last-modified
Wed, 28 Apr 2021 16:37:47 GMT
server
nginx
age
104207
etag
W/"60898f5b-41ba"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5270
expires
Fri, 29 Apr 2022 21:35:41 GMT
weather.bundle.min.js
fox4kc.com/wp-content/themes/nexstar/client/build/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-content/themes/nexstar/client/build/js/weather.bundle.min.js?ver=ef019ac3ec86413fcf00
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
14c6a15b8e192ef6d1e48e6e836e3d7bdd2af9cdb2f7bbb0650ec8cc14e3f762

Request headers

:path
/wp-content/themes/nexstar/client/build/js/weather.bundle.min.js?ver=ef019ac3ec86413fcf00
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 91 235 3102
last-modified
Wed, 28 Apr 2021 16:37:51 GMT
server
nginx
age
104207
etag
W/"60898f5f-24a7"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2851
expires
Fri, 29 Apr 2022 21:35:41 GMT
wp-embed.min.js
fox4kc.com/wp-includes/js/ 		1 KB
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.6.2
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-rq
hhn2 87 188 3109
last-modified
Mon, 22 Feb 2021 16:05:49 GMT
server
nginx
age
693606
etag
W/"6033d65d-592"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
765
expires
Fri, 29 Apr 2022 21:35:41 GMT
e-202117.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202117.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 17 Apr 2022 18:54:34 GMT
cs
nexstar.blueconic.net/DG/DEFAULT/ 		17 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1023
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
6a7d91dc0162759eec1de6b57e6aca7209ba6eb8411deb91fe0937d379329d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
37
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
bob_001.js
bob.dmpxs.com/static/ 		375 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bob.dmpxs.com/static/bob_001.js?bob_cb=1619732141158624&cats=News&bob_kw=&bob_desc=Chipotle%20recently%20announced%20plans%20to%20give%20250%2C000%20burritos%20to%20medical%20professionals%20across%20the%20U.S.%20as%20a%20thank-you%20for%20their%20hard%20work%20amid%20the%20ongoing%20COVID-19%20pandemic.&story_author=Nexstar%20Media%20Wire&page_url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:15:4f24:a700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeffd5bbfaab5cfe1f4fc4782758d3842c46934570315d1a3db77cfa8f26444e

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 00:57:49 GMT
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
last-modified
Mon, 03 Feb 2020 23:21:58 GMT
server
AmazonS3
age
74273
etag
"f00524e8c7ca39015b0b9c93af98df63"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
375
x-amz-cf-id
VE3kLLOooESLRuMadDX_qotz87GmC_xmXzn0-dFNvaPY03eskjaCxg==
apstag.js
c.amazon-adsystem.com/aax2/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oW1WkUw3q0XgFvWQKZ1dWZFi0xUowDr9
content-encoding
gzip
server
Server
age
420
etag
8975e8311e479cf7d71d71133ee2dff8
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Thu, 29 Apr 2021 21:28:41 GMT
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
SoLG0HA27afMVXI3ycNGLjDAEzBWha-vgJMd6hMmu6HqUSQy0W9_pQ==
gtm.js
www.googletagmanager.com/ 		169 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8KXH4Q
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e2f2738c6d4bb9c048feb9cb7a04eb24ad589b9b49efd1196f56c179a6896ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48287
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:41 GMT
css2
fonts.googleapis.com/ 		2 KB
575 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&display=swap
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/wp-content/plugins/hurrytimer/assets/css/main.css?ver=2.8.3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fe44a806e0223751e7115927c35dca0544586c39ccb6495b74325bf0dbeff8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 20:53:33 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:41 GMT
cropped-fox-4-logo-1-1.png
fox4kc.com/wp-content/uploads/sites/16/2020/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fox4kc.com/wp-content/uploads/sites/16/2020/02/cropped-fox-4-logo-1-1.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
680bbbfb960a40a31a69f31e3db113890f5fe0d5f6b3084bce8f8e0710170ceb

Request headers

:path
/wp-content/uploads/sites/16/2020/02/cropped-fox-4-logo-1-1.png
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
x-rq
hhn2 109 30 443
last-modified
Thu, 13 Feb 2020 20:08:03 GMT
server
nginx
etag
"627cf13f168f2150"
x-cache
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7136
expires
Fri, 05 Nov 2021 08:12:32 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c7037d26080ccf2cfc3b0ae03977d64b887f91c0b95b01ccefe8bbc7dbbb54f

Request headers

Origin
https://fox4kc.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		274 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55b5cf60454d0dee1d6dae37df022387de25b74e9270078056a5b9dab3d40a9f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700&display=swap&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fox4kc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 19:15:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:52:25 GMT
server
sffe
age
181205
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35284
x-xss-protection
0
expires
Wed, 27 Apr 2022 19:15:36 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fox4kc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
age
387123
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:03:38 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700&display=swap&ver=1.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://fox4kc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 12:25:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
age
551402
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
expires
Sat, 23 Apr 2022 12:25:39 GMT
vaccinating_kc_1200x100.jpg
fox4kc.com/wp-content/uploads/sites/16/2021/01/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fox4kc.com/wp-content/uploads/sites/16/2021/01/vaccinating_kc_1200x100.jpg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e62952db0f09c86d5ae7ad75d401f02d6f897ce6929c999c2a8c579072a2b1c9

Request headers

:path
/wp-content/uploads/sites/16/2021/01/vaccinating_kc_1200x100.jpg
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
x-rq
hhn2 109 30 443
last-modified
Thu, 14 Jan 2021 19:40:15 GMT
server
nginx
etag
"52c42ea513160a53"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
58155
expires
Wed, 19 Jan 2022 22:26:09 GMT
lost-kc-girls.jpg
fox4kc.com/wp-content/uploads/sites/16/2021/04/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fox4kc.com/wp-content/uploads/sites/16/2021/04/lost-kc-girls.jpg?w=740&h=400&crop=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4a617f772fda204bbb2924bc5e62110ae243221c619741a539c89312816c8840

Request headers

:path
/wp-content/uploads/sites/16/2021/04/lost-kc-girls.jpg?w=740&h=400&crop=1
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
x-rq
hhn2 109 30 443
last-modified
Thu, 29 Apr 2021 21:35:41 GMT
server
nginx
etag
"163dddbfcf533fac"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
50002
expires
Fri, 29 Apr 2022 21:35:41 GMT
john-2.jpeg
fox4kc.com/wp-content/uploads/sites/16/2020/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fox4kc.com/wp-content/uploads/sites/16/2020/07/john-2.jpeg?w=876&h=493&crop=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0a9662df7b184e695b7a3690b153e30acb42c1d2faf8d5f59b49a45a64aab925

Request headers

:path
/wp-content/uploads/sites/16/2020/07/john-2.jpeg?w=876&h=493&crop=1
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
x-rq
hhn2 109 86 443
last-modified
Tue, 27 Apr 2021 02:42:09 GMT
server
nginx
etag
"35959b7fd1fb44fb"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17466
expires
Wed, 27 Apr 2022 02:42:09 GMT
GettyImages-1226903756.jpg
fox4kc.com/wp-content/uploads/sites/16/2021/01/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fox4kc.com/wp-content/uploads/sites/16/2021/01/GettyImages-1226903756.jpg?w=876&h=493&crop=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
48b3aa843b8f5bd03e01167c8136eea81acdd4913493ddfa274f729da332b8e8

Request headers

:path
/wp-content/uploads/sites/16/2021/01/GettyImages-1226903756.jpg?w=876&h=493&crop=1
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
x-rq
hhn2 109 30 443
last-modified
Thu, 29 Apr 2021 21:12:26 GMT
server
nginx
etag
"51ffa1117ea04679"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
62296
expires
Fri, 29 Apr 2022 21:12:26 GMT
cv_pixel.js
adservices.brandcdn.com/pixel/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.169.253.10 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-253-10.us-west-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 14:43:33 GMT
server
Apache/2.4.29 (Ubuntu)
etag
"613-5c0a4d1fc7d19-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
745
iframe
d1eoo1tco6rr5e.cloudfront.net/o6zqvps/kjs3ype/ Frame E008
Redirect Chain
  • https://insight.adsrvr.org/tags/o6zqvps/kjs3ype/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/o6zqvps/kjs3ype/iframe
138 B
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/o6zqvps/kjs3ype/iframe
Requested by
Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/kansascityhouse_vfzscmvfmxfzeja9/WDAF.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.115.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-115-202.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3daf62250531640c0fae05dc931be9c3237c332e28e9b4e193c4fabc219238b

Request headers

Host
d1eoo1tco6rr5e.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fox4kc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

Content-Type
text/html
Content-Length
138
Connection
keep-alive
Last-Modified
Sat, 30 Jan 2021 00:33:39 GMT
Accept-Ranges
bytes
Server
AmazonS3
Date
Thu, 29 Apr 2021 10:46:58 GMT
Cache-Control
max-age=86400
ETag
"392becf012c78e1edc6c24ac87188d30"
X-Cache
Hit from cloudfront
Via
1.1 3f18bbc133cf4ddae8afcd8a83c77a98.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MAD50-C1
X-Amz-Cf-Id
1NlmifsGvfvprcoif0UBYQcy7Rkscwp0KbgpIaYdNGfRiRcMsf7yCA==
Age
38924

Redirect headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-type
text/html; charset=UTF-8
content-length
183
location
https://d1eoo1tco6rr5e.cloudfront.net/o6zqvps/kjs3ype/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
/
insight.adsrvr.org/track/conv/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=o6zqvps&ct=0:3ljqfj4&fmt=3
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.148.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=o6zqvps&ct=0:kjs3ype&fmt=3
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.148.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		237 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=fox4kc.com&domain=fox4kc.com&path=%2Fnmw%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
403946f95407be0c1110d721b74d7d686ae2d4a47cc23a508dcc8b7335a3509f

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
age
0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
expires
Tue, 27 Apr 2021 21:35:41 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1619732141.406263,VS0,VE99
content-length
178
via
1.1 varnish (Varnish/6.0), 1.1 varnish
x-served-by
cache-hhn4043-HHN
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a15d4957ae62313fc1cd5de9a9070151f2ec47aa0fe6a0ef9de51a89c16e67b5

Request headers

Origin
https://fox4kc.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6235
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
JOzuBfV7k3VmaYd9ymvM-eiGkF6nOcHXDPJtlN7rle8GXMCpSfwJiQ==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
pubads_impl_2021042701.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108684
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:41 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202104291546/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202104291546/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Y2Nn8JmiAY8HpnF4sl5n7J71jaI/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc0d2deadf94a1639b5b5bf192fe4eb53a0c3415925915b7424aef775f7c2405

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:41 GMT
Content-Encoding
gzip
Age
42
X-Cache
HIT
Connection
keep-alive
Content-Length
61091
x-amz-id-2
iIFA0Veym33lwjQDtsLSjI3lN16jjN7yfakcxM7ZrlFTKy55Hl2nYanXYjcr7T6KN0uBGkOoEKA=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Thu, 29 Apr 2021 19:47:44 GMT
Server
AmazonS3
X-Timer
S1619732141.418638,VS0,VE0
ETag
"ef9e47135ebe376aa8de004b2f33a73c"
x-amz-request-id
37K4H1921KZT7KNQ
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
37
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202104291546/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202104291546/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Y2Nn8JmiAY8HpnF4sl5n7J71jaI/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eb572bc6895eb21783b802485b91b4f98ea649b18905a22e38f8524240a99e5

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:41 GMT
Content-Encoding
gzip
Age
96
X-Cache
HIT
Connection
keep-alive
Content-Length
28804
x-amz-id-2
XKKdkQ0TXaxZAsUP2PqP++5tBIshyEquc+QFw1j4Q91zAyhv63+PFW0+qdb4xn3lPOZxx5tzMxw=
X-Served-By
cache-hhn4041-HHN
Last-Modified
Thu, 29 Apr 2021 19:47:46 GMT
Server
AmazonS3
X-Timer
S1619732141.472104,VS0,VE0
ETag
"d69f6e8db133ce03b70c6166c7052b7f"
x-amz-request-id
MSAEJ1SKEPE5HVBG
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
102
truncated
/ 		105 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b1f6d3ec2813e531c815407f24ddb9c07f9881864ff4fccdb38d17236aaf40b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
kck-suspect-.jpg
fox4kc.com/wp-content/uploads/sites/16/2021/04/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fox4kc.com/wp-content/uploads/sites/16/2021/04/kck-suspect-.jpg?w=512&h=288&crop=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
44f79ca3c089de506e998688b5d6adea1d322f2c02d074e5dfcd2e5b9a6d6319

Request headers

:path
/wp-content/uploads/sites/16/2021/04/kck-suspect-.jpg?w=512&h=288&crop=1
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
x-rq
hhn2 109 27 443
last-modified
Thu, 29 Apr 2021 21:35:41 GMT
server
nginx
etag
"c822c06b73918f28"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35110
expires
Fri, 29 Apr 2022 21:35:41 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8KXH4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
346
date
Thu, 29 Apr 2021 21:29:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 29 Apr 2021 23:29:55 GMT
gtm.js
www.googletagmanager.com/ 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MS638F&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8KXH4Q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb79e11bcd2d30ed056d61aa254455ae3d7d4146ac8d8c3dee64ffdb2b11d4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40985
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Apr 2021 21:35:41 GMT
nxd.js
ad.lkqd.net/vpaid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/nxd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8KXH4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9583dcc0c1f1dfd292a9e15192ce9e9949866d9ad829074700ca2d94019a822a

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
last-modified
Thu, 12 Dec 2019 17:14:45 GMT
etag
"52ddc19a3c3facbb13dd24020c15edac"
x-hw
1619732141.cds107.fr8.hn,1619732141.cds234.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
1012
load.js
s.ntv.io/serve/ 		353 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:41 GMT
Content-Encoding
gzip
x-amz-request-id
850RXZ8WFFWP605X
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
cZ0wzy+SGxc03Ku7PddrY7QWNtwxieiRDuAdd7d0KNmij4gjUPJ+Z5SClvxPYnQal7+eOPtXKj4=
Last-Modified
Thu, 29 Apr 2021 14:16:53 GMT
Server
AmazonS3
ETag
"4330b9a8c8acd8b7385eb09575a0f098"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-7.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:06:44 GMT
via
1.1 d91c21a06968968452d701ff77f35a70.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
KSZ7GVoZmD3Q_p6yyDH6DQw0sDxItp7asWzGOcR_-7Xvf1GNraA6jg==
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:16:29 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
22752
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d5d4d284c2005ab214a2c9b6195c55c5.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
VruVstj9gnGPeDxqOdAGg96GY1Ww5LjanOwBeRUZiut4FlEE52IJcg==
expires
Fri, 30 Apr 2021 15:16:29 GMT
PCF9313EA-0E2B-40A8-BA77-587A06282588.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PCF9313EA-0E2B-40A8-BA77-587A06282588.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:1e00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c67bb8e7c7a04af3167d5a0253d6c0fad67db01c9077b0592d8eefdcd522d67c

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8E6EZNFXzAH59v64iCVTiYUwLEF1bgbc
content-encoding
gzip
etag
W/"ac03dab8a7976f0e72d281196a062595"
last-modified
Thu, 29 Apr 2021 17:17:51 GMT
server
AmazonS3
x-amz-cf-pop
MAD50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Thu, 29 Apr 2021 21:35:41 GMT
x-amz-cf-id
4BtKMHi3oetLCET0xz5BCYMzHqg55o9CJoJSOVHJgOFns6jUIeYALQ==
ats.js
ats.rlcdn.com/ 		184 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-63.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 29 Apr 2021 00:29:11 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 08:07:05 GMT
server
AmazonS3
age
75991
etag
W/"535a44cb49d4769cf9ec82fbcba860c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
PU5uQG8k6fF7c8ExjUxBI8zMqnTbvUtK
via
1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
content-type
application/javascript
x-amz-cf-id
Wg4R_mq2olMOjnVNYJ1Jfg-zy2nMGt0q_IheGh7oOLqkIuK3gCT-KA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/wp-content/client-mu-plugins/jetpack/_inc/build/facebook-embed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8bb84d5d7af69e26b9900a13820ac741ca423b60e88141c6c11ea075974e3a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bDF7rQCa9PnxovIqrrag6Q==
cross-origin-resource-policy
cross-origin
expires
Thu, 29 Apr 2021 21:46:52 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
+9APVgGmhHlOsY6Ir/40+9Se0pK56D+AQNgJ1gpiyZpQ3DzdMNjvR3OJLyFM8sr3h8fI9yD56O3uWTHI76ve1Q==
x-fb-trip-id
686109401
x-fb-content-md5
f7d70098f49f90dbcdb6af3be3e7e87f
date
Thu, 29 Apr 2021 21:35:41 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9139c4d25c35f89d5821e86a6b445db7"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
fox4kc.com/wp-json/lakana/v1/template-variables/ 		197 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fox4kc.com/wp-json/lakana/v1/template-variables/
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.128 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2984827421438cea8bef5d9feafe0ac3c700c6ca8d7250eb21f6c23dcdb25883
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/wp-json/lakana/v1/template-variables/
pragma
no-cache
cookie
usprivacy=1---; last_visit_bc=1619732141155; BCRevision_1619732141158=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22entrypage%22%3A%5B%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%2C%22currentresolution%22%2C%22entrypage%22%5D%2C%22newvisitlistener_timeline%22%3A%5B%22new_visit_bc%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141158%22%7D; BCRevision_1619732141159=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1619732141159%22%7D; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
fox4kc.com
referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-cache
miss
vary
Accept-Encoding, Origin
x-rq
hhn2 91 226 3117
server
nginx
allow
GET
content-type
application/json; charset=UTF-8
link
<https://fox4kc.com/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=120
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.3.2&blog=171039198&post=1678631&tz=-5&srv=fox4kc.com&host=fox4kc.com&ref=&fcp=1077&rand=0.49965544877694845
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=46794
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
publisher:getClientId
ampcid.google.com/v1/ 		74 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://fox4kc.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=fox4kc.com&p=%2Fnmw%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&u=RLzxOBmLY0IZB1qT&d=nxsttv.com&g=23192&g0=News&g1=Nexstar%20Media%20Wire&n=1&f=00001&c=0&x=0&m=0&y=7349&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1489&t=D3jcHIgQ0SgDKz9imtZuvjB_vwU1&V=126&i=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&tz=-120&sn=1&sv=BgbctnBsM6vhI5YWqDomGjGBlTHok&sd=1&im=064b0c5f&_
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.178.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-178-4.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Apr 2021 22:02:35 GMT
.js
dyv1bugovvq1g.cloudfront.net/67/fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/ 		2 KB
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/67/fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/.js
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:e00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e2aa5242a32efc04cdbc92e34fec31555cc0f6a9666cca6ed287b030be06621

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:43 GMT
content-encoding
gzip
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
content-length
396
access-control-allow-origin
https://fox4kc.com
last-modified
Thu, 29 Apr 2021 21:25:42 GMT
server
AmazonS3
etag
"f876b29ec80142667b444939bbe2638d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control
max-age=300
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
onQJO9h6oUrT4dY1N6UVw5DOsDU72LAHuEluZsbBFOK7ticLeVyNJw==
prebid
ib.adnxs.com/ut/v3/ 		53 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:41 GMT
X-Proxy-Origin
185.236.201.132; 185.236.201.132; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.199:80
AN-X-Request-Uuid
17999c8a-3fa6-4ce3-b84c-0ee46ae46b76
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.30.0&referrer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tmax=3000
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.26.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-26-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://fox4kc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=514269&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22284508827a87b71%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A8%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%224.30.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222982ba2bc7de7e9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514269%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2230a8b93ade17e13%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514271%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22313912602622c82%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514273%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232ba400257d620e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514281%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233a3836a41a2936%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514281%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2234d776279d6a868%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514285%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235cbf3dd7e0d55d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514283%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2236390fc24b146db%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514283%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2237432f9363a7ea4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514279%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2238aeae57a91c77%22%2C%22ext%22%3A%7B%22siteID%22%3A%22514267%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd9597762d75385e34ccd2d9d95c6b98cb8d06538385ef2de0a3258a028216f3

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.236.201.132], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://fox4kc.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 29 Apr 2021 21:35:41 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		258 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722170&size_id=2&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=109dee2e-0fc0-43fc-bb4c-5c22c73b2560&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.4046132239766207
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e89a550cdffc80d3ead84bce8934804d9dd8e7217ce0e82b5f80d6fc72f92159

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:41 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
258
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		258 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722178&size_id=2&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=0ccbbf0e-5cd5-4d70-aa9e-e5aacdfb90e6&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6259993932304808
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f60294f9020b92f80f6f98f5b63acfebd71f1e2319fc87325eea29a613135037

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:41 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
258
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		258 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722188&size_id=2&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=c5ed08d6-a3d4-44bd-8c3b-633f800c3ab9&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.18681215123669692
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
72b15e6150652eb5a5a8f7b2019584f0b5ed7c5095093902cd404ffa9197b9dc

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:41 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
258
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		279 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722274&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=019760ad-e900-41d2-b79c-d9f078584e10&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.45314919742354864
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0e34feaf346530ba9bede942aa43bfc51f20183bf7c90157e4ef173c3350fafe

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:41 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
279
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722310&size_id=15&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=c639e016-8a35-4ab4-822a-9ee5834acc45&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8620585834079069
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7a2cf1afa1f950b603a5773a907314eb3312bbf6975a4ea20f608ad383a59e0d

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		279 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722286&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=db045651-ec1d-465d-9cd8-2c896b08e0d0&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.19971902461628344
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
27d77784fbb94004e7db74a8f4f96379150ead7721f702bd4321ff832b6f8379

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
279
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		258 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722232&size_id=2&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=d8e4c6e4-ed2d-4c9b-8b08-2e4c1e671afd&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.43725770735090164
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3bb267e7317a9758a4c8c89853cefe05481315b528872e95bbdc2ae5fd1b6d76

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
258
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		258 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10043&site_id=330088&zone_id=1722164&size_id=2&rf=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tg_i.d_code=176%2C900&tk_flint=pbjs_lite_v4.30.0&x_source.tid=dd0a2f5b-d432-40a7-9eef-bb2700ffd67b&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.6748545095683456
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ad763d3dd8a3e0c2bb7dc318bb03194649040d268c08b26a761b1f9ee1c61aa7

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fox4kc.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
258
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D67%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=67
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
3.236.169.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-236-169-17.compute-1.amazonaws.com
Software
/
Resource Hash
c60d4d210e7b41fb6e98b170b5f8558c3814d45e1b7159dcecdaefc5f3c45a66

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 29 Apr 2021 21:35:42 GMT
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId
6d369253-b2dc-57d7-ab00-cb569a322e56
Content-Length
378
Content-Type
text/xml
sdk.js
connect.facebook.net/en_US/ 		210 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=272e0027f618ce524110a860cb85bc35&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b8be7ba027c0a959ed94be985966c7d8ae6786993c9e3bf4e4f5c63e496c1d7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://fox4kc.com
Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OWdYqbnLVL1IY8GNVzloVQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
63588
x-fb-rlafr
0
x-fb-debug
D66+fV1O/QekMYr2vgoNdaILZGmeOYeln0oOTsrsk4zA+xzgEItTw/2hY1AiwBdzbsQeIs1rlun9ozxhx020MA==
x-fb-content-md5
a7338e4127caea3c21fec8ebb42b564c
x-frame-options
DENY
date
Thu, 29 Apr 2021 21:35:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"eb13929b80af83401d6c76aa6eac1dd1"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 29 Apr 2022 18:45:57 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		148 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3410&u=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&pid=r79i2q8sGvhaP&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%2C%22970x30%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fbillboard1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fleader_mr3%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fleader_mr1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fleader_mr2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fmr_combo1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fmr1%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fmr_combo2%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fleaderboard3%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5678%2Fnx.wdaf%2Fadhesion%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
35b0f879b37a1c0016ca2b1c56249d7068cea221e1d69ab45892be2fd9992d57

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://fox4kc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
147
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
x-amz-cf-id
DIvn_nbPcBPm9T4tbN_Tg2IjoS3uhX0FG47bAFEh6hT2dnmKBJfv6g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
55323
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Thu, 29 Apr 2021 06:13:39 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
T5qhnl3kXMfxLsPAsNXcvV-M6LuQ5-P64SvIARw34uT1IGB5Cgezzg==
/
trends.revcontent.com/api/demand/ 		52 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=138650&us_privacy=1---
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
299588ff6b2b8bf358ddea40fda087b1ef56600b51b0d02c2928dfc34eb847c5
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
server
Apache/2.4.25 (Debian)
strict-transport-security
max-age=931536000; includeSubDomains
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://fox4kc.com
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
content-length
52
sync
trends.revcontent.com/ 		62 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c4de6c1993bb6a96abd39db3347427c58ef4aa49c9967c3e9f314f1e859ce142

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
etag
"cfefa9c8-0900-4665-8878-660ec5a2ac9b"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://fox4kc.com
cache-control
max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials
true
content-type
application/json
content-length
62
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS638F&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
b4a91cf5d01095394d3f9eb031b1a2a0e18521f196600f3ad0bdb8b85e337253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13907
x-xss-protection
0
server
cafe
etag
5407042001371730036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:35:41 GMT
tribune.js
tru.am/scripts/custom/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/custom/tribune.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS638F&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publisher:getClientId
ampcid.google.de/v1/ 		3 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://fox4kc.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036439&cs_ucfr=&ns__t=1619732141763&ns_c=UTF-8&cv=3.5&c8=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036439&cs_ucfr=&ns__t=1619732141763&ns_c=UTF-8&cv=3.5&c8=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036439&cs_ucfr=&ns__t=1619732141763&ns_c=UTF-8&cv=3.5&c8=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&c7=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&c9=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-7.txl52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:41 GMT
via
1.1 d91c21a06968968452d701ff77f35a70.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
07YdnZCKPgQ2m-RgjUR5JSZ5y5YOQ7dCTEqhtpSt07VVbLvw7aO1Qg==

Redirect headers

date
Thu, 29 Apr 2021 21:35:41 GMT
via
1.1 d91c21a06968968452d701ff77f35a70.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036439&cs_ucfr=&ns__t=1619732141763&ns_c=UTF-8&cv=3.5&c8=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here's%20how%20to%20get%20one&c7=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&c9=
content-length
341
x-amz-cf-id
CKRhsn_v8dNvWa-4OcWqIRALW4jgMpjx7eJ58FwE2uezh5H1iWzB9Q==
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		188 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PCF9313EA-0E2B-40A8-BA77-587A06282588.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:1e00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
peRL4Yb0Ubr51vTPkyyXuScofZHOG6Uw
content-encoding
gzip
etag
W/"60cee9f8a6ab7076638a1b6a01bc9269"
last-modified
Wed, 28 Apr 2021 14:18:22 GMT
server
AmazonS3
age
1035
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 29 Apr 2021 21:18:27 GMT
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
0tGsZy2a8rAc_bHmF-aRRLRX5dVV_EpC-iJnDkgN0ZnXO4DOYslj1Q==
t
jadserve.postrelease.com/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.219.139.115 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-139-115.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
34622ad81fd819e8ee476038e05c8e4ba1bf030ffb1627ee96553bc3601de6b9

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
3283
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
geo.privacymanager.io/ 		30 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.144.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-144-89.txl52.r.cloudfront.net
Software
/
Resource Hash
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 04:31:06 GMT
via
1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront), 1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
age
61475
x-amzn-requestid
5bb16ffc-3c89-4c8c-b676-81b9e9328202
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-608a368a-41cbc14047fd622e42bf1569;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-C1, TXL52-C1
x-amz-apigw-id
eh11sED-DoEFdyw=
content-length
30
x-amz-cf-id
zsY99rS5Fy1CvTnWaBuZgY6UcZuFwFsDKAbnA09fcRYdEQB60purAQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-24145171-1&cid=1084135479.1619732142&jid=244371944&gjid=63235770&_gid=730268490.1619732142&_u=YGBAgEABAAQCAE~&z=618804563
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 29 Apr 2021 21:35:41 GMT
content-type
text/plain
access-control-allow-origin
https://fox4kc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1369257076&t=pageview&_s=1&dl=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&dp=%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&ul=en-us&de=UTF-8&dt=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAQC~&jid=244371944&gjid=63235770&cid=1084135479.1619732142&tid=UA-24145171-1&_gid=730268490.1619732142&gtm=2wg4l3N8KXH4Q&cd1=GTM-N8KXH4Q&cd2=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&cd3=&cd4=Nexstar%20Media%20Wire&cd5=0&cd6=0&cd7=218&cd8=Thu%20Apr%2029%202021&cd9=2021&cd10=Thursday&cd11=10%3A09%20AM&cd12=23%3A35&cd15=FOX%204%20Kansas%20City%20WDAF-TV%20%7C%20News%2C%20Weather%2C%20Sports&cd16=&cd17=News&cd18=UA-24145171-1&cd19=article&cd22=8&cd31=News&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd33=&cd35=visible&cd36=201%20-%20300&cd37=c7632efb-3257-4fa9-9563-4c61ca51a11f&cd38=(not%20set)&cd39=1---&cd40=nxs-107-article-115616&cd51=Nexstar&cd53=nxs-1-lin-syndicated-post-540329&cd34=1084135479.1619732142&cd25=Food%20%26%20Drink&cd26=Restaurants&cd27=(not%20set)&cd28=0.75&cd29=0.2&cd30=Fans%2Chealth%20care%20workers%2Chealth%20care%20heroes%2Cprofessionals%2Csocial%20media%20users%2Cworkers%2Cfrontline%20heroes%2Ccustomer%2CChris%20Brandt&cd43=Chipotle%2CNEXSTAR%2Crestaurant%20chain&cd44=(not%20set)&cd45=events&cd46=posts&cd47=nation%2CU.S.%2Ccountry&cd48=burritos%2Cplans%2Clunch%2Cwork%2Cgift%20card%20program%2Cwords%2Cthanks%2Cthank-you%20wall%2Csupplies%2Cpandemic%2Cgift%20card%2CCOVID%2Cappreciation%2Caddition&z=952550694
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 10:05:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41431
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
post.php
www.facebook.com/v2.3/plugins/ Frame 64BB 		79 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=272e0027f618ce524110a860cb85bc35&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48689abf89f01811f11e6d139223b8caa377ab19c7ebe51db2a01dde2adfc641
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
content-encoding
br
strict-transport-security
max-age=15552000; preload
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
cross-origin-opener-policy
same-origin-allow-popups
content-type
text/html; charset="utf-8"
x-fb-debug
r9TdKEoCqonQ2B9wCxc3EHaW7ntavKzg2Vvk4uPxsobZf0xux0K/RfwFMPnb6oL2xQrAbl+adwoB4MFDpTFbeQ==
date
Thu, 29 Apr 2021 21:35:41 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 411A 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:1e00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

content-type
text/html
last-modified
Mon, 26 Apr 2021 14:08:25 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
NVg9oFBsxyABfC8leYCHsI6QwCEDz7V4
server
AmazonS3
content-encoding
gzip
date
Thu, 29 Apr 2021 21:09:13 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a79264f1781916a9abe8d5b96e40a058.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
u7zcT8HT81JwE4PYHMAp8ZgdbG6oMSOVnE1dTFtPQodm7fptGfGR3Q==
age
1589
/
insight.adsrvr.org/track/pxl/ Frame E008 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=o6zqvps&ct=0:kjs3ype&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/o6zqvps/kjs3ype/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.148.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/803968365/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803968365/?random=1619732141889&cv=9&fst=1619732141889&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50998fb44ffbcaa7a75aafff905bf0a969a0e310457d59950b9431cc2b883bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1085
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/803968365/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/803968365/?random=1619732141892&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&hn=www.googleadservices.com&bttype=purchase&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3fccfd1e86b93a73276bb90aec22c777a09985779daf15cc5ced5605b310cb70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1282
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ 		56 B
378 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=446&r=2&j=revCriteoRTUSCallback&us_privacy=1---
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 29 Apr 2021 21:35:41 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1235
content-length
172
expires
60
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://fox4kc.com
date
Thu, 29 Apr 2021 21:35:42 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
trends.revcontent.com/api/delivery/ 		38 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=138650&width=1600&us_privacy=1---&rev_allow_cookies=1&site_url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&icr_url=&va=1&user_uuid=cfefa9c8-0900-4665-8878-660ec5a2ac9b&time=1619732141900&up=pc&bn=chrome&bv=89&widget_width=876
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
c3f060e512b4453c571aed3e19e954aedf2dc1ec9d6f59103ff0c8180a35a16a
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://fox4kc.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
content-length
15069
/
www.google.com/pagead/1p-user-list/803968365/ 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/803968365/?random=1619732141889&cv=9&fst=1619730000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&async=1&fmt=3&is_vtc=1&random=1777582735&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/803968365/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/803968365/?random=1619732141889&cv=9&fst=1619730000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&async=1&fmt=3&is_vtc=1&random=1777582735&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 411A 		44 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PCF9313EA-0E2B-40A8-BA77-587A06282588&sessionId=evbrhuvkwtis8r5qk6dfliicscirv1619732141&c16=sdkv,bj.6.0.0&uoo=&fp_id=ksurmwqrl6ee089fgc3o4kemrqq6n1619732141&fp_cr_tm=1619732141885&fp_acc_tm=1619732141885&fp_emm_tm=1619732141885&ve_id=&c30=bldv,6.0.0.594&retry=0
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.217.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-217-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:42 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
evbrhuvkwtis8r5qk6dfliicscirv1619732141.nuid.imrworldwide.com/ Frame 411A 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evbrhuvkwtis8r5qk6dfliicscirv1619732141.nuid.imrworldwide.com/
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:4800:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 02:04:50 GMT
via
1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
70253
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
WIIu5MTjC3bFincTuQjJ-sUrhwUobdoG8DOFEpmCm4BT3j37q34vmQ==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-24145171-1&cid=1084135479.1619732142&jid=244371944&_u=YGBAgEABAAQCAE~&z=1517892346
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-24145171-1&cid=1084135479.1619732142&jid=244371944&_u=YGBAgEABAAQCAE~&z=1517892346
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://fox4kc.com
date
Thu, 29 Apr 2021 21:35:42 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
54798658_10157121477224253_3635582218543300608_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p40x40/ Frame 64BB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p40x40/54798658_10157121477224253_3635582218543300608_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=jshum1JYB4MAX9w8Ut3&_nc_ht=scontent-frx5-1.xx&tp=27&oh=52916b5851074899ef634f78dc8e6912&oe=60B06926
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
085601c2e3db9a3b89a922b774ee152280779647790f7b1c575ff76b8bb00d68

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2460216711
date
Thu, 29 Apr 2021 21:35:41 GMT
x-fb-trip-id
917726464
last-modified
Tue, 26 Mar 2019 20:40:48 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1941783785
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1246
afk-8279vNB.png
www.facebook.com/rsrc.php/v3/yM/r/ Frame 64BB 		522 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yM/r/afk-8279vNB.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b27e8c5823c90a3d22394ca95e0f70c935fc02b610f9f04447b87b3d4908c5b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
2aBQ3aUBK9E9/EKzI9YM69yBHl14q6h0PZq3O8RbrWQjjtPcAteK0ZNZJDLzPwRA0z5xALeMtSn9HjndZG/xKQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
3F2V8DkEuvPJ1AB5Ik0Jig==
date
Tue, 20 Apr 2021 00:45:18 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
522
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 00:45:18 GMT
179642220_10159198787774253_6542837725221012939_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p350x350/ Frame 64BB 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p350x350/179642220_10159198787774253_6542837725221012939_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=8024bb&_nc_ohc=D5czIPRVascAX_2XOXh&_nc_ht=scontent-frx5-1.xx&tp=6&oh=e04006e54824d488192ced7db8ffd7cf&oe=60B16DC4
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a8079f8ffce29139148c1266e7cff7b54cf488f3dcd5093b27382ecb3cd32

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
4276911172
date
Thu, 29 Apr 2021 21:35:41 GMT
x-fb-trip-id
917726464
last-modified
Tue, 27 Apr 2021 15:01:26 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3386705902
x-fb-config-version-olb-prod
1088
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
26904
OJ9vHp8_VCm.js
www.facebook.com/rsrc.php/v3i9744/yR/l/en_US/ Frame 64BB 		730 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3i9744/yR/l/en_US/OJ9vHp8_VCm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74ba53e559aad4cd97d76d532878492efcee908cab0c2d1a6907f5cfd9ffea0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 23:37:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kKQYVlM6dnP1oIano3LxQw==
cross-origin-resource-policy
cross-origin
content-length
189118
x-fb-rlafr
0
x-fb-debug
oWFhGUqt794taGxOeN9LrCJAs255YVswDgvKzO8Cs31UdTvOvud80/7dMYZICryAkafgWC26S2e2pb8eZdOhyA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Apr 2022 23:37:17 GMT
qGoWo6gBwwP.png
www.facebook.com/rsrc.php/v3/yy/r/ Frame 64BB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
DfbpoHVBs/gSFGG+0TYywiTIMQEYvIYxQBOv1qVqZwC+sPiDFDFwGjPZ6DQSPqcc9x9QANKmSIynw7DpUWRXsA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
iN31dShDArRt9ZikrDb13w==
date
Mon, 26 Apr 2021 10:25:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
2616
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Tue, 26 Apr 2022 10:25:46 GMT
2764.png
www.facebook.com/images/emoji.php/v9/t6c/1/16/ Frame 64BB 		436 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/images/emoji.php/v9/t6c/1/16/2764.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d2c7c5dd5a210855e87667cf7cf52cde6b9d39c68408fcdbbaf3788a5fe2f90c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
DZ3QjvpDLhRvW3Kgyh4UzqTuWf0AEN4XuGCDD2NenrIPw14RwgbAZ1qpi5qesHtQIRzR3h6uOqdhE47MWsaxhA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
vfHv65zRFlbw48sCXIpbfw==
date
Tue, 20 Apr 2021 02:38:43 GMT
strict-transport-security
max-age=15552000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
436
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 02:38:43 GMT
L0hsXTmQDMQ.png
www.facebook.com/rsrc.php/v3/yx/r/ Frame 64BB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
BjDfBsgXeqO1SP93yy9p/05EcGDTmURyylRNc8kyjs0m59YCOsl5GHUHv22UuK3pk/TbHZnmSB5mBX/SYe6C/A==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
CTfFh11siKPUBP61de0FYg==
date
Wed, 21 Apr 2021 19:20:55 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
2023
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Thu, 21 Apr 2022 19:20:55 GMT
/
www.google.de/pagead/1p-conversion/803968365/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=25050...
  • https://www.google.com/pagead/1p-conversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=16...
  • https://www.google.de/pagead/1p-conversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=160...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rSaLYPj8OoL57gO2l6z4DQ&cid=CAQSKQCNIrLM6W9ZT6ZU29rA6yCZcUpBKWi4gkXRqq7NQme4_v-vsPoM4EKl&eitems=ChEI8LKphAYQ6fiB9YrN_Kq3ARIdAIKodh3A-YpYJcWwJmAffYFWiR9BJPuGYbAm7jY&random=571196385&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:42 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/803968365/?random=1509618837&cv=9&fst=1619732141892&num=1&value=0&label=qa4YCISlsKcBEO2qrv8C&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&tiba=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rSaLYPj8OoL57gO2l6z4DQ&cid=CAQSKQCNIrLM6W9ZT6ZU29rA6yCZcUpBKWi4gkXRqq7NQme4_v-vsPoM4EKl&eitems=ChEI8LKphAYQ6fiB9YrN_Kq3ARIdAIKodh3A-YpYJcWwJmAffYFWiR9BJPuGYbAm7jY&random=571196385&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 64BB 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619732141975&t_start=1619732141975&t_domcontent=1619732142014&t_layout=1619732142066&t_onload=1619732142066&t_paint=1619732142066&t_creport=1619732142066&t_tti=1619732142014&lid=6956696575672692266-0
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ed50c64f12bc4%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
wFSADDtL02+qiLzHgS0aw82hlQmJvU+i2xrXTq24+x7nM9S29r/Qr/u5ZenbrsqdaNBhVOnoQQjq4XxsHRA0KQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://fox4kc.com
date
Thu, 29 Apr 2021 21:35:42 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
script.js
d1bvk193qme2fc.cloudfront.net/ 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3000:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
655db4b6b6f46e546611c7069cde62f78f909eddcd68345d3c7334fce944ff42

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:33:55 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 14:35:19 GMT
server
AmazonS3
age
109
etag
W/"21ba693be9397bba4beaa4dce0a2704e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
VGYn5t4y22u8GcSItrQYjnlWyCpIZfuI1eTKZRI1Zc-Smfg802TEAQ==
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://fox4kc.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Thu, 29 Apr 2021 21:35:42 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1619732142.cds145.fr8.hn,1619732142.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
last-modified
Wed, 28 Apr 2021 20:30:01 GMT
etag
"1619641801"
x-hw
1619732142.cds012.fr8.hn,1619732142.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=5689
accept-ranges
bytes
content-length
4298
getLiveAlertsByCounties
weather.psg.nexstardigital.net/service/api/v3/alerts/ 		23 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://weather.psg.nexstardigital.net/service/api/v3/alerts/getLiveAlertsByCounties?counties=29095,20091,29047,20209,29037,29165,20103,20121,20045,29177,29049,29101,29013,20107,29025
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf1d0e4bdcf1da9956784b5d2582f6e9d9fd6fe02f42945c7a9fe60142d93cab
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1393
via
1.1 varnish
x-cache
HIT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-length
2890
x-xss-protection
1; mode=block
x-served-by
cache-hhn4074-HHN
x-timer
S1619732142.351082,VS0,VE1
x-frame-options
DENY
strict-transport-security
max-age=300
content-type
application/json
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-cache-hits
1
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 7970
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
270 B
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9115ade0703d42738c98e97cb9d34f3374fcb9d00af019477787b14edf8adbf5

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fox4kc.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7EaeGiukE3Zij7Vesnsnfo|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

Server
Server
Date
Thu, 29 Apr 2021 21:35:42 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
214
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A7EaeGiukE3Zij7Vesnsnfo; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 21:35:42 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 21:35:42 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Thu, 29 Apr 2021 21:35:42 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A7EaeGiukE3Zij7Vesnsnfo|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 21:35:42 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
e4596a5f2ba98ef1f0e097bf016cb191.png
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e4596a5f2ba98ef1f0e097bf016cb191.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c90937c91d398819585cf8f2dc0dcdfae3836f6149bff8891a2b24872d808a7b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2021-04-28T16:04:32.659Z;desc=hit,rtt;dur=0
content-length
38517
last-modified
Wed, 03 Mar 2021 17:12:12 GMT
server
Cloudinary
etag
"10b8ed717f5c2bc3617551958f9d82a0"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds147.fr8.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
4a4316568d00da61beea6ac3ca9f617f.jpg
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/4a4316568d00da61beea6ac3ca9f617f.jpg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6fd36ba1b2767476c229385dc9137ae473443c31e5da73d8eb7374db0a38544e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=2;cpu=1;start=2021-04-28T16:07:08.493Z;desc=hit,rtt;dur=0
content-length
54978
last-modified
Mon, 01 Mar 2021 22:02:02 GMT
server
Cloudinary
etag
"d41448b0529a89b4a540434395d03680"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds260.fr8.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
8052
headerbidding.staqdata.com/prebid/ 		1 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://headerbidding.staqdata.com/prebid/8052
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.241.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.241.107.34.bc.googleusercontent.com
Software
openresty/1.19.3.1 /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
via
1.1 google
server
openresty/1.19.3.1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
1262
check.analytics.rlcdn.com/check/ 		24 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1262
Requested by
Host: nxstrib.com
URL: https://nxstrib.com/wp-content/themes/nexstar/client/vendors/prebid/versions/pbjs-4.30.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
652bff8a8422c643c28e85c881610c09ce8a4dd9c3715654105bb985bdb447cc

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:43 GMT
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
bbc8f45e-befa-4522-9bf5-6ff25ac4966f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-608b26af-50a3ba453fcfeb1a48e16303;Sampled=0
x-amz-apigw-id
ekL7bGjVoAMFv6A=
content-length
24
x-amz-cf-id
EH5MmjwhctA4koje4pXWXtqg0IL85103WHSrSjgEvmSl6hkqZKxw9Q==
integrator.js
adservice.google.ch/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=fox4kc.com
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fox4kc.com
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2708290412864603&correlator=915171243583488&output=ldjh&impl=fifs&hxva=1&scor=2553220682551040&eid=31060784%2C31060790%2C31060841%2C31060922%2C31060934%2C21068030&vrg=2021042701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210429&iu_parts=5678%2Cnx.wdaf%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x30%2C728x90%2C728x90%2C728x90%2C300x600%7C300x250%2C300x250%2C300x600%7C300x250%2C728x90%2C728x90&prev_scp=pos%3Dbillboard1%26fold%3Datf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D486939aee63b593%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DC0%2CD4%2CE1%2CJ0%2CDE%2CB%2CA%26hb_deal%3DC0%2CD4%2CE1%2CJ0%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D486939aee63b593%26hb_bidder%3Doptimera%7Cpos%3Dleader_mr3%26fold%3Dbtf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%7Cpos%3Dleader_mr1%26fold%3Dbtf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D49ac4155ef44b5c%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DA6%2CC7%2CC0%2CD4%2CDE%2CB%2CA%26hb_deal%3DA6%2CC7%2CC0%2CD4%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D49ac4155ef44b5c%26hb_bidder%3Doptimera%7Cpos%3Dleader_mr2%26fold%3Dbtf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D50adb962d183f69%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DA6%2CC7%2CC0%2CD4%2CDE%2CB%2CA%26hb_deal%3DA6%2CC7%2CC0%2CD4%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D50adb962d183f69%26hb_bidder%3Doptimera%7Cpos%3Dmr_combo1%26fold%3Datf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D51381d8073cb6f3%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DA6%2CC7%2CB3%2CC0%2CDE%2CB%2CA%26hb_deal%3DA6%2CC7%2CB3%2CC0%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D51381d8073cb6f3%26hb_bidder%3Doptimera%7Cpos%3Dmr1%26fold%3Dmid%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D5204018b234a46b%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DA6%2CTA2%2CC7%2CDE%2CB%2CA%26hb_deal%3DA6%2CTA2%2CC7%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D5204018b234a46b%26hb_bidder%3Doptimera%7Cpos%3Dmr_combo2%26fold%3Dbtf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D53b305e71e33e48%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DA6%2CC7%2CB3%2CC0%2CDE%2CB%2CA%26hb_deal%3DA6%2CC7%2CB3%2CC0%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D53b305e71e33e48%26hb_bidder%3Doptimera%7Cpos%3Dleaderboard3%26fold%3Dbtf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D54f5203e8448122%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DC0%2CD4%2CDE%2CB%2CA%26hb_deal%3DC0%2CD4%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D54f5203e8448122%26hb_bidder%3Doptimera%7Cpos%3Dadhesion%26fold%3Datf%26category%3Dnews%26kw%3Dchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%26amznbid%3D2%26amznp%3D2%26hb_pb_optimera%3D0.01%26hb_adid_optimera%3D55e67beb40bc23e%26hb_bidder_optimera%3Doptimera%26hb_deal_optimera%3DC7%2CC0%2CD4%2CDE%2CB%2CA%26hb_deal%3DC7%2CC0%2CD4%2CDE%2CB%2CA%26hb_pb%3D0.01%26hb_adid%3D55e67beb40bc23e%26hb_bidder%3Doptimera&eri=1&cust_params=pid%3D1678631%26pagetype%3Dstory%26pagetest%3D56%26sessiontest%3D56%26d_code%3D176%252C900%26nlpcat1%3Dfood_drink%252Cfood_drink%26nlpcat2%3Drestaurants%252Ccooking_recipes%26nlpsent%3Dpositive&cookie_enabled=1&bc=31&abxe=1&lmt=1619732142&dt=1619732142353&dlt=1619732140903&idt=760&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C192%2C192%2C192%2C1108%2C1108%2C1108%2C436%2C436&adys=234%2C4015%2C5758%2C7066%2C479%2C1318%2C3589%2C8016%2C1110&adks=1938417587%2C2807899170%2C2434273716%2C777625645%2C2784530135%2C4163191113%2C3915037579%2C1663625565%2C2128450825&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90%7C876x90%7C876x90%7C876x90%7C300x600%7C300x250%7C300x600%7C1600x90%7C728x-1&msz=1600x90%7C876x90%7C876x90%7C876x90%7C300x600%7C300x250%7C300x600%7C1600x90%7C728x-1&ga_vid=1084135479.1619732142&ga_sid=1619732142&ga_hid=1369257076&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C512%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
54330563bdf51900890dc5645cc018375c55ea6e770e4c2922be126b3f75fec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44270
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fox4kc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c880b053706800a9676c62fd28b4323c.png
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/c880b053706800a9676c62fd28b4323c.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
24926bfadb9a475be70135a75f8edcb50c6c5182d57814b559893f7ca45ccf4f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-04-28T16:10:12.129Z;desc=hit,rtt;dur=0
content-length
38953
last-modified
Mon, 01 Mar 2021 22:02:01 GMT
server
Cloudinary
etag
"272cbf19a1edbe62a662f691bbdfefdb"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds165.fr8.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15353646271993114616.png
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15353646271993114616.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
94c5899f341603c65a4fdb358c0765e6f22262191c8c89d9b929985c805faecd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=122;cpu=1;start=2021-04-28T16:05:20.238Z;desc=miss,rtt;dur=0,cloudinary;dur=26;start=2021-04-28T16:05:20.283Z
content-length
27981
last-modified
Mon, 01 Mar 2021 22:02:13 GMT
server
Cloudinary
etag
"586b1df4adecff29a01e3981ea5f0484"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds203.fr8.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15746815770080261269.jpg
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15746815770080261269.jpg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c7c8f481bdb02c4eae0cc6876a7e2da7471d1509f0107963df87e46d082b23d3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=119;cpu=0;start=2021-04-28T16:04:20.198Z;desc=hit,rtt;dur=0
content-length
10348
last-modified
Mon, 01 Mar 2021 22:02:13 GMT
server
Cloudinary
etag
"958c40d4d9e035dcc9668e126fdf709a"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds236.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
ec09e8903ca5c523a098e0c326f1a77c.jpg
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ec09e8903ca5c523a098e0c326f1a77c.jpg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2878dd9653483a9c226b277ef71e2bd252941a69333582546d5901df4e2a1679
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-04-28T22:10:07.693Z;desc=hit,rtt;dur=0
content-length
37150
last-modified
Thu, 04 Mar 2021 13:53:48 GMT
server
Cloudinary
etag
"afd6e93d886845aea63e3f1224525fc1"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds225.fr8.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5ebbc225829ea2-91928456.jpg
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5ebbc225829ea2-91928456.jpg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
fddecf729fa7416bdf7c765f92e5740c0021078977f41487b9cda39584f96113
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=392;cpu=1;start=2021-04-28T16:05:33.230Z;desc=miss,rtt;dur=0,cloudinary;dur=17;start=2021-04-28T16:05:33.553Z
content-length
15641
last-modified
Mon, 01 Mar 2021 22:02:09 GMT
server
Cloudinary
etag
"bff637622b5a3201b5c05bf8b0b0d91a"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds137.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
38bba651299f9cb457705648635cf7c3.jpeg
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/38bba651299f9cb457705648635cf7c3.jpeg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
71a582b753019a679f1094cf50ba72eeb52466a2eb8c8734834ad616ff7f08ad
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=2;cpu=1;start=2021-04-28T16:06:48.500Z;desc=hit,rtt;dur=0
content-length
41444
last-modified
Wed, 17 Mar 2021 22:32:03 GMT
server
Cloudinary
etag
"011182285db21eee4b023686f690819e"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds219.fr8.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
8a46e31f5b03c1a88f364264b5edcedd.jpeg
images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/q_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/8a46e31f5b03c1a88f364264b5edcedd.jpeg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3c6ae1ea8832608a2315a84009b5613bc8c319adf6f285e93cf59fb9126f8037
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-04-28T16:04:34.033Z;desc=hit,rtt;dur=0
content-length
103100
last-modified
Mon, 01 Mar 2021 22:02:04 GMT
server
Cloudinary
etag
"ca1e55ed46ba7d278d2414a05dec94a1"
vary
Save-Data
x-hw
1619732142.cds149.fr8.hn,1619732142.cds164.fr8.c
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
1022
blue.fox4kc.com/DG/DEFAULT/rest/rpc/ 		57 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A42%2B02%3A00&ts=1619732142412
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
72482e9eb90b811d2493bbad4a27aed71f46cbbbdd239e8a6f2f81cb88826dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
5697
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
RxgoDi-qrgpkGyDBjIXum9jmNkKPXUrsfthGPfQKPaprt4ScXm-yyA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=8333
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:42 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
541CA3CB462144FD
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=46918
accept-ranges
bytes
content-length
55696
x-amz-id-2
WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=
8333
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		319 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/8333?t=2021329237
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4a7b348b3755859ad2b6bf03b1527e2ef4dee28747a95570c015a37ded45d321

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UrWNxl7DVuh1f.iloeOifhJajWstzgCc
last-modified
Thu, 29 Apr 2021 21:31:42 GMT
server
AmazonS3
x-amz-request-id
TWBFM32AZFJHXNTZ
etag
"7ec9a5d6a9c6b1eacda3087a389bf4ee"
content-type
application/octet-stream
date
Thu, 29 Apr 2021 21:35:42 GMT
accept-ranges
bytes
content-length
319
x-amz-id-2
3D+iEV0DT6yM+mhabUFjaocBDaFcqKihFQFtYNhhBxLSv3Co7GxnRu3p/q80T1PWkLHQCy8ciS8=
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://fox4kc.com
date
Thu, 29 Apr 2021 21:35:42 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://fox4kc.com
date
Thu, 29 Apr 2021 21:35:42 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 686A 		2 KB
933 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9ac47c442d04fd0c9f68046963d0e366ece2f06b7755338845853100c710df21

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7EaeGiukE3Zij7Vesnsnfo; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Thu, 29 Apr 2021 21:35:42 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
572
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
amzns2s
rtb.gumgum.com/usync/ Frame 9230 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e4c3d2cf8ba374e5dbe4d7b2d5043efdf72a3260ce9b73b800c024212b201435

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:43 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_e516411b-c1cf-4779-88da-c45ec7b13dea; Domain=.gumgum.com; Expires=Fri, 29-Apr-2022 21:35:43 GMT; Path=/; Secure; SameSite=None
etag
W/"08d610f977c82a0053140e299b2e68746"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 9C3C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8830b9be931919cbf203600cb3203e1de0b80f3ab6eef559f04a14288fa07a31

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIsmrSFb.jqvKg5tiQSx.wAA; CMDD=AAL7wgE*; CMST=YIsmrWCLJq0B
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|230|39|218|5|130|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1698
Expires
Thu, 29 Apr 2021 21:35:42 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:42 GMT
Connection
keep-alive
Set-Cookie
CMID=YIsmrSFb.jqvKg5tiQSx.wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Apr 2022 21:35:42 GMT CMPS=5197;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Jul 2021 21:35:42 GMT CMPRO=1124;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Jul 2021 21:35:42 GMT CMRUM3=82608b26aea8c0&2d608b26ae05a0&c3608b26ae05a00&f1608b26ae05a0&e6608b26ae27600&05608b26ae05a0&27608b26ae0b40&da608b26ae27600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Apr 2022 21:35:42 GMT CMDD=AAL7wgE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Apr 2021 21:35:42 GMT CMST=YIsmrWCLJq4B;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Apr 2021 21:35:42 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame 06C7 		243 B
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:be00:0:70b1:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
027ebb5662706704aa7661aaed3fa22cd075e3dd0691e5bb2583d3663ebf1d60

Request headers

:method
GET
:authority
sync-amz.ads.yieldmo.com
:scheme
https
:path
/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
application/xml
date
Thu, 29 Apr 2021 21:35:42 GMT
server
AmazonS3
x-cache
Error from cloudfront
via
1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
L1w2szr24wGV1XeTSGA-0mr-NUnv6rKjfJBQVQ-Yl4WJi-K0emjCNA==
usync.html
eus.rubiconproject.com/ Frame CDDD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2thTZRUZWfOQhzp4WTUmzkRcTya9WQi+HKKRWt2jyoYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexgivGmuYKhBPK+TT8+Kbwv/ANSf; ses2=; vis2=330088^1; ses15=; vis15=330088^1; khaos=KO3EP3GO-23-6ZWH; audit=1|naVuGyos1qoYJ/w5gC7DohxZXcJNOYA1c6koTeQfwjozX46t8pk3HOp0HfhtiS9l4HEYI5ehIrXxcCDE95GL39zpQ7vzkXQ/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Apr 2021 21:35:42 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 7C06
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
628 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
b661d8659e5596afd3e2491d39e9e3f129216bc0072ca1d8721d91d754cc622e

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7b374b73-38a9-0f53-210e-04378d742f51|1619732143
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7b374b73-38a9-0f53-210e-04378d742f51|1619732143; Version=1; Expires=Fri, 29-Apr-2022 21:35:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619732143|gen0vNiygu; Version=1; Expires=Fri, 14-May-2021 21:35:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 29 Apr 2021 21:35:43 GMT
content-type
text/html
content-length
393
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=7b374b73-38a9-0f53-210e-04378d742f51|1619732143; Version=1; Expires=Fri, 29-Apr-2022 21:35:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.206.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Thu, 29 Apr 2021 21:35:43 GMT
content-length
0
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5DFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=8343462001237815311&ex=districtm
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8343462001237815311&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7EaeGiukE3Zij7Vesnsnfo; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Thu, 29 Apr 2021 21:35:42 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Thu, 29 Apr 2021 21:35:42 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8343462001237815311&ex=districtm
AN-X-Request-Uuid
b57e43a2-b395-4eeb-9f26-b7bc120b3fd4
Set-Cookie
uuid2=8343462001237815311; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 28-Jul-2021 21:35:42 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.236.201.132; 185.236.201.132; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.154:80
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B6B5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=6576930246821193324&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6576930246821193324&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7EaeGiukE3Zij7Vesnsnfo; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Thu, 29 Apr 2021 21:35:42 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Thu, 29 Apr 2021 21:35:42 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=6576930246821193324&ex=appnexus.com
AN-X-Request-Uuid
9ce66db1-9fce-492b-a762-0d8c966366fb
Set-Cookie
uuid2=6576930246821193324; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 28-Jul-2021 21:35:42 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.236.201.132; 185.236.201.132; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.55:80
Cookie set amazon
ap.lijit.com/beacon/ Frame 0FAD
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
110a28da5e8bfc47e12c9149a2ac5c7d17db09e599a2725ec413b2a51c1a57f9

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=afe7bbce5aba2f94241a2413
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 29 Apr 2021 21:35:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjJWsjI0MzKwNDE0NzHTUbIwQ%2BWbovMNDAxRRYzAKgwtzc1NjU3MagGpYRCK;Path=/;Domain=.lijit.com;Expires=Fri, 29-Apr-2022 21:35:46 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=afe7bbce5aba2f94241a2413;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap1ams1

Redirect headers

Server
nginx
Date
Thu, 29 Apr 2021 21:35:45 GMT
Content-Length
0
Set-Cookie
ljt_reader=afe7bbce5aba2f94241a2413;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DBC3
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6837921043824557855
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6837921043824557855
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_ym_rbd_ox-db5_dm_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A7EaeGiukE3Zij7Vesnsnfo; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Thu, 29 Apr 2021 21:35:44 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=6837921043824557855
set-cookie
tluid=6837921043824557855; Max-Age=7776000; Expires=Wed, 28 Jul 2021 21:35:44 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 699B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DED0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631702402874"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:43 GMT
73c236109efae9e0af8eba8a9434fc49
blue.fox4kc.com/plugin/plugin/ 		103 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/plugin/plugin/73c236109efae9e0af8eba8a9434fc49
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
8e65402234ea6d8f8b896f098baaa10ed4335fc0c0c1a09ed9627ea8171eb38a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
258
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
24220
x-xss-protection
1; mode=block
last-modified
Wed, 28 Apr 2021 21:31:25 GMT
server
-
etag
73c236109efae9e0af8eba8a9434fc49
content-type
text/javascript; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA56-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
mV6qXTBakJYPdMacvdMs9xy62CMsTKIr2Oju6dsn37gJtWSTS51bwA==
expires
Fri, 29 Apr 2022 21:31:25 GMT
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8955 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 544A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B862 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C65 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 294B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 29 Apr 2021 21:35:42 GMT
expires
Fri, 29 Apr 2022 21:35:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame CDDD 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 21:43:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18481
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9235
Expires
Fri, 30 Apr 2021 02:43:44 GMT
dcm
s.amazon-adsystem.com/ Frame 9C3C 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YIsmrSFb-jqvKg5tiQSx-wAABGQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9C3C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIsmrSFb.jqvKg5tiQSx.wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbAswiMcv3U2h3AZlsHcmk&google_cver=1&google_hm=2
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbAswiMcv3U2h3AZlsHcmk&google_cver=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbAswiMcv3U2h3AZlsHcmk&google_cver=1&google_hm=2&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 29 Apr 2021 21:35:46 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKbAswiMcv3U2h3AZlsHcmk&google_cver=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
325
Expires
Thu, 29 Apr 2021 21:35:45 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9C3C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIsmrSFb-jqvKg5tiQSx-wAABGQAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 29 Apr 2021 21:35:44 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9C3C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YIsmrSFb.jqvKg5tiQSx.wAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
demconf.jpg
dpm.demdex.net/ Frame 9C3C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIsmrSFb.jqvKg5tiQSx.wAA%261124
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIsmrSFb.jqvKg5tiQSx.wAA%261124
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIsmrSFb.jqvKg5tiQSx.wAA%261124
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-07d1da54e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cgH63cusQRU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-056c20247.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4T91lf0xRGU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIsmrSFb.jqvKg5tiQSx.wAA%261124
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ix
ad4m.at/ad/sim/ Frame 9C3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 9C3C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEnJE7BFk0AACvCvryw8A&expiration=1620941744
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEnJE7BFk0AACvCvryw8A&expiration=1620941744&C=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEnJE7BFk0AACvCvryw8A&expiration=1620941744&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 29 Apr 2021 21:35:46 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEnJE7BFk0AACvCvryw8A&expiration=1620941744&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
313
Expires
Thu, 29 Apr 2021 21:35:45 GMT
crum
dsum-sec.casalemedia.com/ Frame 9C3C
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-58b1f203-65d7-4520-b56f-b83c1700050f
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-58b1f203-65d7-4520-b56f-b83c1700050f&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-58b1f203-65d7-4520-b56f-b83c1700050f&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 29 Apr 2021 21:35:46 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-58b1f203-65d7-4520-b56f-b83c1700050f&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Thu, 29 Apr 2021 21:35:45 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9C3C 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YIsmrSFb-jqvKg5tiQSx-wAABGQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:43 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 699B 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
534
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732144.887564,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:43 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
4
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E9A 		478 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNXbIyICyQaZ6TFi9JXOkAgoyl3Ynw2G0XE58gIsu9Hfy3dadL-Rc0GNaMwKOpRD75vU85MVyftC3ly_SY77-DezTGf6BA
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNXbIyICyQaZ6TFi9JXOkAgoyl3Ynw2G0XE58gIsu9Hfy3dadL-Rc0GNaMwKOpRD75vU85MVyftC3ly_SY77-DezTGf6BA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 29 Apr 2021 21:35:43 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 699B 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnrGO-jz_qO995vM9mHpfeAKRaxnHqByo6i716_EVEJ735YWjh9FMsFeospPhSSqPrHUvKepcsBxxL2K0MLF6Y3y-dOmqnlMuCU-jqQLpu3gYxzW3Ae8-TTesCV5iQ0vIwJk2moLcyBZB0Fr82RAr-zYNocQ&dbm_d=AKAmf-A2qh_2Swg0eWDy1NgInEIQh9h5rb1iC3L27TKXertuZph2msA9wW0B_YK82LTBuAtjARYdETEzLHdIz1qRVDyNa8bE0uXt9TojuJpZXCzZACcldL9Vwe0bfrseGM8Rh5qQ_aJpLxataWlTkpT0NtCnvInwtDlb7vNvLVCfJGjLhVAOVRUnQZiuIMxWOF_e0JDMsH_2mUzn33zBX9UJoKZedx20oearyv_5lfZyVLVx-wXPYUykgjHQ98K-0YQTLMnZmEkv9VmcV-ma3O0iHfKJrLlni64lxXLSLiWiGbLY5_XHC0VZfwRAhJ3k5Uf2buDe_vlAlNPNUMgFDE5FKNp9M4ChhpoYW08ZzU2Eg1pgHX_ihzzkevqdVlRuAyGBkk0IdvDFnN-J7F2MnCcnclELBLunxMSN8CbXCtmjvbGyupziaFAFZzBTaudtjYovHwH4YGHS9rcZR-IS8UnZTLp4MQVAnsG4lNY0IWL-OQizlv6gbq8v0esHL8Iz_eXJIhnFYlk3FiIS4wjfq-X1zNAPQ8l7CygY6rdGX-58LdbJ6OArbEcL8bF2VzuxLTCnUTPXz-0Aq3B3EAyrYLu9IvvVHurwGNqnmZ0TQAtVUIoGjfvCyBvVQMxjJ0C3Zr7wThIPL1-bYHIJiwRjjTg0ERxYWkrDUv7II6DS32pDxJqwyKJ05Rx__4pjYOCLrsCZCB1tdo4-JmciNEWcCkQIdvQdTphqHY-ji9WF9n2KJh49ayYVaSxDUKpTd1CeFYY9auv56H_Sbitp09rjCetHxDeRvzSG9ILhtId5oQX9uMeszTlHxR5CAYlOsD8b--csX6pn-LjcuhS-6adLY-5aRpyxTbxF4pgzdtMe9pAsb93R13EOvesf66_3pXMJ3hxocCmJmQQoF05rG1lM5Ri9vvyqpS1gdS6-eZbWF2fcD8GR6JNPIDeyLS_E7ERT2xCDoPkhlRvBLVsRkH3vfLbkjcR19hWWibpczq2IRwGcki1ltdCbWI9k6c__WNmUhq6jMdf35_jlXhTh-eGR4jqcYzxnRFKTi9uzx8shQrDRvAniOmNYK4aT6zL19fMql8RePFaH7PUyrx1HLR37ZxMX5MY_Kd1L0A8qNEy36hyOhx7r9YpnpHUlEyHp5MIutXlp7ehcHovZhYswctRu2XktIzjHrzy_IPLBcK_GoNNe8ae8V5dbzrawCG4uYqOb2ktJhNu4UIFOwpKGWn2M8pCBjBxeCF0H1fb2h8V9aEyXAbRnBtArd-nSglrb1QNbBWFK5TpZh-I99_NMBvar50rrg2v_tnglbog3CsFaq7xJ3nh3KeetHmCG_HjQ4fRBDpOcXuufP7_NOPbmkp85eyWFiF89YMAMWw0eTvWPD5ocRwGXUg-tLA7_mo6ebPnCtvlfmSAWlG7ldBVqNiD-g6GpzZOMFd2zni_DYQZ1fut1y4JmbQurQ1GQhliZL1PySRWS7qITlxZNmNPiqWjzeoy5_g2n2bkhutkpV2AN_IGvnSGp8OWJEEUL67-W_cqmY4YXPUpUl5OEPn2wLE9XOXZaagCYzc8ocLycYAktsRU86MNSiV1VdKvYKQyAvJ4Nv4_FONxJPd0zOHklxwa0MCVjlzNkOzhGQ9Zt-hnW9eG2--nCjLTk1sBEySqW7dLj1UEaJTBCluQAy3ddcpdZrduEJIJgfGNmkf6fPqfPUDKXWwLpo9WxXxFGNSeBPAdFNj1Yq-UlHTDMPdc2b9XuJSWbDgPT0JImQ5qYZCzToiQrxePqTujcGPdI9LNPXieEKNQwDN6zhudd7GsFdfutFD6pf9pbxlro2iQamU81yv6yPOGXOiOb9k2bGnCePXly7NvqGZ-gkWimKfH8EqfqmYTIUryg4gkVIIX9iwbq-5sJsTOI2u-_Wpiohxdwoz8wZiCANDKqQo7ZBdU33m76UfnexCO4N8y2pGwheVbngdhcpoq4_DAxA6gMFDOyHT3UG5EupG55jDlwYQbPs5U808xij38m-65tKFWF46vG_NEMACoIkqK7Tyw_KzySZ3VYENZSV_3hhEl1ctfwJYE0Mk7WfI1F_FUSROyL--vJxemqONdTUL00eqeNLLKnQsXYU0ZW3Y8_u62oCbpbA5E4VAPfpq5HgAOe8gvouBVgz-HbKe2r-72J1_MUO3fNtulwxjTYXqXT5tjVK40lPr9H4SCZFT9F7O4izzpxtV5qknFmSMWjiQQjeAP2FFHBjM_s2_pqShxeW-euJZjJAn0ZkC4qwqtzhKouKGajMwwxhpF_Fd7bJO2adE-nrOMuAxAM7UoAP48ELtbK5_PXRIM8dgcPCBTvWRznPVLWrxSu37do_VjJHlo7DHmv8_DFJ7n6-Uqmvr2-DD6bl3nkzpMK1LwWfNslAOdLCTQE4YdwCNiw3mFbA0YHx_H1G989gsY1YsUeiRF4OgW-bAuZWTXTXSEnZc4CoV5ZrpNcxP_w4Rg9ir2XVbcu3da-laN2NpX-CUCfxNqMieg89Nf8rktFtcWGnQ8ugVAXW19osy6YflmAe-0omnsaQ0w9dOJsHxFeMK08hwR6DdczejaWI5j0Wk7Y2tYEUlrinNxsr1XxhkL-rKeGZ4sy0NGnEsaqznD0cywDNMkibzmuGhMJMi9GYopPp-gGhrW_0cBBMUYW9tBmRYp24ReSIecgPv4dwyFqQfRp2UxPU5cchhDzdXA_84l12gUVKHl6Sw6XN39zLbkeghKGn_zje9PrKof1mHgU-fKgtCLzklRmlyeH-AEwb64m0_rKlNMWc_jF8WfU4C88du7Vm8TyEg1MnyN_GuiQRZtRs3TcETf4s2sWdzqg8bCQIygihMWgklrDbFGEMMQ7s7ZwIPFRR6iVFhIRVtyXIb5dvMTB5eqSEpxpQ8YKRPYsE_2gwuSI_eZQ-C1R1byKWG400RCiVESHrcK779u5ZC50EngXUdoIU-YQK4JlVDDV5vNf_oI6F7URE7PoG9xOq3ZK9laVL8s5iioZIBbHBf55C5_PD73xaYe6A9d-eeauDHKLSKBgdRwMg2VeMk0WKfV6s6Desuw&cid=CAASEuRoRpTQ6OtYhpldXOrcMokt3A&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de28b6628d26f508e5fd99f7f0c5361a8c719f6ae4a0e2332f1334ea820ac7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22969
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 699B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8_O5j9BQ-9BrjLjLEG4F3ymZarH7j_qsq4ridRqps-V4Dm3z9qJb1qIDtpxrNqFiaiTkpR32_wkaUDLLDHXrib3VLCWLNDJkQ1dQjJVMdvc3qwi8
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 699B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 699B 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 699B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
pixel
protected-by.clarium.io/ Frame 699B 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31f4fou7ni&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWJpbGxib2FyZDEtYmlsbGJvYXJkMSJ9fQ%3D%3D&sb=3&cb=8189780&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:43 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame DED0 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
534
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732144.011084,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:44 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
5
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5813 		611 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNWI_uFZWKeAtv00LwLRJWnCU_0Ld2aZ-aEXc7GY-N96FcaDQSrZ0Ajk8olsQHAc3rLuMT03nEAoTWJRDPIZ31xA2j3tLw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNWI_uFZWKeAtv00LwLRJWnCU_0Ld2aZ-aEXc7GY-N96FcaDQSrZ0Ajk8olsQHAc3rLuMT03nEAoTWJRDPIZ31xA2j3tLw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 29 Apr 2021 21:35:43 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame DED0 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzU5PhYsf3qZCtqQn_WdJfy6AuteJ7qz5ZnDY0IT-eqoJ9HQq13eP_Kecg0Js1C8v3BcxyjC4k8zBrFNSmNQGyDUh7-QjK7zm40kMlqp8BRaYtIZZUJjlNxuE_HoK6M6dWl3p6UQ4LcF8ezt5dVMXGLxbPZw&dbm_d=AKAmf-BlFLdOzf2tZAKFKY8vM63NrIrYZjxymACeOOrooMOJ9Jz8ykTOQDBXCQbafEBEbnyvBzmgugDuW2BvthrUjh3V7b5Xab54XpZARCsZnqPLh6dYLgcnwHhPvjYBVPdtAnhmsHTFvWHUpn6IFVNN7PSLojltfBWn01AzIf-CSrIbgO3l85d_cyFP0h7d1D12QHUBBAGMTSWhFot7Dy31OuXKtc7RH2kzd5g4jM0QvOSPy47EdGHSBk33SdeOTO_a_CLCm4O5M9_e6CVq1ZiR-l2F04VXS9Kqt5liMBtzhktTH4Z9bQdr2Km3BxSwBEH2kZu1Ru1uVuPwN19YhmWhYzHB-VHHomlgB1-aR_KIZ6YMlfO0QB_CedbXmuI8m_mYmVRbcjsfsDdN1kuWNIIA94CBFe0hcfNBiqm_OQ4puks-2b62Ge9hw37eXpbYBug-rCVJ0MoAz36XK_5VTft6S4cVT4XzrurAf-eZTh5h_2pWT5j__s4TpWiTTyxi9meSd0XexynMyFzX6weNuvs9Mo_dj92oFY_875PgVOWLNMUzCsLZ2ZX5UE78QCLtfVNXZZJXAlADELJeKmsuUw5AJUxnNvX3hWwNRfkM30WuP0Pu5fDeiPUhM_Hrmf1taHFnBNXQK9oVe3eUabLS8xnjWvx_mzbGI1BPSBWxX-IwMIASCoHgjzmHS8uUz0Prv9kkrrgFlEgE-Eg4c3tXzMEvtuNMYm0blQKDt5Oyr3Pj1yvUGRSlhoTkFRNZF3QdaAs-xEhTgNO-HXHpTbitlHYx8eZCRPRnlVG2NSznEdONvirRGTW1sIDB8WXKp5CLVJGE8v3q864aV8NbsOrDZhB3C6FBdzxYYdB7qpWlHrqQAukMqA7FvLGIdLK4Wm5tdYiBJBWjmnFeoUYXfXj4Li6zb1MwDyCr2tn65Ylg0gpeq232biZiVw9zFL4zc6eSfpHcGKtjuKmLT5nusjhreVZ_bVtX2wFjGWAZOCCrmgLFwuTEvMumuEoMLwY4SJQAxYRTwMmWdB21YB3EOFPus_ifATOXEkmJwDWtt6GL9DcLKdWze2LBMkhAaSP6_aKJBkAqWC8DaKG1gWdubEZAurxXJ72o4ts31xAKXjOY7obeGqTP73TtQRUfxZDNI6bVOGcQzs2rPqzH4rlfTa_cleXR8LltnAKLtQJUwAfGnKIx8wBT8COywBvM7EiQy8pIPe-xIkrKucC0ot6z3Gy7XuDL3u4y0KlisLBTnK8MIJeNqIsqvn4yLS1vuumxlJR7-ASOidOkLsrBAUZgWB-qiD_17T-Mvx71D0Pq9QVo5s20zJQQQJDivuYtACzhdxPV6gkQhftMrCkftkXEJVLkQYQXOt68d3EiAv6TWI6feBXFAjVMszxtCywoGmR1QaySVZNaN7fbby-v6gOMRnwMpEps0ZFOWPW0UZMERBx_ktOHK__POf8VchdlsnluFwndp3LBSqRr7326CsFwUDPULOlUyDkNpbC2xbLecJE9WMr86--MuB_7pqufKQwLPkVCZwa6Yh7TZAnevX2VGn3PQlZdqdl_4E-yYmNvNxGkk9RdwKJPEBJwGbmHSrsiuAwDucvhI2_2v9NrOc854TsKgLG8Lg-w6O2s401VBjQo8lU9Tg5WL96MMxLKLUWzv26-cX-l7lAFuzU4WXNZqhJjaDq0mGJSZbFxtTcECb9e685t3y6ciARgbKqNooJTlvsPe4sHtQjTpS8KMrpsTf-UPKqU8AXzDvFr3ck_F-HY3s0vX_kRimLWyU-LV8HeXcFNeoC5R6XwJLfjET5RYl9agreUuypZDK71QE-K2xc77_e40qPcK3VjnqphXDnunPCheQ7J67Js2LxU-unVJ7vGwzGUCSdDSJzRERI9PUf3M9izbvBCGmlhWraZESyNUQrSh_oP9LOVReGfAPRTCA3Tmh49XkF8Kud_0iOJ1mTkDgxCvDwExnS7Z2l-rURzNWoXrsWToWX6aM7QK61p4TdKfiRc-1ucX5W4L8Xdqu5PFdmGLodBKiPuJhUdr35UVlYR2Gzh8FrRqBNbnWDGqbZNU8SGZt3JVz_VfZz2SDAzgYsQua9lt37ClwMh-0DWr-bGVNe2hvu_Gkw_q-lbqrLBBMMoTrcJq3PzjDUkWs0JA93B7X2fpjVoLJJ8_MNT0H1qLH9gq9ptlIdJL9BvaupYKs5ODA7kP7OQAM3FH-r3kRhcW7c9us1eI_dDN9PAe7ZyhWyzihPiLrgeadm6RumpZvwif5E0PYRS7K502c8dBaREmU5BOt5eCIsCHD3vULDZRKF71gudMVFbypfud5z7sdGk_s_iJlytvZZVfCdftdnYDu3VlGbXH_d8SK8FZq_uYr9ch531N786Ojynl9KStIaZekQzTFEDWXjnkrudfd1o3qVFKR080wHg3V0f-dM1y0IIWDdjPpXnkzBU6pcs-RYlpnrBIF0-uMBdDG9TVRtWgX7p5Z_P-9TC1ysbYTIorjyauUuiS8GP2v8aRvSZ6ohi4qxxKwwdhEIoLvD7OwkNH3sORFh4L57aborU6oA3wGsAm-2EKcGU4bwPvwjZcQKdc3ugb2I5_dKniYuEeZjnoQLvD69FtB7J-FnuC1Rf5p91oMk8MMAaqr93ZtqRbdJS12JN9VUdKA4yoL9BctsLeGpPbG2H5KNk7p8ZhGEH_uxBEYBOGYaahEtN1DWNFc4Y7FsZOqZXBnkPWJSTUngQ-iLuBMs75k8qvUfaHuGdVGaUuda7HpdeZsS08ef1bC9dlzjTSbhRkK1f1Y3FP8K4SwIeoZA3xPlIXgoa0U_2KJ9Jvpu-71Gf2pDD5noU8iW3hplcB0RsZxcyS60_5LTVCB1_McAG1wv2lIdCyvFOBrRIJbLC60mopeSU1YAQVvNYaxkDNolrSQfgeoNkJSooypDlRF5d4LhGOqbce5I7boLCbNxSNBso8J9Sm140vjRLqdVNhyK8UWi37iaiusAQer5FNKY5eKg4wXPrAotfS4HrPwZR4P5qXqxSU8PxsdpfmBNU_-_OYQJq6LFpeEt4GAmKpe_Lsqg&cid=CAASEuRoi3jj0m25w7Kr6kv4GJrBqw&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10759b9f3fce53cb34a2f81b0184ff6eeeca4ac9be75568c5d13ec22b4a8d5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23430
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DED0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ayn0-aQRvLJSJbR4DgiIIBsvhDk13mKAMD5r-NCYWahiFqBMK8uNknYBuiq68j66YsTzDjuBK1Mt4QnNVvUotLU4n3AuCnyDO9CCtv3c3qwYGUXuw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame DED0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DED0 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame DED0 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
l
www.google.com/ads/measurement/ Frame DED0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPdeLokp4LPCq02AYpl9rJ9qdg7aG6TXGuyUiLV9-Bknp9bLM05D3_6vdVy6gor37atqaCzixUS6USO5ceQxEOoW6fZw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame DED0 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31f4fou7rd&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWxlYWRlcl9tcjMtbGVhZGVyX21yMyJ9fQ%3D%3D&sb=3&cb=9856589&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
b54eb6f0d4c288604073cd63bd92bf79
blue.fox4kc.com/plugin/library/ 		498 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/plugin/library/b54eb6f0d4c288604073cd63bd92bf79
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
d6f48f47568e437980809007ef4e63a45ad5311b42a4255fc640a2fdd62526ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 20:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
1817326
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
158922
x-xss-protection
1; mode=block
last-modified
Wed, 07 Apr 2021 20:46:58 GMT
server
-
etag
b54eb6f0d4c288604073cd63bd92bf79
content-type
text/javascript; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA56-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
4fKtsHJ4pL9ZC6UjxL3kBG6eaF8InzrCEt0QDR0rbKzucjNG48CWUw==
expires
Fri, 08 Apr 2022 20:46:58 GMT
LB-Zone-3
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-3?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=&bctempid=762bbc37-f800-4ac7-9756-07862ae78f51&overruleReferrer=&time=2021-04-29T23%3A35%3A44%2B02%3A00&ts=1619732144050
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
90358a3dee4bf9abbad2c8d32c2597b1478352a00a4dff5a90ee6beb0946009d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1075
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
5v_W1xCqjDqqf-h-cQocEVZeOgiYiHOV_OKulwUr9std1W19CEsdKQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D914 		441 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVznzrlcfAdIE_nP1jcZ04C7bRXNfUg9RsXBwakfgT-OOK2x-0cAiNnGV8V5m3Vh9aGdpCxy0ua_NCdGpcoMPDzXFiklQ
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVznzrlcfAdIE_nP1jcZ04C7bRXNfUg9RsXBwakfgT-OOK2x-0cAiNnGV8V5m3Vh9aGdpCxy0ua_NCdGpcoMPDzXFiklQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 29 Apr 2021 21:35:44 GMT
server
cafe
cache-control
private
content-length
227
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 86EF 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvTZE94DxHnaYBjaFBgAI4tCO_0k-7IUoxzXEHynXmIOUtnCjFR5sMjfxshHiz3PY33BrmzfZ8DTdmevjsQ4NClkv0RS75p2Mrryq-3zFpJCAhWiZqf4Tbgyy5bVFXoUhGml96y8k-kv7RJtYVjv8mPwWCtw&dbm_d=AKAmf-CCcLcHQb2t_0-O0XxcQmV_vopO5xYBXd4HTavDkHR8PRfZYlhJ9r8sMlo91d1jH2YxHBRg1JPwHQBHd9TNl4s-XoYJG5vVJwz6n4MRchwPuhP2g7AE4GsoGPLowFfrii8HzmLiyN-8Lr2kjtnqvsz6YPa2mYt6_kB1BipqcV4JH_u0URtEtWvxZlX-Ll6-5u57wyOWnrKIyxPbUuHahdnqHAUeO643jmxAFZa3BG0KldjCL_9dx8MrpFq5cS_l8djZAHy4r38X1ZhFOFIVZKTzr-qVWy-Wd63_rnOfB5zCOGPA9Ugz1nsaI7eu5Jg-ziAhe4xZWFjtM69nLkt3w6M7ZkORjkDPitFEapvqSQlwMuf1OjeBqyoPFbPKUWuinxPsQuYzn0xUofJLq4B5QBKTgaIzw3QxtnZe_KSWIQWOQ7m0WZCGILZlq2deDrbW_ksfx80ySTv6yb32q4h_YtBXRYfINT4mk8oEobHibJTAoM98M1NdnTSAt8fb07sSfTpqPgk2rA4G0zHEBm_STY1BcWn-TeY2wPBoZR8Q-NTyWRFNEW_4tHCZULuXg58RyhRL9Hdqcnmwl4s5XDitOBV5jFaFjfPcA-3dSbK7DP0pIvTRjigiy2jCnvFUuX-rjNFfr8i5GJ_bg-5LPHSqM4eCFfgDdVAzvJ9rTH4plsXIoy_UsT7oY7ycSu7PZaMh1iBrp_qF_niMynJPMtdLCURRWd1iBRe6oNVxVOKh0iq5g2GW1MHS_uff4oyWKTCVgPDGS4oxMfnikpWjY89yq0-64YqDVUIYhSaGUSaDktdpXP6DKCaHHndWd1vkFgw1avplSBF8V5tJPPfgESuwsoXH0Adhx3aWmMauUNNsvorGyceAhY_7cjUzWHJ5Ae2DJknKmey0VHDsxqTG8dJKSdJFRGe7DJDyQii2Z3mBSW_4tHCZULuXg58RyhRL9Hdqcnmwl4s5XDitOBV5jFaFjfPcA-3dSbK7DP0pIvTRjigiy2jCnvFUuX-rjNFfr8i5GJ_bg-5LPHSqM4eCFfgDdVAzvJ9rTH4plsXIoy_UsT7oY7ycSu7PZaMh1iBrp_qF_niMynJPMtdLCURRWd1iBRe6oNVxVOKh0iq5g2GW1MHS_uff4oyWKTCVgPDGS4oxMfnikpWjY89yq0-64YqDVUIYhSaGUSaDktdpXP6DKCaHHndWd1vkFgw1avplSBF8V5tJPPfgESuwsoXH0Adhx3aWmMauUNNsvorGyceAhY_7cjUzWHJ5Ae2DJknKmey0VHDsxqTG8dJKSdJFRGe7DJDyQii2Z3mBSy6XoKYUGN-_Gl7s-cBeS4Fw2XG1DLvhiYJqeDD4EM7lL_LItiXVV6XLImgQr18-b1sn-sG0vb88wjbgmPMWHYzBonub7EbeUwpyuiIM5dMtBGWZkRhCLkNl2jrnnZDr_5LW_RTpAVj9egQuFhs3JkPt06seV4zjktZ9PzqOh7iSb86eRU3fRv9y2_rmaCjz8NsLqJRhokJqxRbYTggVRzHbn6wPC_GdYal63fHoOIDzYzahJGnAwomai6FBcPyKFvrQFHSnNCHQvXgYUTMg6BEsPxM00eZGgKCGnX0U-d0htigb-iJIlREpO8C3fc6W6y1aGoHkytYj_c2J0jkxhNkXLDN_yGg9ADSfue_AAsmbZUvk9CgJuBCwJgX7Zm2-6XV79LX2-yat7k2Gga0HC42-bCcJb4T4sZAXn0deoj8xGvmRkfV2oBFtlmzSf9ZdEJz3nulyeOwh06LaBVHKn4r4pkQGmN8MwCWSIgH7_Lx13wd8IWsf8TSvFi16xmjoHUtmGFibChe-79c8TE6FXDcFgAidWMX9ALGb9YYh9fma7vH7AGCpVumwJ9dhFHSSwu7xy3x_QAQXoahMtJN4uGYyBGugcqsvEf0dDkRdSzBgA9__fZzfNeA61WkliRbIGYEsO1-JxrHZ7koUsqqIK_Am4Si4kgdgZ3Z-wff7-D9mVAL_vEyPV8dkqt57Pm37L_wAqQ-bb0ORSXwi3HFUezeBggHCTeoPBx73XvKgUOpycCdyb9O75voKX1jeP7RbYhfy4ZAIplVcPwjMewrKKpsl2x-XiJYwnDY4-PpdpujsnSUV4RvNlfrr4PXLGQ6YSXUlZBvzRedelGkX9cnG1z9PP3QKobdY8P5Q7jymKpWF6K_l10A9e7qh6Bm1RnYN2sLjearpbGOrzZ9nnsEBpd_wd3iAG_KiVFwZQSVRFaYYOFyMEUdM8yNf7qYhNWqNIRNGXaJmZm37h5neAmBIdqdzYvhgYg8oH3-mWUuWDh2_v5x-_Yvv0NtqjolBUjSgszHS3lrCY6DCGCmczFqB73_jNWgiDjee8uT4ib_TGLAQIT7Ds9vdrUXUJfoRzkyEdvygYtTf6nwVpGuE7s4GU_aJUEb_04T63TAd4MJc372nlTFE762YibmzskpiTFKcp0wIrILALC_bX5PiT8bQRp5xNvLksRKt6nwmxiMkURlQZQRqXFWlipjgDtiH8WLN0u5WI-NLE2ncHZppHOVMZLBYd0_S9CPHu_zD92rV2I0Nj-PjP8MCI2-44AetYS3tHSWLwWs6Sv-CfbRmyNlhKLa9GRKTVdHJS0jDZrSPo8JF7SX35t7Hj67Bs_315L_AnNHVeLuief8axXkQxVZ_eVkPUgDX47M6llRsDK9GZAFq4cQiD3arVaf8QvDVJj9qzti3j7iG0Q1gAyeJb0Nyc1D7rkF0DmHFDE7MAW2M3DKnohjXXQedx-HUBTxilmMG4fW0FCG7D6kEjDlVgD3qCQkcoMyJMNULHhtDeEZi-fcvo4qRP9aEoQuh88PzZJ59GjwYaLt8G0VeUpQT2HnlCjsn0lQESC_6agQtxQaWyoEKKSn5LKQKgvkRmhAvOILabnWhHnSZE8mSlJmmt--qrdz63DWpzim7bDZrVSPDm9rRT6RcEu_0rjMhH87VSBssSJ7G4by98MoEVZ8GlS4bPXI34B21FX_N43D9Bbnq-rNus0zLbMJ2o4jPg_SAF9gF7-_gDe8-l_JBmNUJNDFLacl867jjAw0amn6e3kb6aFQM5RRLYXNUhQcKBgM1kyxv3iYz41MeHGUapL-h5PE5FUEH8t5kRHOOXHm83t1uDEG2ONc2C_-kRPR0egrYaqWb8NdHC2UQ_FwO7ACVKZDj4_1Eyf1_GAH05DnDNozpe_O-zpaKfAqIhj6cKhP26O8CF1wXYf3Tix73O3e5dUhnDoceM8t_CYSecqSsQxgh2iV9Dbf_Vi9CC0VHL-GrDbePXuDkInC5Vasv1txwQ_73ZGcyVuWhAsx-sa3GKwj59nUXPjwVUfbNxTP6CTpm3EVVGm_BVbd2d5mGE4GkaGArJpNn0fGIKZ5vLIXymRvKh-aauUcQZKDybGNnyO0F_qI4P7GOo-zby_0&cid=CAASEuRoRwNPmj21DIz25I59-uga-Q&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 86EF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Br_fFoksn-gxPg-8sTnYdtQsVQZ1MUkCU0VCPO_O26L9SBcSOwzzQbZ140xQKa4Ki-GKXq4eLBc7sqcA4Fu3K3zCoh6ahk1cEYmMIHrczBFO7bALc
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 86EF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 86EF 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 86EF 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
l
www.google.com/ads/measurement/ Frame 86EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnQqmMKtrKum9_q5nAtzy1-FcJR7ksPHfKJnBywSeTtVmd2nHMRgYp5yXC-OT9z_OgBKbreg8PuBgGz_F99Ms8S5yczw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 86EF 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31f4fou824&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWxlYWRlcl9tcjEtbGVhZGVyX21yMS1zdG9yeS1wYWdlcyJ9fQ%3D%3D&sb=3&cb=5856169&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7C06 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=f04d0857-8d84-8b5e-bbd6-4e488160d74c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7C06
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=JgLkXiIEvgw9Ab1ecgLxDyNRuVk9UOxYJVAdwQrq
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=0&val=JgLkXiIEvgw9Ab1ecgLxDyNRuVk9UOxYJVAdwQrq
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=0&val=JgLkXiIEvgw9Ab1ecgLxDyNRuVk9UOxYJVAdwQrq
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072956&gdpr=0&val=JgLkXiIEvgw9Ab1ecgLxDyNRuVk9UOxYJVAdwQrq
date
Thu, 29 Apr 2021 21:35:45 GMT
via
1.1 google
server
OXGW/16.206.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
match
c1.adform.net/serving/cookie/ Frame 7C06
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=22
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
server
nginx
location
https://c1.adform.net/serving/cookie/match?CC=1&party=22
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7C06 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a89b742a-912e-30a4-7bd8-ccdfe9531cac&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7C06 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODRmNGE3ZTAtNTg1OS02ZTAwLTZlMzgtOTY2NjIzYjFkMmNj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7C06
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKPRTbCwp_12qQWf1RRjCQ&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKPRTbCwp_12qQWf1RRjCQ&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKPRTbCwp_12qQWf1RRjCQ&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKPRTbCwp_12qQWf1RRjCQ&google_cver=1
date
Thu, 29 Apr 2021 21:35:45 GMT
via
1.1 google
server
OXGW/16.206.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=6576930246821193324
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=6576930246821193324
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
X-Proxy-Origin
185.236.201.132; 185.236.201.132; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid
8c75becc-e945-4b3c-b47d-a41e0b90dc3b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=6576930246821193324
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame 9230
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy=
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.181.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 29 Apr 2021 21:35:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28iR8PUOftgUSZlcMiC-7tBMUH-58d5l4wiZj2jALV2_JojisIY7HatLESsuVN5LRr%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28iR8PUOftgUSZlcMiC-7tBMUH-58d5l4wiZj2jALV2_JojisIY7HatLESsuVN5LRr%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28iR8PUOftgUSZlcMiC-7tBMUH-58d5l4wiZj2jALV2_JojisIY7HatLESsuVN5LRr%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28iR8PUOftgUSZlcMiC-7tBMUH-58d5l4wiZj2jALV2_JojisIY7HatLESsuVN5LRr%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28iR8PUOftgUSZlcMiC-7tBMUH-58d5l4wiZj2jALV2_JojisIY7HatLESsuVN5LRr%29
Date
Thu, 29 Apr 2021 21:35:44 GMT
Connection
close
X-TraceId
869ff4bc953c58161f282f97c295274c
Content-Length
0
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=5fa6d05a-b93b-08f2-1ca3-dc3221031dea
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=5fa6d05a-b93b-08f2-1ca3-dc3221031dea
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=5fa6d05a-b93b-08f2-1ca3-dc3221031dea
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-6a8dcc5d-c282-49f9-6b6c-a6c0509b66a5$ip$185.236.201.132
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-6a8dcc5d-c282-49f9-6b6c-a6c0509b66a5$ip$185.236.201.132
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-6a8dcc5d-c282-49f9-6b6c-a6c0509b66a5$ip$185.236.201.132
Date
Thu, 29 Apr 2021 21:35:44 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-1NU1yy9E2peJCJ0E9_LM.1VuzEnUw29qicU8~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-1NU1yy9E2peJCJ0E9_LM.1VuzEnUw29qicU8~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 29 Apr 2021 21:35:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-1NU1yy9E2peJCJ0E9_LM.1VuzEnUw29qicU8~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=dad149b5-a932-11eb-b6f1-9925b6e8c514
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=dad149b5-a932-11eb-b6f1-9925b6e8c514
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=dad149b5-a932-11eb-b6f1-9925b6e8c514
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
dad149b6-a932-11eb-b6f1-9925b6e8c514
services
sync.technoratimedia.com/ Frame 9230 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
66946191
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9230 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e516411b-c1cf-4779-88da-c45ec7b13dea&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
server_match
ad.360yield.com/ul_cb/ Frame 9230
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-69-126.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
date
Thu, 29 Apr 2021 21:35:44 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2658730229
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2658730229
  • https://sync.1rx.io/usersync/tradedesk/2919fc60-ade0-4564-ab0b-d5a4d241a4ba
  • https://sync.targeting.unrulymedia.com/csync/RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
date
Thu, 29 Apr 2021 21:35:47 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXec0e2a73e7034cecbf1cd43537d30afc003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 9230
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=swFfu9arcOS1&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=swFfu9arcOS1&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=swFfu9arcOS1&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-zzb5b
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9230 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_e516411b-c1cf-4779-88da-c45ec7b13dea
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 206A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=adff608b-26b1-4d00-8480-2197b8001798&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=adff608b-26b1-4d00-8480-2197b8001798&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=adff608b-26b1-4d00-8480-2197b8001798&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 29 Apr 2021 21:35:38 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3709 11aaa92 master zrh-pixel-x1
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=adff608b-26b1-4d00-8480-2197b8001798; domain=.mathtag.com; path=/; expires=Fri, 27-May-2022 21:35:45 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=adff608b-26b1-4d00-8480-2197b8001798&gdpr=&gdpr_consent=
Expires
Thu, 29 Apr 2021 21:35:37 GMT
usersync
rtb.gumgum.com/ Frame B5DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4
  • https://rtb.gumgum.com/usersync?b=atm&i=YIsmsQAAm53AqwA4&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YIsmsQAAm53AqwA4&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YIsmsQAAm53AqwA4&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YIsmsQAAm53AqwA4&gdpr=&gdpr_consent=&_test=YIsmsQAAm53AqwA4
accept-ranges
bytes
date
Thu, 29 Apr 2021 21:35:45 GMT
via
1.1 varnish
x-served-by
cache-fra19165-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1619732146.500353,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 28E3 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lNTE2NDExYi1jMWNmLTQ3NzktODhkYS1jNDVlYzdiMTNkZWE=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9lNTE2NDExYi1jMWNmLTQ3NzktODhkYS1jNDVlYzdiMTNkZWE=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Thu, 29 Apr 2021 21:35:44 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1260 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=26001
Expires
Fri, 30 Apr 2021 04:49:06 GMT
Date
Thu, 29 Apr 2021 21:35:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 677F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=02f5a2de-1a50-4bab-86b8-9417f32dd271&t=1622324144
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=02f5a2de-1a50-4bab-86b8-9417f32dd271&t=1622324144
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=02f5a2de-1a50-4bab-86b8-9417f32dd271&t=1622324144
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_e516411b-c1cf-4779-88da-c45ec7b13dea
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=02f5a2de-1a50-4bab-86b8-9417f32dd271&t=1622324144
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=02f5a2de-1a50-4bab-86b8-9417f32dd271; domain=.adsrvr.org; expires=Fri, 29-Apr-2022 21:35:44 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiEr8ybr9jFORAFOAE.; domain=.adsrvr.org; expires=Fri, 29-Apr-2022 21:35:44 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 618A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Thu, 29 Apr 2021 21:35:45 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame D4D3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YIsmssCo8WcAAQaivxIAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YIsmssCo8WcAAQaivxIAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YIsmssCo8WcAAQaivxIAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Thu, 29 Apr 2021 21:35:46 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YIsmssCo8WcAAQaivxIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YIsmssCo8WcAAQaivxIAAAAA; path=/; expires=Sat, 29-Apr-23 21:35:46 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
1
X-SO-HostName
a-ad40233.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng3.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":50,"gdpr":false,"ipv4":"185.236.201.132","key":"YIsmssCo8WcAAQaivxIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40233"}
X-SO-Key
YIsmssCo8WcAAQaivxIAAAAA
X-SO-IP
185.236.201.132
X-SO-Cluster-ID
50
X-SO-Upstream-ID
a-ad40233
usersync
rtb.gumgum.com/ Frame 0711
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878969642673960
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871878969642673960
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871878969642673960
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 29 Apr 2021 21:35:51 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 29 Apr 2021 21:35:51 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwByILSzNLMxMjM3NjSzMDIT5DXR-DLH_PtJySVF1PRyleQzNDS3NjI0NTQwtTEwDIo7r9NAAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 24 May 2022 21:35:51 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmhpbmxkaGpoYWoCAJl1MucQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 24 May 2022 21:35:51 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILSzNLMxMjM3NjSzMDIT5DXR-DLH_PtJySVF1PRwAD7TTeJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871878969642673960
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 7D6D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=OzRlVE8F3dlf5hWEYO3C&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=OzRlVE8F3dlf5hWEYO3C&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=OzRlVE8F3dlf5hWEYO3C&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 29 Apr 2021 21:35:45 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 29 Apr 2021 21:35:45 GMT Thu, 29 Apr 2021 21:35:45 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=OzRlVE8F3dlf5hWEYO3C&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pw.js
includemodal.global.ssl.fastly.net/ Frame 8955 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
535
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732144.379155,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:44 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
6
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3366 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNUmL0jMXMo2GJYp0TlQ1Z_CbRmQLmQ6KLEfmWCY-qZbCT9pY8EDzyb9TXUS6ORaZrBR1abPeWqKOoeIjTjimE_k5D-zdw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNUmL0jMXMo2GJYp0TlQ1Z_CbRmQLmQ6KLEfmWCY-qZbCT9pY8EDzyb9TXUS6ORaZrBR1abPeWqKOoeIjTjimE_k5D-zdw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 29 Apr 2021 21:35:44 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 8955 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAK2J9wfujvAb90MBUS7HYjC5Cpc5uMuS4VoIxAk5mYs5F5dMxUyV82JLCS7v_l0Wd3fmpiPqRwwasrsmzZKZziJFTv4xS69r2M9Hwj0hd7RV2KNGIQtdE2Xjo--k5kYc6lazzo036Qfe8rqA8UuMn7WMUFw&dbm_d=AKAmf-Cr7I3CG8LojiM-Hy-GZ4ZRmypIu1ruszQny_LKdhscGADvQkkBFshJeht1yMOfCCTpGlNRlFvyxqnf_-8TLAJMYn3KdwWGB6BOz3xvFv6UnIT7J-YrMENGvxwE_BduZuUnQIGyaB95XwohOjnYdrvFjLWlccWAh9w_P_7O0u4YfvZfpnjsDnDOhdqxOTfGFECGy8ExSpMu7aefPN-H5G5nQ_Y_-fQ4ZQX6PKm3yWJfPSt4Eif4NiruFeUGuEU63oALukLN8cibYVBS4skbhn2XnEmIuxI55TqDrSSWNJqj1FRDIkpl25vRJFolQ5DLQYjp9Ogl3DRiPF6dDfj-QNJK6M83AWz8KPtHgUUNiwXiswQkQKEshQBiuTzpC35iwdOOR_Q_qLwpz6Y64305NlImJHMWHNDR0MCcnJibFmO9pqtprIhqK_yT7zJD1W7-lU0NKGILpZylBBL8th1voPBVPBJ4KeTIIL4gyMuOoJcuTHHDYNBUEjdKAyKggr4Evmtf4onM478MNOrwGboJI45imQIe1ljNliKv1OV48dqw-3gyX1yOqll_NsQJQe3OzbvxTm6Q5MpkUDTvC7wMu_Z450_Re7OHsK-f0r055TwSkCLgz6H0s_4CUwlMEZZOML6462FYRxNFg-Qbg4aifn115HkR4Y3NtD8_YcJyYiQZM6Hnnk6PrXnYXazHsx2-U7dOYdI1eFYUkKlAgZhiEJXdvbg0E2WcXrn8FtlcO1TFKqI-yBDfD76RjdJbjFsNZM3cUlgcjqj4cbuYuqZKQWx5bugKXCwbdwwdTOP1gDvZH83lpRRHbdy_2O9M_xNaIi7iu0OtsejlxiX-VZl6O-yVvLJY4Yep9CChk0Y3nyKF2405hmP-8-NqkQ6TsWw27QT5zPu8pmiTfQR4rReIbhaLQGh8DQ8IyQG4Cqta8FtKNpa9A0qYx91E89NeOubiVB302nE6pK_GfOXOk4iTLbIlOzgB6N-cVhDFJcfAmA9aR0TO6K9uvI8UJckOswK10oB9gmdF7AVgEZODuMAbCx9MH5EPhuJ_tNRgdo1O-0YbRo7-BxQMEaQEephUKilDjEujnPNnqC_6ec57dt3QJa7YRwWYY9uHXVRaCup9q8lnmeZqrDPNCPgRMn9tAYYzYohvC9vTaoBL361iHoeQrNR8wW7aFuCfRO-YDdcqhg6Cs_VqJ4KBcWEtzCdzLY6OJ_H5CBvuXt1KItAxyBiWJKBnEXqMPp7215j5kFZ30znO1Mre1QKZH2QWftxApzrSZl-WYowF9pzJvUX-eLrYWx87sq8nTlet5LX6j9AsMYnxKqmUEmxwtnazcAyXU7fpb0fqrCoNj8-u-EDRwumqNRAcriSVN3VmmKHhK91JKnyJmYIv2qpnn9-ENVj3qK3xjAckheEuo_CcMhbZzj8G_X5IyeDnih6YfQIPMXG_hqdInbA5YLnKafJ_xVdTB1KUvR8nv_lrS7lOPCJruYeMb8KoMemuVHk8Qrw5niTAJtM4KPWccH-PlmQOqUASczxS679v81N42VFVR4f3Wevq0o1ERfq2GWF8XxDrJKIo3ftr2TQFZyzQ8NT4jEAj6mxe-nKX0t48lN3lziLjr03VOPUDtAPKlZPVgCXlov9FhORnOQm3nfy375IAf9KcoJgXzgzwuJ08FeUWO_Di6gKxWRLOqAMgFLgZWYEyPj3JFuq-4IPUl4KOrKfeV2oZzkkgK6S7y5VXWKthRdir3C0jfICwtD1N_7zNcOacqj0DrT54lEP1otP393FWfZEud2nVQ6AOtO1755yOGIWX1BKtEahSXJwCoUUVTZz8YWPebYhFcd4F6wI03doJgBcrOW8UEr3b9c6uKQrw1modavZtaLf-drkL0GmV3a-wVfNADqi1GnKhAUM_Wh8fw_wAlNSrfiYb6bCnXCEA-KN40XztL0Hv5_Gi40b00_i6Ns1IB2f4YX4ahSu4zMKFN0n3EGJm7hDYaViICxI208FoN9olmt6TzbevQoz5kADYGfuNdCT6PWuiPgLvS1GT1LexU1i92l-QHKWWTtRjUXf72HpacjQDTDtRb2-kY1Z9WxPmAJWKI2E37RUI15ZnNsjH8VqObduTg-SlQc3N1NGcT_XLSRJJm_vfE5ixSoyZv-cldFqvNXMPdoyjtQ_kgm6pI974_Cklt9krmHyGeb1GuOxYtQ6uMgy3Ahp9PIHXANUA_eEZDsdLVwXLZFOZnIVENvvpKXnM4tgj6KCqPATSIbJuZEoLXPYqCkPyccnW-0EDM2N26M_BmXwQrt2QU9lU0cGCmsUWzHufLldM30VJn-KBLB66Ejc0WAjhrEiljTzcu9vUKTYZoAltpXFlatGTmuqKbC8etJqijd7xnVoIdjTZswEc9QA3RWrTo4L1glR9xZd2eAmbPZgtss58eNLQ8O_yxVTXIRF1Xu9fAPY1HcSz9xkMtPZRc-x1lwAGcZZ4EBRZE9oMMPvawhCiLSjdyznCHvYqmu8Kf5CBfIKQHEs8AKQEkT4CGIlI02p9QCewv6kteCohcEBFuBdvSVJuOVqbJuZWSp16Fo1rlebhb4E8u-k9NxBbZL6iyd4V-k-7kGI1oiuwyjE6iHFeaXBM88gp9HFf-ZQ-YeZugB_y5lU9AtMvDN0OqP8T_xaxGyHjUSSb-n0FMo14-06arviIKSRiogkjwuuTSJS7vA-ZHjTtLKBL0hZqXHgZU5EmTmM9YRSuSM4eeCZPeLJr_HLStaEVUQHarBt2RUdRa1DAjmuVA8vgG8f8e86yMJoCntt-YZ0s0a9CZTUSlH7eFZ4lR0Eu6SxXwguZnth-4YcpsIL9EkBfX3DMy1-Hc-QFak4dd_qhzV99SkETLKLtwoGqIboEUXZvF0zeC4Nn_uUb30qgoDlFYmGsvWoMJZN0UdzSoW4TZNM5t2BUrIKeOObiu8EWqEJBTRBqty4Bhqh0BrX5mC1nOFeQWBv9X3hT0eMHEG8MKxpRh7EQBh5K-Cp3FK5TbR1Ik8YYQNvCbgxGn3evVH0ZHQ58rqkFIn2n6kFEW8WJtdN-dvs&cid=CAASEuRoeptJYN82unw3fZW1I5k4ZA&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04706c70137f8b723abb6e39fe8cecc235bc0086061d7556a4eb17175ec2bf4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23243
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8955 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTG5KnR4cd7qJv_7CH84JA0IYgjnPyRLjK_8piyY8CpczEu2gNGQR4aVO0oD7Fs4OHdqflmOMDDES4sYEiLN15msWTV-RKdou4Jbt5vEJ1MRs2WEc
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 8955 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8955 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 8955 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
pixel
protected-by.clarium.io/ Frame 8955 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31f4fou86t&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWxlYWRlcl9tcjItbGVhZGVyX21yMiJ9fQ%3D%3D&sb=3&cb=4719122&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 8E53 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
535
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732145.500054,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:44 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
7
pixel
googleads.g.doubleclick.net/xbbe/ Frame 680E 		342 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGIyn8poBMAE&v=APEucNWMa0rtVP3Q2bwiY_dF-Vo3JopLzh1MfS--U7X67t1dO1FqEeXeX18LBx57puUMYG_JcJ4nZg6h3JucCythGwnfF-tfjg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyfJRCU4uACGIyn8poBMAE&v=APEucNWMa0rtVP3Q2bwiY_dF-Vo3JopLzh1MfS--U7X67t1dO1FqEeXeX18LBx57puUMYG_JcJ4nZg6h3JucCythGwnfF-tfjg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 29 Apr 2021 21:35:44 GMT
server
cafe
cache-control
private
content-length
215
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 8E53 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmgfFBUzef3B9ORBezBnCB4hbDM6OqvzxCoY07XFq8Uo4v7lV7ZRT1EreYWvuhmikzmda3-S_J-zV-_02nSZpM-RSIqdJSZfUFVJJyMLK5YxgtWVPrR_qSDXPn4tPndEmg4jmcSaiM55cRHPXb8rd_x6F0Bg&dbm_d=AKAmf-AFqZ1KLhuwCsWo3Pefazibv6CX5GdQISNi3O3ou3Zn1Hh3LXAha55ZiKB0jCPYP1N1uH2EDoakOkyUCcx_5ygFBURrxLrGblxORY8SgqbbUM6tZUtEzAVzzhS_O1s3faIlCOoRInw1kMkuqECAf9JWKNJxH0HQQ6oB7QVgkjn_SbcNbCBBwiz5YwABQXcC5lQ21T9AVCn1Fxwgu-RaEuwbUCCy0v12nUMM2nBfTpTpwqRmVsv0wttC6xvptzg3tAa_t8eJw6R2dTH7SobtesGa66Kl34cCclqDcirJLRT7cy06REFkeEyQ8pZ5Yk7UBsQlITxdLWXRE9ddnBh8S7FZlvgmT8DAoWTSCtfRqUnYpNYfRkCS31yCShuEzQcUNkrDyw7KwcHh4mxKPMLoNN59FGzrMlYVvzbc_QNE6DZhwkc9i5TfEdF9kbKoqaEQIurxrNgtWk2BB7v22KkGY-Jeu_I6eXewY_cEhAr_7uyHxd8GxTWYKwwfh_yPbLM-YvF-vVa6FRy7v3FoGpQVCuxNn8bU_pVk60eVI5gQ-06V1J2RZ0xFGf8_Xe1Z5OSeMeCPxm4dteF51RKPuGzGLqPQCNhu0Ixz7l4hK7f0VDfAE8r5hxt86H_-91LKU7nIrhX5O52rkpaWGUm0kkt41Xz2d_RzpcUoxLD8eQjtl4d8EtZBvTNf8HasTRjI-XWGSAf2RQCBgySiidx8xkrRMOR6tJN78XdakwgWo-RiT_REvR98oMx5-9cow7IsBEVevm2brL7kwXMrtbeMihM_JqATC4w7-6BlpxiQJHg3-YlOhD_RBNo5_nMlh9o_vekwSLat7auWZs_73UshBRUScSQKOowUrQcHb_eNrm5jFZD7xsTa-dDMxc48al2e_pvHU9oaLtFOtLfrBzU22htWUCcMmw83kgMEz6h1SrOJe5iUIvRI-KHZbdZ-oGQZ6bKFf80nAOPvShCCJNFA8GwK2012okW2DQgtORrLN1sh5FMXxMiE7SqIiTDaqx6Lx39aPwcKeZA9ue5iQwUqP7Mwk-KUaaGDr7D4l-2gaML_HFuigiASue5NLYCE6l2n5AwGrQm4jOVHEo3bJ1ebsd-fFxco0E_nb57AwkgPuvOMxoBgsTF9s4-80HXd6NW1aQU5JDwH-yzwUsLawlsS4d2J28cBr-rmgaVNoIUX3wd9DlYgpBHrL6rJtHEwSosJRdJNqVe3-QYGAYnbknNnncVTMMCIMh9wKMFGgBC-27mttXrqmXnPMs4i2QXZe8dlYj_hnSVOhgHJuYD6V9u1U8zsaxU6RbykYJM0ftzNFmytJoDf2zmIu7VjL-CNZs5TCNxZjj1KdhULszNr-FWnMiaJsW5Juj7AypMljQ0FPRT99Vd3-TQrP41REq12KCw1BYMLr9cpPbYq_y7TGzzxaSabuJ1nEZDQqUhEpOtkcaK3oQ_3BXMk_igmUA6gfkxgfxAtMJ7MsSLyKU2qpxWbB9HJtXCNiRb84LH9Bhj3UL9MlyQTJPOLe2-2B4oM3tqMCh4pdWii1dej-uFopK2j9fpimWslzLtH_sasnSd8lQM57OdFhJE7vjnwfFyWXCUxpS3cWBVje6fQZCbY5Tg-CczL1Yd9tbOGJEaw-_sJgfncx2Yrae0x1cmtnld8db5cpq9z822ua47aIrkuBfsVm6tofBHq6k4rG-YZU1WRvjGvQJLgoOJ4SsOpEdU7rIAf-YSyITidphaXvalGbW6MBc6-du1QJVOcb1TP4fdiODg9xOPquV7QzM8LfB_fBf5pwbXXHyJS0WNxwu5eAPAgBEdrbTVaYhIkfXsNQDFtLi25OQjkIw9_KBlGuqL44XVgjO8SCey_pxmBjuWuQRbar42yUMrOouCbISTRiWWtJhs5mL4Jg17XC-fddJbRHHuJF5nILVLHmUDSB8AZD-Zyoxka14DfyYsls4vnLvhJ6k6fzS4JsMtJycejaqgAD188_hrC67iPlld7t6CtzuPlBs3hqZ3JDdOql2RpY5I_otw41cDz84GuDHNFzBBWzD0dDKO4IBuKjBZtwiiDGPXQmNOJclpCtbh50K8J7BKCeB7XYPv-GZvO_AZT_cQ5nEhsO0bKYKKEUmJTNgRivWNoWRfURr9tIS_UxTJQbQPMdGSdrEcCltqxIbmlFlbafv90kPU1Bbd0QR27Ox7sxGZlh_eQkBuomQo5vvOr81v4bg1SHdg6Ps2sSVOyPGpwTqxZvp_lqSp7BbnSUtkAgDoqtH8Vb4i2AhLCAv-RG64b3aD4Pr1AXiHRnOqfEqSL5wSqH5q0wkElmRUqq1Z2c2VzTz5MuhuKYaE1BV9iSXjS5xblPjFBGFlJftJLH57f74hskFQUS1R94nma6NsZVB9BSjgdtqCcNBdjviub4MWny01fm1c1PVfXki7uKEOypwAC61wXiiItcgvnrm6vr6JRgwWqny4S3OkYHU3PiiZKHp61txL6xPLobAgHNKSqzGDeI1LLkUlETm1DOaenMjFG6WO5reopgePHdcSco7AMYsp2z1PWrZ0q6RQwnO9XKsXGt1ARUfz1ZdK1gccAT5q97i3TTbQYYRySV5J9s5ID8tdlHcpvESEtW_ahFFEWtQC-DQTFbVwkIOQR_fNKcu0b0TL421i_P09T90CrenhG8MmFppEPzrt4EeW5IZF1VL4CJ0Zi5QZiuTRx6W-2-ugViA6TdLLxf1BYsgAzjO3pkomMV5aOHgqK1zy5SMfNjwUK5WUdokukYnmKT4PaS4vt6Hq76_29CwL_sUtVXcDsFUEwnHytNcyVSYi_Jfrz8pgrGf4sW-ZatNzybAENZICqk6k2pU-xaadwSih5w9vBSXBvtrUl_vn-2GtPlO4X8vJA41y1fCAQ5RzGm8Jh5dkwnOhz961JadvwoqNzlKW3f_Eu5VhH3q1DR-E_JTx4HKoa3_CG4FzWEmWaUrCRDqxK_1RXAVmw_4eUo1m6jKthMB4yxubiRnPvnteNFcII_YdWTBBahhkCEhoZPGdDffi7nH-n1v6aLRNCe_Cp9yqbxwCJsqnRYssIvTA&cid=CAASEuRoVXquB7iVDbU-94wWdpLgnw&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f9bb00d2da59e4b5a6bbdcdd35af029d9ff65db52a2dc55e15f3747d19dc180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22840
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E53 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYS6sDzQt82OKZA4QTk4iwxVJFHdvTmtaxMZk5xasqQmTbbaC8BbYrJApmYySklQDPVU3t5UujS0CvH57Lmjz8yrh9_C7kNX0obZRt7-hAyCoE1fg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 8E53 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E53 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 8E53 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
pixel
protected-by.clarium.io/ Frame 8E53 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4MjozMDB4NjAw&v=5&s=v31f4fou8al&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLW1yX2NvbWJvMS1tcl9jb21ibzEifX0%3D&sb=3&cb=2874533&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qb3pNREI0TmpBdyIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjMwMCIsImgiOiI2MDAifSwid3IiOjJ9
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 544A 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
535
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732145.630335,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:44 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2EC2 		398 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKiS8poBMAE&v=APEucNV4k3Clj83xCaJcaPvaXmFHRfyMQYTEDsr4298mEEgR6S3dgauCtiYWkxu7Pqjq40ESUbJMVmYYAk5WcOZRFZSxE7-cXg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyfJRCU4uACGKiS8poBMAE&v=APEucNV4k3Clj83xCaJcaPvaXmFHRfyMQYTEDsr4298mEEgR6S3dgauCtiYWkxu7Pqjq40ESUbJMVmYYAk5WcOZRFZSxE7-cXg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 29 Apr 2021 21:35:44 GMT
server
cafe
cache-control
private
content-length
258
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 544A 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bmz_0PzE1xGb3QaHdqX1Be7X0utGUKaVWZRyvaYCHhEf4habHyztFN0ru0GTUq0jPQ9VNAoelmd2ZuY6eAINNMaHxLrUUr_ltZMYqSBeAfbuxAlqCd4S9nd5vpBo7eXm7jFA1qzJQxSAQYlp5N0aNjf-DKSQ&dbm_d=AKAmf-D-O-cAAlpWXK3d3t00dmmhYEwoseoAN0woumSBfpvbAXe-m8a6z_NoYgkRUqKQh7bmAw_ri8_eWQR9omq5S3SioC71qA3b9PAJ6YgQ9Ov7dUVk2LTYN0XLmYtjbZ4fDLpuPb5fz27vym7sQeNxZKe6QhiNV6-uChbO7KOJL1cwxrx2B1feUPcaItX3DSoHsbH5Yo9tMT_AoYhQz3JcQawi1BoxQ9ho6xsjL7U2gNRChMjFx2oJj0whUGKqcvSiv0u_SOrj_I7vggzPFg9zd64ZYTWwoiw6IpFHFwh3ZgtMbVkVBjpS-wanwzNCMnbTf2XweB1ZOgqEpWtcNdjONduaMpg_CO6edW_oYRKIj-QD9mqfa2jfKnoL_U5ie02vDtxIzb5N9NyRgDERVznn1rNyESI9XC082_H85cxUzO9GMKSN04bNmd4q65NVZfs12qM6uam5JT55GChP_bgBgW_AlU_XJbkY-gI_kkSynSxrOt7XrqAeQpOGeUBQzzKRFy_WS-2XUy8xJFbKSP_j-eRn1O4rP6gIdVJDq7XCqePyDSEzkPpIpVrbuedIj7x5aZUp76cknoRKwC7mj5Q3qWc63eVhzyNCE-Lo_q4QxNQsj8UwGrtJISuU9ugOnYL42Vnx4Ef2D37iLfIJHtsCOgb7wA83m4zCB_tFK_bgrhZy-XB38A_GKr0r05kgzgzpRxwRCSULiSu24jMU2hc-ltwYqxLryLQoTxYgTuzJpTlwJAL4S_mQc50Lu4MjlVaZKeX_JY4FYQZR3tpBk9X6-OM-_gMJUPSTuNlpUkP8suFzqKciwPgQbRLJ-0WuQpv2Gmmozoldj2v9GXq3OZVCibU177aY5eTk7iGEQEMbGY_kaMWFiXL2jOTWwKxmU6ZTn4bBmdK8_bQzgjYo_xVhHBoZHBbKvW8GQ0DdlO_ooPnAZ_MotGFNFVUOcDBJHcjoO-cwJoIjmR66ZvzHM7J_1jerZ2ejwU0MeoNFZnJ2VZoEVHK6vb7U-VaU83ta3MoQGDws6Tu39zNmkiY68ZEPQ7O016-ZfP6_Fxyr2xVA-O-xPAPurkV_XVFGpRcsy4b-3oD2h2M42K87hJ3_gvyH1AkY6Kj8OLMcGGbH1XMqgXWXnfsEVcUNcPdkGu9hmae9L4uz1rAfJFYeiMWN9tJv9-p5dolD5fdox96R2I1lx-mpjERfCPQ_GIUInqAUZYx69WKikvGA6OtwLSDBazWSZm4ZYTWQlRJUMqBb1rZP8k0XmHDUIZi6bzygVbn75JfKN0bf_L9OyjyljbY-Njj3fzcLmjqs7vqfrKcr7-kEsnk1K1yWJJC3RWRhR6pjDUodjgCqvNodTIvaetTk-9wecbvfGbb_GHuKyb_vcPfhXFMmcHk15xXmadVCXlV5Be1MvyvCrYN5VD3dg6Vo294LvSQhr4zL7YqhX0e5iv7QtnnvbM4LtUJiTfqvJ7dvZFfnBlceEzAvrHoyX1MPnsAF2QJx742c-TQjAUftL2YGQhSnWjwhhiPylKQ0TOQ8JIQ9jwUGdvtLH7O-IIkEi23-Le8C4IOxLD64sHBfT_42DKFcueyhByo3dZUYwnt0iijU50SnO_8BX5phh-xkPYOWYLIWEgBY2_V53G0-vgDRbhcrqwjsMz0zeKm_8HZhf_2L70Xe85NgW_dTaAzN2CmGF7lXCTZJWMOdTFPpN0js-V_5aMaA2Kg5soCefQzVH4WC2Mg1u_Tmyl2NjiJ7WJMO0JTzi-KicrNDHcIWaIZazNHmoTZ4JvJ8JbRaWhNaIE8nc4SEUYcnLkcdRZOW7eTTCSTka0G-MeEuJHgundKgOHOXeFjRPXtAUruMfgI5hy7qvpeWMh5mG_jNYT9Nr00mSHn8XoQKlSJORtl7e4swo8CRmVgD2B7oRdJnDMCaB3d5u-BOeRMTfqLwBNxix0S9bI1rD6rkPgxfA-rNEEb5BGeW-ICj-fRfvRlBa7edfPx3bVCjgrBQgLadSQUb2KF8aNqIMRyV1D-rZd_zES_Ec8Y1EFyjtqyY3fnS4c0D3f2h74WiGV1SjMYkY03LxLdxhTPuivHSK2qC6F6aChxNRtg9-IoN9dfuqKSs453JPGnFnUa-QQsFRbUAXhml1tzB0vrYgT5_nyQXabNRbGnXRalzTqANo5VPKe4v1R4K514RNG0cl-eU_qEXXB5CEJw0AvCazP5YSGTlLDDEF44F8Scxocjaqn6j5GnCsVKREaAt7vOah1crgRkVWRhxpWi6WIHGYWBMkpdRxeY_borvNugj7qV5Sh7o7oFucFex0xjM2T7SWjLdUire_k89Fs6THvfX3b6UpyVwYz4PzIMRiO_WWzLdGs9S43nHa_-FmA7EtTRbkV4Bl4gLwT-0yBMOvM07BXXjWfAUgaR9V2_nxiJbqbMw-fVTwunqVOGosLS4_Xj8-2rUOJFtGUUA6eduZ2SdbkNWsmyiwSiahvRiDR2S7Zwd222cE7MzAb-L-eISUmcKBXt_8ov7rldXL4GixyonvcEDeLazcbciRnBNok52LAP_XbcdvNGi-rzyFfuqaMzbDN7OUuCJoUkeEEGaFVaLB1dWAXjM3WfItOWUeurO-6_S9vh4tilqf2XMW9IK8LH-1wVuOE4C88NBmVGvbTAuysiDtZCa-KvcDUrQ7Ir8C5B39wCd7lR-e1jrW6kjp7lunHEQml_YyE3_lNTLEeTxNdDEeZKAZXWr7sX_M9MVt8xEIRdOb6ez4BALZza5PYUwChd7lg7H7TndLYW7sv_q5w439xDWj6LfZSTEWDgGnVmx6Besz_n38eHJuVOpWHAkxmF1lfHFtZAtnOMvpu4-DPguUFyKinzc8TAeA4HbC_oMIjbk5F4E43czdDF1aOp_UN-dlcFMUwBfyyPvNr0fPnGeXpO0j32khNRZy3AFUBqdBghocJYoRmv6Ll8RjwLTf0i-p-bVSyuHUXyiCQrPALIaD2iFdU02wCYCQgl0KwD60BMJzmIHG1-I4C5KANO2UtyRwpMJZ8pqfPJUjqs8tG5hG-50fL3R48-eCBRVMjQUcf9FoO4h6IBB601YLdHOqC-p&cid=CAASEuRoWV7QeNNsCaS4-BtkbIaeaA&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60ecdfb5bda329bcc807912edb3c4f5d519365b23d4b8b439501142e3ac9a4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22892
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 544A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtzX2ukBsA6kH_IoGmJo7BxTmtBG3IgF0VW_y3LQ8BwQpjSwXvG5_BrUJpmWA-89MxhihFTAphiAymm9KIeu2P7BTACJachZ-Kz-brxQAlyeCwDJ8
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 544A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 544A 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 544A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
l
www.google.com/ads/measurement/ Frame 544A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhnGuYah9XOEi6AU82DxJ7Wq1tG4v0mGB7-Fm246A_GWaiSS9Cxs4VRgPzpWdqp8yJzKoFhhcmnZn3s2whYacq9fIkXA
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 544A 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzI4MTQ0MTcwMjc6MzAweDI1MA==&v=5&s=v31f4fou8eo&id=eyJkZnAiOnsiYWQiOjQ4NTAxODYzNDUsImMiOm51bGwsImwiOjAsIm8iOjI4MTQ0MTcwMjcsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLW1yMS1tcjEifX0%3D&sb=3&cb=6219305&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6STRNVFEwTVRjd01qYzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODE0NDE3MDI3LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame B862 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
535
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732145.761428,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:44 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
9
pixel
googleads.g.doubleclick.net/xbbe/ Frame D0ED 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVeT32U-rVNZ0Kzq8ftoj7OhhXhZGOj9hnVmu9c_YsULtDHExoIwJBubSYH--eF8OzOuhScGrEGGHK-PsjpMrUDTfuI1g
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVeT32U-rVNZ0Kzq8ftoj7OhhXhZGOj9hnVmu9c_YsULtDHExoIwJBubSYH--eF8OzOuhScGrEGGHK-PsjpMrUDTfuI1g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 29 Apr 2021 21:35:44 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame B862 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSTpnlTb-GbvU1Pwrtx7HismqIrcI4jypMBxZFt2ZMvtlgp4ndy2d7s2RMf32p1Fkfo4tkJuPIwdo7ZKoGgTDegLK2rSV4ymw8s5Yx4aVxwLU2NuSD4_--H3ukjXZIIGif_FWs5Obcz8jD43gpLmlzGJRJFw&dbm_d=AKAmf-AWdD4HRrNQlrd4Xn3VMtfdDVq7-tf9WTubltwWPLvbia0x5p7lSvChlDamFyx76HYbjoV0iow5p2BgMmMAkRek1SUABLicg_OyC2hsweFuVFVpx4Qwp8V2YHvU0-l1gCc98t_nTlORl6B7O9v84QAAEWCyWVjPwNg-EHnYaeWnk8QTy1h0SFJDrqudv2jgpaI9WbRz00ULPlD6z3uk0AK6eEl_cvZoH_fhixhyYb--k2_yevl1auCfyCcTAAQBLJEDI9rcMyPe19bVPRFs-fW7d03GWr5wdfsWI57uJ4CdJfOm6riQ5VDdrIVEIhpdKcxaHw3y22A22QnZnZtI-PrcV4TIfjGd9iGUvkZx5MFqa0N-ljjIwPmYAYGj7R5bFosXz8UBCu6q68w2jqfC76WlFgjbm0athLGH98uxRMUZDpdgtZ9DEpN_bCpk5k0drHGj9BIwAyxBJo8vTpjQYHvGZXQU9U69yNGT668P8vCAbSzr-8ZdjMvraRL3BDt3dc_G9Tjij46iYh7YZ7UtzFbzvH4CHhgh-Px1p9NdxQonrtTRLRgFUekxseA5F7N9TsjXO15izMOkk9kQZf6cl0KJe68Sw1jdcvB0pTDP8n_1eJsHJ4_TCAViR3ExBHNftUGaXYlP6LmHLbGEtk12kuS9b8F7yFwzFe4IYuEA8kQ-39g0StqVl1nk0QBgoJz_XPW5iSy10ouoaZCwO5hiAlO7HDTOzmTHkeRjJdhY7t2SMPh19KRCJPYIIFtCEbWts1Ta7TzldW9BJwGNuKHGy7E6X8vQmwV76Q230QklixHzjpkkVW7l__0KVngSpYu0-NL58W91Xk4WyVKw-LC-SS8UF_OaFPy2YPhoOF1jXlIeQWcUYoeruZ-1uYUOV0kIsM5PfT99RGzbBd83GFQL6xHiGmtM9V4S2oPIDofXrJuOX2Pn3kxhptOzrPq3a1O7HU38mz5c68fjH9pjiWLDNHXzbzjc4RRuoTCINzSxp-W9TyyLD81qu8hkWJrsPfgnw62c-SBQdsmbRhi5mXmhSx-6j4pK89Wk6i46ZvpUq1E63AyYB8a2RKxDgC7rY9qqqGX_T--x3ybUUCgJhVaiwLTS19PtNsNVAM2OhDivs3rWp9fyYu284wnJIIEvl5TbLuac-jLHuKAIp5vYUDC4CHADeM4dSgtCL-heFdwoTfK-udGXBufP_ObtqFxvy7GR0jJuxdS0BmUxwtB-QPk03rbUGGazMXMYuioh2tUvzQmPJ9ebzdGrYantdRJDmApCQ_6auIsSVDL2oQfpbE2vAWPQjwzv8hvEGmWl1rKnf-rR_ru6QOjiZNUseSv5KgsJvvEpUwEivmyASEGpFmY9xuMwhm-HUpqnN4jMCpQ7MmdwGt_2aE0Vzc_8WgB3DemFXv5NAmEr_qjNsNKdu73GIy8_JbgXJ4oNCwYQrT8R7bRknXwjNqiOiIPvrzB2vdAoDQPxpQhDkcR4RuqjMatdbtHyBViTWgVXti1Lv6oitvZ3-O2OofSrmCTc100TpEavk3eg1C-HwAxVrx603uh9CtnVG9pRnpFHkyVFrZXrWWP1LJEV1iwtXZ_K06sSW3YyjS7fAbmuglukHu42JELWpfakO3S0Zoiw7Z9p2ckN-NdMNJc48XNrOdFOjIAwIUlgYJVqZv3wocyyz27PnmNHsgAYZdfV2zQkEVyFJafVBM3FB2FqFPuTPdv3W-VnBANyKme4w05qi1QMGjgIolF6ocY0eCbTgA-r7_2J8VOZaV7e9fztXnBryZ9N0h8uLq71TtYzgfyyXBpU3A33dC2W0beOVTOqpqXS6Zywk1Wf10T_r6DyAlC9L-_CDoMjrf8zD9TyzFH8X3-bJkcobaa7bBMxf1ZyIGK_6KAwlCBfqwkqDZwi4r_aeuuY-uFhwsfWMMY8Co_Zl2e8V-49o56ETiWPUS687qTTHCFGrjXUB5fG0oPfXtH0umoKM_WE3wwEz67NUAuL34PTGEC1-dKvuAzQmcPllFFBcq5C56wuIfrm3SNQV34m7lRskMouvEYLxsE5pphwj6FMnm2E3HD2qP_v1_akmFSWqKDkBnL8MnlpNhhoJXKIsfpYC9zyveC7AEaGiO6weCGZic2r2HMrz3ABO7pr_B9JTRBhHK_KlBLkglU1p42w1B_b5K9c_LZa1gqIH9x_DtV_VRtYSSJHC1tk5XJRvm0R9FjuHH3_WkMg-RrnSGE1oTe6-OdZFTs8F3HZmZUgJL8inEFg0Jzbha0kJnAB2sXeMWhQzq5zY54OQQ4xTlzJ8UerIAzeVrZZH7S-b3SB9SuVURnZr760eHvsg956DPHJSq8Da-o5jC_On3B5LFUMbbQ8HKKuW7_IiMkwFJBnk_ZFCPxvd6tiYF-K49CVGDnHlNhQt79UpYtsttO-2cDWpc2V6xw1DPOByn_5AJC65cZesiWp-Hv7K9vKmckMFx9N5OCEzgpA4K9AElFZIXau0SH8YgjZQ5yu222vcLTXu1S7wznl1oAj2Pnm9vB-ibLKqk_zN0U8oUbLKwNujl_wzTKioRsbt7X-00wmgZIh-XmUmAS9ZDJEWB-UJH9-h-yNGzp1azoPYlVITVfOUE5WwF_P6fYyzpeDQ3H-AGLw093YIgvWqzAAOLRcUuOWPMJJwYRIzd6rXCGL9PltG0R4dz2WMEpR37yrsp5Y6AsTYpB-R9c3ipzfRXuGL7GVDftnh2kfiojd7pkzJBwu4cYzvB38ASVGeXSQJavE0RmKgXIiWxGAvIU9-2czV-Mg7p8pCSwAYNugkdu6mTffxZTVeEeda2KZ6C9raWmeYIozCqIe56rgseBIx439LbKy1l_Hic768xWeL3D_EcRx3ZmcMl3L9l52a-6IFvEBp-v_GyUxg4XeUkGznhhte2eOraS_HcKRXESlASfnT-ZfPO_UW_KKZTAjqEv_kF8AQPLRb-5ZdN1zD2gnvr0fmBdIK8IYMrLkiDFmknPjH0BJkMX9c8jT0ImKKhOVX7UrSKy07ZIJJdUNOTZ7bTFL9y5_AXiXd0C0bj07Xh4k85jbOHw0OL-L1oSCt8wwTyoczVJc&cid=CAASEuRod2kNYoDXUiP7nmO6TL1Ccg&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93d9c3b17fac11e799dc3a146ecd6f0db572dac146f2605bfcd708c339157566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B862 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxKdok59ATCF1IuVHTmziBL4oVyhJq6WMvqAHWN8RxKeURa72FBTym3vB105-UyuQFXYO5cYKB5S13lRptxOW0gk6g3yyMpuobp_-MNSq6CW2lx_w
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B862 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B862 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B862 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
pixel
protected-by.clarium.io/ Frame B862 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4MjozMDB4NjAw&v=5&s=v31f4fou8ir&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLW1yX2NvbWJvMi1tcl9jb21ibzIifX0%3D&sb=3&cb=3062830&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qb3pNREI0TmpBdyIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjMwMCIsImgiOiI2MDAifSwid3IiOjJ9
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 0C65 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
535
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732145.891236,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:44 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
10
pixel
googleads.g.doubleclick.net/xbbe/ Frame CECA 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVHpBq8Is9f4YnLSuVNGYfC5O4VVz5CIZ8eAn5p2r8xNGLNgVZTJExSDW4RF_p_3VXUSrfRzjJmkJPqOaxu2RUAGXrghg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVHpBq8Is9f4YnLSuVNGYfC5O4VVz5CIZ8eAn5p2r8xNGLNgVZTJExSDW4RF_p_3VXUSrfRzjJmkJPqOaxu2RUAGXrghg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 29 Apr 2021 21:35:44 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 0C65 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHfXDrK2wK3tKnljh65H-roVyPePjarFj-gr2OsT0p7mHbm3w7O7VKPwY_D4PvSopAgPDv3d9SUAREU7q0WWVITz0HRpaka2V-BYTQ-doKBJMcORFgy_kHfsESCbn-e_x1vTIF4ds9Q9-5BNm3NceeJ38NiQ&dbm_d=AKAmf-CCN-tBSz7zQWRZVrTbaogCO6K3WTsme8V_7QrT6lIVGHx1Jh_tGcyrjDdwCvKZBnMZR3yQHtxRzP8_pSLuY3eYP6WsqVDzfpFeUMGiPh-CptsEA8FZgNHINLcXJMqoM4fWIllxfl4n5tEslB4X6sl62l73R7caTsJP8quWP6ghNxWuqec5aBHwkE2aftcU-_uf1XDVk4YpGG8_6QDRLVYQQ3gqJNuf0ANf-IyriMK45CeFz10RpRrYISut9zBEfLP3GFJrpmq5eWntZHpFMOdcS7vmla_bgslOlgBpzQl0RK95dsMvrMnaSB0rIoIMEkBP6v8D1-dxP7blqt6dXWpVBTAgjH3aYISJFJ5AeiT5XFQNvgBwjwouNXuY4EnhRdsH3jbjKlMIrRmlZDd_ek6NkiH-65pg_3ltPJi8o8_XhIAjjJZBsFdU6KI0ryT_tsRVyBxaOIZRPH7--TxKrclN2vfEk-LELinbnoosDvv1NQ7SM0fkf97auCA-9nIUD8S1jmsnAGHcvD3m45Fh7hIePbcgq3HQviQtWhYtDLkXU3lqSICIFoKEuap9H-kSavc5TSbSBClhdLGxQgsiQVYcfNmwIf60v-rdInO_O5Etb2HoYk4m60H7j9tliHYD-kRdjUT5nbiaXMjYk56Z2C7k1KZgiCAIYtL6sxkonfhqRXvub1jpCGr6KlLy_u0BQ3fSHPFFg1kf0S6ll5TTPmdc1aBpafqF9sr6DwkKC4_mL0ksKTwNFRnsuNf3sOj6GMOb-61uSOiNBS-sluHlrzDTDvkzXXn2WXNQ0VNnnn4MXGFedE-Csbm6YhnVs5UjBy745WZ52OyqL8oWF9Xe8W8_hJWRb8DgxksGB-xVEOuR2--Xhfj-QYlfb_aFVgAG3n-MnuM0PFIrKC5Pam46LBOlegJ1oK2Ly1qF30-ZIkvFQPn3M-gxut8sY5emjevDqfE7KGvrvXlvGx4HtHnxvwZ-CD6ffk5juOMzh8fbjE1Ml7T7KILy2vsLKADxCVcdVvjpqHdocpKF3Ua77s11btV5a5kR4Evkx1PDSYIIuIreDfTAU9P3COoyvNsb40lQ4OFE6hdBSFxr1JSE0SqGwVKSd_R-wmVg9SaNLmnG2W7Jh7YtH41UtJBj5qrtpE9CAb7YCsukKD0xiZpqjp14zMpfP1WCx_otK3-yYrXWyFpPBWPMuNolI3QrvrQTq_z7_ovuWZCc7cg018lSFhvlOrjIwC2oRqnttRiLAi4WhUX2TeAzFWFjSW3BaMqnnjAt43V0A_QovkHOe7BhpdV7fzfeDuTJlfjZQQX_HXoq0uJypTW9h_LpoIQ9ZbmwG2mULprICyehYiWXBAEqBo60yW6v9UYUCNgdD-qtvwipXO5FvgpCOEXdljfMg3-qsY5vDPpdeaa12cIHvWq7HfPW1h2283sRubCYFRTxFNyxTZJBt10-MSrKwujA5HSyb0w5OQ23ke2GIgbxMrXfZBaING794S1ULLbru7twftx2810nWidLhIU7I687qI_HFvf3u8yJOUU9d79bs10rj2_YmHLA8sdzVeOLnBLqgAk0K0iBKl5Ou1YQf8hLqE7kDTfqyBRjaZTZNYFmJ0qmz5KtxGA0fxM8jdP5nnQKLpQn5le30fsNPR13yGlBZDRK5SBMh8-H5H3INqQUhjX98ZlQGts7C-rLn95uHWaw2NgH5ElrQHi-kNFA7ZOWyOZQh3Ey36ZmiffrdHgqvt-eIv-xrnVvpNOs3VQ9bwnKLKWJc-opO9j-MCgQEJ6fy51nEAhVVLjIdltDdqEBXMX1xG3D3sASFIPLmOa4Sf9mopGvQXeYjWT8p_JK3_cab9ybV4lBm9ejG3VV7g6jSnN7nGPG3z2JkLmRYCUX-p5i3BdEooJ_yM2SzFoFcsivshSqitX4XO8_gaVQOfo7VDAWv3KUBzQL-BXn6IEoheZjdQJBdUuwLSmj5fpk4dquRn4sPo7_aPqiHDgqoWQ43F8a3XiLFuA1rjgZAwGM9IDGv7aSYyljNkuoFAx5gyfEEhRQbfhSBc9noIAC0xbcp3Pk4byctUsGKiKC7uOw7ZVqu1019FBR3Ll6xowtcuLibbKAyWLsGVK9PkdJQV5TvROhh1ztPjJUyug_C6pbyT_NzmYC-1S55waYiSKEIU8zon5x-ne16Dm58aphwlFHt9hdVSxNXfYKh6azsYywwFbH3S2QNQRBuHSk-sPDdMfpl2TypxQ2nLaOKzAYROkFtsCPNpbcJrf32QQ3F9YhM7CTYvV1fabPok01tRRCH2MVU6docrYIrSzcJX4ftQv_KH_-xwQN6O91vObUj09ArsNA_sLU78Bf5FrYtt_lzny0fh4orwVTnDxBlfYpnHwJYIn0LBudZCxZiFGtEAMD1CZZLLKY8pByK5QdHO_zJKg5xYYYGO90-sokfvrerOpk-IYzj6wtr1ntbUzQ4qsJd8sTTlpipVofjPNWG19lICZqXyuZI1vduFOEmRS0yXZgGAIK_xLCYM2vyq9UxbV25hEGEDYQ6r_9sTGiD0PBltZfKf4vjRafq5ENhC0ZGqxCqO3Tg1xfPyZswRMa3lVdyp_7IyuH6CH3XFwz5H8XXXUGD2jBrIgXxuoGQDjezlIe80Jy2IgQLCzA3lw3_EUTsVxBhTU0Y8XyY0VFoXCBQvJhEP4QAmuZunCucKfoE0P9GcMvPJnhW6d9a91oLK-HE6MpDuEwy5mSWQVYDY1Pe-wcUJ1s0RS7tbBXMVHV08kURqeZUcdLzxU_5x-r7At9eHxgOMDE8Nfo3kiDtvG-Yt2iXD9xvms4Vapwu9VoK-rt9I_toQdUCkBxqaDvO4GvGJzdNPi5g_qIZAVQwdWnB509aazwQhACVTXUva18JAbF5lMhucpJ6SAk7V6i9Qjm_SmKtpRUOZEvss20FgPRujlMD73JgmN37BO1pmgnnhOyEnP53APRFMZq_Je020WDA6ibQp-q6Sf-TgHMgyy81f7UXiM_z5z6QUMzvWI-Oni78ohBCcVILX9pVqkiV698w2yWOFpvf5CFk1wL1oU&cid=CAASEuRoPMsTsHlX90fWCZSNsY6Xug&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5fb9cfbe5372e32f4ced6cab733641978735b01ad155dfb078155696b16c709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C65 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFSqkrdJlC3jHsiBZVdN_fVR1W2Ta-KV2cf75QzAxQD6HXumlEBHf0IEC7kex9D_-kuZlU3ahb23Bz2SuVxj0xUPcM4y7tDOUtYgGjSf3LHGtrBog
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0C65 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:32:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C65 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0C65 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
l
www.google.com/ads/measurement/ Frame 0C65 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOCyt0rCL3LzFxfBZTd_9Xp1SQDl708FBogFJrC24tUUSyQZPX8oBxVYH_9a5X_JOCnTAfldadGVMsaPugiTAA6CvmLw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 0C65 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31f4fou8mf&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWxlYWRlcmJvYXJkMy1sZWFkZXJib2FyZDMifX0%3D&sb=3&cb=9918268&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 294B 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
535
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
7jyTDHJoGGDUE/vmc8Ebu4coKy4MjmvlRidJfQM41H1u/4Pw2S/OuvphmU5HnJrQuzcuEqO/vy8=
X-Served-By
cache-fra19123-FRA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1619732145.044090,VS0,VE0
Date
Thu, 29 Apr 2021 21:35:45 GMT
Vary
Accept-Encoding
x-amz-request-id
S8N17C7ACAS36YMN
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
11
pixel
googleads.g.doubleclick.net/xbbe/ Frame 826C 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNUesS9H8MPxYZueTdj5vc6FWjiGzj4CQfCwTxpOmRygiw6_LBHJKXyMWAUPYEmcWzUyBOliioVH-XCp_0rEAQEOqgMhwg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNUesS9H8MPxYZueTdj5vc6FWjiGzj4CQfCwTxpOmRygiw6_LBHJKXyMWAUPYEmcWzUyBOliioVH-XCp_0rEAQEOqgMhwg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkL_ZObMiAEIol0jeV_dDSBs0zN_zFwcEq7_Ma7z6EqoilpmSordwE8wRjw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 29 Apr 2021 21:35:45 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 294B 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwAuTQePH4IXCvt7a2QV6mdfFVd8bkpKt3AOgjCWkZ7QjqvTPSBY5IsyaRIcq47dn5R3VgB2uHX3RXiyW7YYB2_YAx2qPTDv6atT0PJY6ghAmz4LJK28Z2dO6tGKJ3upkKxAeWuB0N5JU7ltYCbiitabqCbQ&dbm_d=AKAmf-BNSYP6krvSoN7YLgntNv8FZHPI9YDblRPZ06s44JFP1F1T9nTimWlaeMUcOp1xpgJHKYHI7R_veuTj4g4Mbs9mgYDQQnJGmeVaEnrkVSWuPZDg4tSA2UrummfRNcrriyeY7EYN5KqS2Sri-1UxnBiDPJMOQG4UR2hu5Tp6bdFqxJxtrspYUuqueeA3IbbcuhrnETZsVS0pWJqiKplL83jSY1fUij-ZXXzJlWbWRXIJLz_gJ6s7YYM_yq1qsjB6P8SN0SP-mkcdWTXbpCmDaBpB-hYnsU8mAeUVIZGqBV6BBVLVuHwMaxaTyA4QRqwNupGz4dbrhu9InK8dUyz41hEAA8EyBGUgCoRBR72EFPNLlC0hnz7pZAvcICF5OxgqIx_3_54uBhooT3JyAEfZ_VYMMbizigMpQEpny7WWT-S291MdGxf7nREEuxCQUM-20draplC89j97_hSxx07GtJVcJoFvh7UmAyG_drGDVq2uR6g1guYVZCcrOlH9IdqgSybkvmC0yRmz9j0c_gJYRmZgC7dRN5mJICCosuKdaAA9q1KtOu_U7-g8sr0okyP5IuQKqZ9eooz5sd2VdwU91YO0eRr__AwNJYTAJpHlt31esRa6BXX9SKt1ps6znmvpo0aLAu8PnbnHPTYoHGQfU6QGu665NJkq1A2tpW_0gZabnwTxqu4ZQPClhDpvBDW9r2puw7cVZ6De0hNS56oHnYTledV33osqlvDWS9v4Ygb9j2WdQkb3COY7TR8mJ24MLpFQmO4uOQA3kuXuLETlM8i5qSISmUtsKNHh6WoJF3503iPROM3cD2fSqtmiy2PhEFitFxTY6HEBk2bBLSR4NjfwIpfIWLiJ8k_ik7Bo3JcUC0Ebpw32efG_WJvOm98xIOQQTSHnaGPcDvTiqZLPdWDf4dobwzIik59Zuq8WUCMqLRHfJiuMrqo747yr9sHjglQ0GJ-1vcEsV6DRXzCDNUEHzEVS40rW8irqIUbXI7AxGSyWUGWdGV1nTUkVNmqs1J8cnMkpIkyaPd5QgLMW_IFIcSed48fMVQJWErSmk05y65sgJN3M6IspEx8SBHNanpp5x-Cx0wBktxHYKbytU_tFJ7C-IeiPjdBvwTAbaSe5dXK5ArA2aGo16uNj6qUIM14uUkKSNlA5lDJpM75dF5b_nAXQUpXBZzHALuTSipmnjxmpJufF3bZ6LmOcEqPQHul-jA1yWLPCQjGLNdHHgYjMJgq-rS2O33tfFVNW7rcSXH8-oN_OAIPt8vswyADUDqlADC65xoWRskRht5OQKJfZpLNGcNxTjN5wkcBT7rtEF7qjUYdBgj5WtodNZb8QeRKPGK8yXkGTHcf_hvfWySxAqg1iQ2MzzszfsrREAbEWJExGLtWhfBm4GnRghtt2Prflkltl3030luujdmfwqorVYvPryD-S1OkzrTvRg6dCHMCaw4-Pm-zXpiZfE5MqCEqoTyLlKyjzminQDgd2drbyQZegVeQ2wyhDEG-OqVdcEjqN2jsPbXhGFYk_cTnnlPFIDj6aqAG9A6cSsc7UM6cJrM2wDf8gRkomqascQkcxZTjzZ3FETx2pLhmxFzcUqEYZVaj9JB705Mv7Ug-aH2eFvrYvWUBMDnp2SQ4kckpurfnpwGxXMa3iaQfWLEE0CACaorkjFWy2vozdwEoMVzmJTQZmUle8Tc_fFa-HFJXXt0nDInxzURUXA_F83xwAIRf-4vBq9nGpe31aQv9DUSOFI-FrO2e2SQxbXOJV6tU6UlU6xPQX4-nkkOu_lLLV2jpVJ9cVe6U9JrlEPnXUISUjdMWozj25MT_dmGN0JCVY25mjCNTB7LF5oIKRkQ-VqeCNp9qigxGwhDA61YheSb5VZEO3sr-bOe-1TDLl8EkSVwkrIOBjjE-jM8yYlJ1NdHhyA6kBSJhhbUGN0G0-PiNZ7cMssZv8W61zFvg3Kuw7JQhXlz_L197DVJ3OYy_HCXLMYr-5NO92XMMYeODURotk2pN0U_Cpj4y4-cRSEZbxClIqY6bjo6R6kbJSp1-a_Nrbv5QO3i6i9MvNbgW8iTtHIzWqEuI2bwu6Mmk3U2bNLRaBwUmBIV8MSI73_-NxhmEg8DV7yerDL7K8U0hRsT2Lb0upWAPWURJiBny126AjZITJn2Io7L_6_m48e2B1tjEWSk96aw_WbBg7kWM-zYE2nRQFY0OqMBWSj2KUW-5AAiKYiUM90BIpxSSzMEAh2XVIqTTGy9PnT4gYK94SBNm9xhzoCt_mx6Lw__nAgOVRcASVNphQaw4ibktzYVAltQq4gS3gZ_KiZ467erIWhmUMq65SEZ300HBQIpm1fwZ8ialFl7MP4i3H-CC8SjDZFqmPdBRN1kdzND-NCn9eHpOUlTCeqlswh7hJmIRHBv4dzykdyc14eHuoZguj-ejVMkn3OVYhWk1LTfg-XEB9DVsVWSsXgwgo3cRjcB0EhjRjq2PUBVYMuQPhpfOCl6T13qlokhmZcMheKq7SP2rNZrdUpl9pD-CmPeIATvOQwFIIQqzyhBOAJRf6fzk5l1cxruETJ3LbE0fjYM1kf58s7_atD99tK5a_DgNawPAgXsJ2v7zK_QmUihm-bZLzr7U-8cGmvB9BHiwwdPWOFlKq_6FeRXca7fesNeZXj5Mah76QfR_MRznscy2aVHial59h8LsnstvDIObHYlVjvSIj6jDFpDIdBdDwnD8NhXPzmZmG0ZQ64U3yxiTosKh6BfcdcJoKtjuuSyptLEAGWVRDh9nrhgtDJWCFyn06eHw02WFeqX4KQw5pgsE6OUK8bc5PwUrf01dpcuA-Q8D7kMZCoZVjDLBiuqNodS6IftCcEIrFRtANR9pVnjkmirxQo6ITdhkFBTDcby7y5l30ulQJkY7Shwu9UMVltaJOgxtTMiU9nXs49kXEZpqYliSOEiWpk98n_qqtWn-BvBqPWX3PC2UgkcUbgkeMAnO8bdEztRX2v4cAQlqol2qY_2IyYIuKHYgXmhYDYGQQy7Er28H6Mi-qWtEIdyURh2pcBldHfCM1mHUayoc&cid=CAASEuRo4whv_2bmu1zqSj7iPCaM7g&rfl=1%2Chttps%253A%252F%252Ffox4kc.com%252F%240
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1f11e52a5248d9e14c3c9a8c426e3a8936694a3fe2875825ffb2f32dfc97f5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23036
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 294B 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnZhJJwXpqFpsLMUHhcoXcT7QVXsjFnpoX1f5vsPAZ_mkPsgNVrJMNu6Hig4QHH8i5CjpQk90TayxmY8o8aoUtQWdbJydwR0ZbLPibXht236dHtJI
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 294B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:30:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 294B 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619631691980669"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 294B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:35:40 GMT
pixel
protected-by.clarium.io/ Frame 294B 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_WTJObjhKbWlBWThIcG5GNHNsNW43SjcxamFJLzE4NDA0NDU4Mjo3Mjh4OTA=&v=5&s=v31f4fou8rj&id=eyJkZnAiOnsiYWQiOjE1NTk5MzgyLCJjIjpudWxsLCJsIjowLCJvIjoxODQwNDQ1ODIsIkEiOiIvNTY3OC9ueC53ZGFmL25ld3MiLCJ5Ijo5MzUyNCwiY28iOjAsInMiOiJhY20tYWQtdGFnLWFkaGVzaW9uLWFkaGVzaW9uIn19&sb=3&cb=8521129&h=fox4kc.com&d=eyJ3aCI6IldUSk9iamhLYldsQldUaEljRzVHTkhOc05XNDNTamN4YW1GSkx6RTROREEwTkRVNE1qbzNNamg0T1RBPSIsIndkIjp7Im8iOjE4NDA0NDU4MiwidyI6IjcyOCIsImgiOiI5MCJ9LCJ3ciI6Mn0=
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.2.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame CDDD 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 699B 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 699B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 699B 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame DED0 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame DED0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame DED0 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=us-400338&ch=us-400338_c42_news_P&asn=news&fp_id=ksurmwqrl6ee089fgc3o4kemrqq6n1619732141&fp_cr_tm=1619732141885&fp_acc_tm=1619732141885&fp_emm_tm=1619732141885&ve_id=&devmodel=&manuf=&sysname=&sysversion=&sessionId=evbrhuvkwtis8r5qk6dfliicscirv1619732141&prv=1&c6=vc,c42&ca=NA&c13=asid,PCF9313EA-0E2B-40A8-BA77-587A06282588&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16197321418822176&c30=bldv,6.0.0.594&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1678631&c3=st,c&c64=starttm,1619732144&adid=1678631&c58=isLive,false&c59=sesid,&c61=createtm,1619732144&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&c66=mediaurl,&c62=sendTime,1619732144&rnd=72709
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.217.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-217-185.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
gn
global.imrworldwide.com/cgi-bin/ 		35 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.imrworldwide.com/cgi-bin/gn?prd=metadata&c9=devid,&c13=asid,PCF9313EA-0E2B-40A8-BA77-587A06282588&sessionId=evbrhuvkwtis8r5qk6dfliicscirv1619732141&c30=bldv,6.0.0.594&pgUrl=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&pgTitle=Chipotle%20giving%20free%20burritos%20to%20health%20care%20workers.%20Here%27s%20how%20to%20get%20one&uoo=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.146.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
max-age
0
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
35
expires
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Thu, 29 Apr 2021 21:35:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 8955 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 8955 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 8955 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
cs
nexstar.blueconic.net/DG/DEFAULT/ 		67 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&&callback=bc_json1024
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.4.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-4-204.compute-1.amazonaws.com
Software
- /
Resource Hash
08e40106bad5ada2c81135c2dfd04bca6bfaae98072fe07fa513008b0940aeac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
87
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 8E53 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 8E53 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 8E53 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 544A 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 544A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 544A 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame B862 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame B862 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame B862 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 0C65 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 0C65 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 0C65 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
pixel
cm.g.doubleclick.net/ Frame 1E9A 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNXbIyICyQaZ6TFi9JXOkAgoyl3Ynw2G0XE58gIsu9Hfy3dadL-Rc0GNaMwKOpRD75vU85MVyftC3ly_SY77-DezTGf6BA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEObq2cRZzt7_6qqQMOFl6os&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEObq2cRZzt7_6qqQMOFl6os&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNXbIyICyQaZ6TFi9JXOkAgoyl3Ynw2G0XE58gIsu9Hfy3dadL-Rc0GNaMwKOpRD75vU85MVyftC3ly_SY77-DezTGf6BA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 29 Apr 2021 21:35:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEObq2cRZzt7_6qqQMOFl6os&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E9A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIsmsbk5ZhC2EgZ5x61NawAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECo-pGo0UsvmmIZnFSYVIdE&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECo-pGo0UsvmmIZnFSYVIdE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKeS8poBMAE&v=APEucNXbIyICyQaZ6TFi9JXOkAgoyl3Ynw2G0XE58gIsu9Hfy3dadL-Rc0GNaMwKOpRD75vU85MVyftC3ly_SY77-DezTGf6BA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 29 Apr 2021 21:35:47 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECo-pGo0UsvmmIZnFSYVIdE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5813
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKd4J4gGmw54386QST4TuR0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKd4J4gGmw54386QST4TuR0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNWI_uFZWKeAtv00LwLRJWnCU_0Ld2aZ-aEXc7GY-N96FcaDQSrZ0Ajk8olsQHAc3rLuMT03nEAoTWJRDPIZ31xA2j3tLw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
X-Proxy-Origin
185.236.201.132; 185.236.201.132; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.243:80
AN-X-Request-Uuid
b8a59278-6fd8-45c5-a9f2-8cbe84dd9608
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKd4J4gGmw54386QST4TuR0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5813
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNDQxMTc4MDIwNDQyNjM2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNDQxMTc4MDIwNDQyNjM2MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNWI_uFZWKeAtv00LwLRJWnCU_0Ld2aZ-aEXc7GY-N96FcaDQSrZ0Ajk8olsQHAc3rLuMT03nEAoTWJRDPIZ31xA2j3tLw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:45 GMT
X-Proxy-Origin
185.236.201.132; 185.236.201.132; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.81:80
AN-X-Request-Uuid
32129b48-2d55-446f-9304-4ddb4fe02a0f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwNDQxMTc4MDIwNDQyNjM2MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5813
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP-ySoDoV93exjxglt3i30o&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP-ySoDoV93exjxglt3i30o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNWI_uFZWKeAtv00LwLRJWnCU_0Ld2aZ-aEXc7GY-N96FcaDQSrZ0Ajk8olsQHAc3rLuMT03nEAoTWJRDPIZ31xA2j3tLw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.206.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
via
1.1 google
server
OXGW/16.206.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP-ySoDoV93exjxglt3i30o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5813
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlOWRhNGQtYTIxNi0yNDgxLWRkZWYtMmFlNzdkOWNkYWYz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlOWRhNGQtYTIxNi0yNDgxLWRkZWYtMmFlNzdkOWNkYWYz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNWI_uFZWKeAtv00LwLRJWnCU_0Ld2aZ-aEXc7GY-N96FcaDQSrZ0Ajk8olsQHAc3rLuMT03nEAoTWJRDPIZ31xA2j3tLw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 29 Apr 2021 21:35:45 GMT
content-encoding
gzip
server
OXGW/16.206.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWFlOWRhNGQtYTIxNi0yNDgxLWRkZWYtMmFlNzdkOWNkYWYz
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 294B 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39708
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 294B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 294B 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13470574408442207528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 May 2021 21:31:01 GMT
1022
blue.fox4kc.com/DG/DEFAULT/rest/rpc/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A45%2B02%3A00&ts=1619732145776
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
8d84c52ee281bf0b0c32c9f1b93cb7cb02d6a5ef0fe119a05568eb2158f901ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
666
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Ym0PCv2dVQh3G_BFsNYGZipCgF5Grc1KAyIapyK0p9F9hN7CuCgi8g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1022
blue.fox4kc.com/DG/DEFAULT/rest/rpc/ 		201 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A45%2B02%3A00&ts=1619732145778
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
e14b1d822239abcfd30b7718adb5b52d4b2dc67b5dddfc03cf9cc68c6b35ae2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
183
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
AB1ctmWmHrUkERoMzqF2lqVM_wu6Yc2BsOJllqra9eC2TA4EBdIxAQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1022
blue.fox4kc.com/DG/DEFAULT/rest/rpc/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A45%2B02%3A00&ts=1619732145807
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
f8fd47fc05a83430564edb2459e2a344b2905a049994b7b32da4f6b81c9985d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
673
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
v5ihhJH4HgHE2e0n9JVzEiopjzWnBwz2U188bcDJy-Doz5_iYrwW3Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1022
blue.fox4kc.com/DG/DEFAULT/rest/rpc/ 		315 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A45%2B02%3A00&ts=1619732145832
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
b778ef61e83c6d1b4e56a6cb0f423133cbe61a0f00839c76c948b6dc86ea1929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
167
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
3Rm2EZJsiSmwDJW2HYqe-St0gK3paQ5SS3rZZbi9bFiTmxvxc3uN0A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1022
blue.fox4kc.com/DG/DEFAULT/rest/rpc/ 		158 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A45%2B02%3A00&ts=1619732145834
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
6f74bb735ab06ee2932c30dba9091812c52a90d609edfceee0ef84d0600e6a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
157
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lPcDUMnXdzRYm6Vcr3S4m7YU2tXF3gsJ2tXe0fnOnaWPr0pcK1WPaA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CDDD
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO3EP5VJ-N-2JEF&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO3EP5VJ-N-2JEF&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:46 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KO3EP5VJ-N-2JEF&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9C31 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66096
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 86EF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af2e5a36f3b2193e1b6225f2a25d25a7a1e473a2a5fec2f3d26d9899b4f54999

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
728x90.html
s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/ Frame AD3A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba62578a04ac540f31eca1596de6b98b0b0daf98df5e24365065f641d985832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2261
date
Thu, 29 Apr 2021 21:35:45 GMT
expires
Fri, 30 Apr 2021 21:35:45 GMT
cache-control
public, max-age=86400
last-modified
Fri, 08 Jan 2021 12:41:54 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 699B 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKb7znp-Qt8syex7vCEPAtkA6odNX8friw8YaX7XBM3UrcBOnz07G90yU3ky9UByNW5FkCIFXne1eq8pfB9UpTVgCY3_S4mmeaYGOCj2KES42NhdR-BlBjOh4PKLyJilh24nMttRs7yLd8zUdj0LeXkrYXy6H-jt0If6K0aMBU7aD2dTUyw0jnMXcBeBE67-V1UPt9mpmf446rqWzCEgrfTwxNsi4s6ugRs-A2i44LiSQA33NaPPKySAn11Xv_wzhBdakwpfyklDwHcgPG-gIq9lXinuH7vAjRNhANVO_bdvLt3YEidy7SeZfz3UfO8tjnpGORLHpb3h3m-sAe8bwVCHhTFKvsm3qP238Xkwaf4BypqVTeO6HwIJtWc7KkLQHnje73orYh1dCjAMp4PtjQsdmcrmuslBUt_6xaX6g6H82PbHcNdTAuNswTE0YHeUTNm7ynO8FagzmjtZNhhHXuOluIeMetUf7BjNtz4GUu8kIGVTLicmm58u4d2x5YR49yTdS-CVgfcpRtlE2xNrLhZKs_HbTTn6D8gAa3ZlCQVvI13TRsTxj6OwK6tC7sL-fWwnWPqf5djENuL0PkHk49uNb8Hjgy-gkO7pnNFaM_SSxdc57au_Kmtm2uxvhEWslLyexf534R6CHEFWcGF0LQjdMYDHi3GrDulNS5RbVCr9J693TH95mrBZPP4NlL6lIunh_iKR64hWoS5-OnaT2ZUg1lg-Mt1jwho_aRusHN70vkHsGQpTZL0XUgDMQTkhNJy_50lgjvqY-A9yrDz5CuIsDiz28Q9twzZXLIeipB6-_W94W-ndBbrXsIvewxJHO_ho7jAfm3pSXqS8gsNKnrRjBVrmxT7o_cMkQKUH8BU05DTHPgcxRz699cZWV8t4PJSpb81uC3pLTMDt0CpWMalUJ_YJ23J0jEne-cCom-ZrwZKsjB-2QhW56VPrdS0-8xv_8wUfq6HQUH5MK_Ec6a3yIG77a17BFlfljqTPS1_Q5s8JweVLfIahupwwqvBlC4t_fEZBGuMpBI7AApL_lUwOkpQmtat0ytHwh5kuFEZXb60giLYXmjY89ZnbZjZnfElt-idb4H3azDaYIwYOv9sQqTHleTmA1A-CnKvNNHeqRPnIPbhgz5eBN_jJjf-Mv0pJp4BNVz54nBDnrbngn2gl11L-YvdGx2eAUwfA&sai=AMfl-YQjfcDIr-e1t4uKr8d7lmCJEZd_2_gqVb3NQphIXrii1Rzp5sl3A-iR3Gj7r2hDr7mBuie1_02N5eubnt0KOa_RVg8dDd3x9tf5Msh3GOPBpTYJgXSK7fjgZBJG8RmYMJJv-nVvVmMNuNI8D75duaVzJN5lHw&sig=Cg0ArKJSzNjaPn0idKdGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=905&cbvp=1&cstd=872&cisv=r20210428.77303&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
um
sync.teads.tv/ Frame D914
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEFW3KzDiyrEp6v_5qVHntI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEFW3KzDiyrEp6v_5qVHntI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVznzrlcfAdIE_nP1jcZ04C7bRXNfUg9RsXBwakfgT-OOK2x-0cAiNnGV8V5m3Vh9aGdpCxy0ua_NCdGpcoMPDzXFiklQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 29 Apr 2021 21:35:46 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEFW3KzDiyrEp6v_5qVHntI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D914
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTc2NzMyODctZGRiMC00OWQ4LWJiMGMtMDg5Mjk3Y2VhMTM3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTc2NzMyODctZGRiMC00OWQ4LWJiMGMtMDg5Mjk3Y2VhMTM3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVznzrlcfAdIE_nP1jcZ04C7bRXNfUg9RsXBwakfgT-OOK2x-0cAiNnGV8V5m3Vh9aGdpCxy0ua_NCdGpcoMPDzXFiklQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
akka-http/10.2.3
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTc2NzMyODctZGRiMC00OWQ4LWJiMGMtMDg5Mjk3Y2VhMTM3
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 29 Apr 2021 21:35:46 GMT
sync
partners.tremorhub.com/ Frame D914
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEI69YXOv2dmn78IADzj_mtY&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEI69YXOv2dmn78IADzj_mtY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNVznzrlcfAdIE_nP1jcZ04C7bRXNfUg9RsXBwakfgT-OOK2x-0cAiNnGV8V5m3Vh9aGdpCxy0ua_NCdGpcoMPDzXFiklQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7c39:f94b:b1fb:416c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEI69YXOv2dmn78IADzj_mtY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame D63F 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5f5bd3fa1f7757b4176c7cca5175007242b4e21ffd1023faedb5ffaab0cad8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8687
date
Thu, 29 Apr 2021 21:35:46 GMT
expires
Fri, 30 Apr 2021 21:35:46 GMT
cache-control
public, max-age=86400
last-modified
Thu, 08 Apr 2021 14:59:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame DED0 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDQOrx13SSBpZ-yWR0YKinUGNYOUyCi0TlEc0p3i2EfOATTNR67v6iyqVFi3K5eblt0MuurX1aNW8AS8E3m3HRhQGqg6nvBLcmri2YChCZB65KCtrpYI3dBjOEkeuHpFqbfJtMRH6qGHRNykgE6QKbCCkYaGoB9BpnAu1IdtDVuIsueH0qXqaN9CLlz0e4elipL_IgASAlVorLTO7VVmcsXFdC-es-T4EYhFH8y0hz_HMAhEsP43_NOvnRzI1PPUXLA38QA_1qmmQERPU6Q2d1pEEONe6RlIO3fZqoeIm7gvY8fPfaXWQCB1OsJTgSlTgA-WPjP-aidHm7Il2RXr0hPZbUu50oClSFonRzGJT6j0wWD4bUBDW7ZnJDlR7SFh3RHbqLmPszplcKqiQNLOXSRJZP9latiEpuqnyZ7FnJT-lJ5LYaqwIoShcU0zJUy7rCHd9RsnH9t1rEAi07gAHQLOcz-W2Xk5r6Raw_s5fDShNCd77pnlNQ1uUm2_Nrs-PJAFXhp6FINdDfwnOMDEdEonh3XPqvoziX8e6A4Hcmy_tedtWLeBpk-Ix2ZRdsL-EtVthxZuU_rYgOW5KJAm2WAduuaQfzWeYo9-q1QT3mtZ-cEZuRYiBDmW0RNXGxp3lVyDzqQMbYaCu9SzJblDLRW72OpC0kIqfNFElAQNeElgGJr1vwEOpMDsz_LZ7lQFY7q3LWy4lb7iWjSM_RTLZhNrqZWZ1xckaHwB7qWdvq63Gj_eaVf3f7hD3h9DqYd8D4iFlm4d5YCS0WbOwWpYZUlca96-Z1Wsl_gn_h2lSnG6Bn59e1s3KaaxS-4iz7eMvzfGxvFK9Cv6AOm_pOWVAquRI4RQ2AAy3yJ72diTaF5rTeJ-kD2I0gnyebWHuxlsgtjNUhV2uU9_TKXF8X2jzFBdNDlg8660PpRrICz19NgnuFXs6GNez_YazJZasTTnmN6IXFZ1p-zhv_E0hXAdpF2Clufo6zp8weas66WPC8wcQGMwebsg7Rng4FXOvpOY8Hyr1JXuYPi8Hr2dHYUMo23Bp2kDrBBDluZhjfgoiyAvKWbyAIqYPPv9TY6T6K22lguGelIo66X4kTf4fj1tpqJ3nIjl8rndTDIR1GZkT1Qz3vp0NkfIbqxk4Hb-79Rsd8WJdgASXVo9hlzCV2oGLPNVpPYqAEDbHdQPvlC3J_x4w-7bOs7stPVot6JoR3gwPHqLaH02kcPZZZoSAJvDEpoEKxKI0aefvrlhvCvDs&sai=AMfl-YTEkEP3Bhoco0W3HEuDH1BhqwuMLvlAlS-sZXKGkiWroDwsXFsxtVt1HNok5vGV0Iv7uEqYnCSzToZMLnGR6131x8Jch6LXWfVu5l1kFIveqOP8YEu5ZY6PZKpMiJnZ6O40FZVdc4frxnfSulXnFY9Gvqgzi4_ATi5pZmqhJxkQ5qQUJz_QpQ&sig=Cg0ArKJSzDSLUgfnp9sAEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=893&cbvp=1&cstd=868&cisv=r20210428.02525&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
partner
sync.search.spotxchange.com/ Frame 3366
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2bzEiMFMqBThXbXKHzdDw&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2bzEiMFMqBThXbXKHzdDw&google_cver=1&__user_check__=1&sync_id=dc16bbd7-a932-11eb-bd9b-15758c630306
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJ2bzEiMFMqBThXbXKHzdDw&google_cver=1&__user_check__=1&sync_id=dc16bbd7-a932-11eb-bd9b-15758c630306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNUmL0jMXMo2GJYp0TlQ1Z_CbRmQLmQ6KLEfmWCY-qZbCT9pY8EDzyb9TXUS6ORaZrBR1abPeWqKOoeIjTjimE_k5D-zdw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
88
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEJ2bzEiMFMqBThXbXKHzdDw&google_cver=1&__user_check__=1&sync_id=dc16bbd7-a932-11eb-bd9b-15758c630306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3366
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJiNjI0ZWUtYTkzMi0xMWViLTlkZDgtMTEzMTE3NGMwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJiNjI0ZWUtYTkzMi0xMWViLTlkZDgtMTEzMTE3NGMwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNUmL0jMXMo2GJYp0TlQ1Z_CbRmQLmQ6KLEfmWCY-qZbCT9pY8EDzyb9TXUS6ORaZrBR1abPeWqKOoeIjTjimE_k5D-zdw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGJiNjI0ZWUtYTkzMi0xMWViLTlkZDgtMTEzMTE3NGMwNDA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
99
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 3366 		0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGJnv4KMBMAE&v=APEucNUmL0jMXMo2GJYp0TlQ1Z_CbRmQLmQ6KLEfmWCY-qZbCT9pY8EDzyb9TXUS6ORaZrBR1abPeWqKOoeIjTjimE_k5D-zdw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 680E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS14TWlXRm81RTJ1RzVRTWJ5aUxkNjU5UEF1UGtEelBINn5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS14TWlXRm81RTJ1RzVRTWJ5aUxkNjU5UEF1UGtEelBINn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGIyn8poBMAE&v=APEucNWMa0rtVP3Q2bwiY_dF-Vo3JopLzh1MfS--U7X67t1dO1FqEeXeX18LBx57puUMYG_JcJ4nZg6h3JucCythGwnfF-tfjg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:46 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS14TWlXRm81RTJ1RzVRTWJ5aUxkNjU5UEF1UGtEelBINn5B
Connection
keep-alive
Content-Length
0
user-registering
ads.stickyadstv.com/ Frame 680E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDPPePHO_TZjo5pG8hVgSSg&google_cver=1
43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDPPePHO_TZjo5pG8hVgSSg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGIyn8poBMAE&v=APEucNWMa0rtVP3Q2bwiY_dF-Vo3JopLzh1MfS--U7X67t1dO1FqEeXeX18LBx57puUMYG_JcJ4nZg6h3JucCythGwnfF-tfjg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1619732149200042-384
Expires
Thu, 29 Apr 2021 21:35:49 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDPPePHO_TZjo5pG8hVgSSg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 680E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTc0ZTU3NjI0MjdhM2FlZWQ1N2I3ZDljZmZmYTRk&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTc0ZTU3NjI0MjdhM2FlZWQ1N2I3ZDljZmZmYTRk&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGIyn8poBMAE&v=APEucNWMa0rtVP3Q2bwiY_dF-Vo3JopLzh1MfS--U7X67t1dO1FqEeXeX18LBx57puUMYG_JcJ4nZg6h3JucCythGwnfF-tfjg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NTc0ZTU3NjI0MjdhM2FlZWQ1N2I3ZDljZmZmYTRk&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619732149066038-341
Expires
Thu, 29 Apr 2021 21:35:49 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2EC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
43 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKiS8poBMAE&v=APEucNV4k3Clj83xCaJcaPvaXmFHRfyMQYTEDsr4298mEEgR6S3dgauCtiYWkxu7Pqjq40ESUbJMVmYYAk5WcOZRFZSxE7-cXg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
cache-control
no-cache,no-store
x-smrt-reason
5
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 2EC2
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMAR...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_hm=MzAzNDc4NzY5MzU0Nzk4MjY1Mg==
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyfJRCU4uACGKiS8poBMAE&v=APEucNV4k3Clj83xCaJcaPvaXmFHRfyMQYTEDsr4298mEEgR6S3dgauCtiYWkxu7Pqjq40ESUbJMVmYYAk5WcOZRFZSxE7-cXg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
cache-control
no-cache,no-store
x-smrt-reason
5
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEP2cS8hOCs6Q_IT7xlpVG00&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CDDD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zRVA1VkotTi0ySkVG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zRVA1VkotTi0ySkVG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zRVA1VkotTi0ySkVG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame CDDD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO3EP5VJ-N-2JEF&sigv=1&esig=2~9bd331c2b2838335c3ec9a2f6f64dab93bfd0939
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO3EP5VJ-N-2JEF&sigv=1&esig=2~9bd331c2b2838335c3ec9a2f6f64dab93bfd0939
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO3EP5VJ-N-2JEF&sigv=1&esig=2~9bd331c2b2838335c3ec9a2f6f64dab93bfd0939
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CDDD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dJZO5FW71FyvPMB9lMBBaA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003722113116369382
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003722113116369382
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Thu, 29 Apr 2021 21:35:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8003722113116369382
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CDDD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=adff608b-26b1-4d00-8480-2197b8001798
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=adff608b-26b1-4d00-8480-2197b8001798
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

Date
Thu, 29 Apr 2021 21:35:39 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=adff608b-26b1-4d00-8480-2197b8001798
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Apr 2021 21:35:38 GMT
pixel
cm.g.doubleclick.net/ Frame CDDD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZjNiM2I4YmM2MWFkODgxYjczODVmNGRlNmMzYmI2ZjhkYTA0ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZjNiM2I4YmM2MWFkODgxYjczODVmNGRlNmMzYmI2ZjhkYTA0ZA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY1ZjNiM2I4YmM2MWFkODgxYjczODVmNGRlNmMzYmI2ZjhkYTA0ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CDDD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIsmsQAAm53AqwA4
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIsmsQAAm53AqwA4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619732146.081731,VS0,VE0
x-served-by
cache-fra19165-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIsmsQAAm53AqwA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame CDDD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame CDDD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM702_Mh8cLza5eG42je-jE&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM702_Mh8cLza5eG42je-jE&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM702_Mh8cLza5eG42je-jE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 699B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 29D8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66097
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 699B 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6240
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
GFrXgItcRvdVe1YS1xU7Y6He7SJEZN1Oj5pmXTDq6nwJvwpzsTCX6Q==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame 699B 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=758255&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 699B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b81e2bb707e9e06e3c44fbcc0d62d1b3252f610c3d70321027cb2e004fd551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DED0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7800 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66097
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame DED0 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6240
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
g2D1tuAkslUgxT4S0dIKVyfAuTlcTdzaV6mQCiQLHLYMabzJceRh9g==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame DED0 		42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=487077&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame DED0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0be45c3488ef17c8da28107e6717497646f12938e77a9db585bd7291e9d7122

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
showad.js
ads.pubmatic.com/AdServer/js/ Frame 837D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=76277
Expires
Fri, 30 Apr 2021 18:47:03 GMT
Date
Thu, 29 Apr 2021 21:35:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
300x600.html
s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/ Frame 13A7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad99dfd1eac8b79dd02f51951dec76ac4da95c587101cd9f4e6fc98c810344fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2254
date
Thu, 29 Apr 2021 21:35:46 GMT
expires
Fri, 30 Apr 2021 21:35:46 GMT
cache-control
public, max-age=86400
last-modified
Fri, 08 Jan 2021 12:42:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8E53 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-6_MIW1_Q_m-jDoIRDubiuv6s2Vla2X_BzYu5t4St3xDgwpY5lyGHOTRt6k4chQBTANrxzQHbnGg1FZZ6_FP76VG_VdRbpI3-pgFlThI_Mtqru8zJh1OQddXGcmXbCTAmmNa0yagex6MpNkpGcKTANHqjQUf8T51qLCslUIVQZWyi-Bu9VF2pZyz8C9F29qJXcVYDT8eISaR95sAzVnSO69CaKCO8ZhP5hP5cO3jVwR-Hwr1nxiLwp01W5iL7SJCbcCxChaoanskaLkYccO9AvvqZmm0lRXM8flCsdUHuJ8Mh9sGfEy78MuWttwg51wJG_5OUYHhNUZ9vQMhs9yFyZlniZ11xs9YVAJQtFQDtQRAcLL6oYgA-bByVnlpiTy_OC8rx8gfCEJ1T_CPyH4jfsDKy7rfK4UZacLyVMfsfIQ6BueGSwV7hG7dRrgqGTLk6dfob18iQmfRKSogptrAAVeelSmH5Fk6PIrpcZG_ZZtZGfLXb0ltuc0iYFDVkIM19Rg8hJz_Pa65Lt2RG4KWiqSoYfRGrZb6hiabNuN5-tmwaubHTPwGuRvLZI8uGW8MA3L5k5WZhR0lAw_sJkPT15VKed0_gv_0NJYZx-2zAPUquko-L7VlEsqJGTaksCBgyG6-fnFi_uLQMy6faw68jWoQKcbykuMShRacVbbhZVS3rhHH5_0q3fLEId_jqir-n9onbDvOQzkFjYQILgo1K1np3j0Lm5CdkQvvQ5a8oWzRyOUZh33NqX7Q5BCak2wwxZ-BIObBqqtR_lLUE-NrEgyyoCvRt7ncc8VDPlgeG2p_mszUj6Wa1ZDSxTsyFh3Uc-mOScGCUxPQH8bC8CTE41jZhIJDAsaF0t89fePXnFjT7ZK3aW1HWwbiphLAiuiCEhMXykfwqfn0TEOkO1aljJm88ItpooVsUbgk3-hjZwgFINmOd2Thv3KDk5kbvOoj67XdQuX7JmcdfgmPgEAZRWBcOR1LYAD6GIvjtO4VrpbsuDhpYC8H0MofN90EUm_F_UVgzc9OLRl8rQtpsp0tiauZbqPeVG30YLntMVLUMyVB5CmNqhYSdXSqUXNsKJOyWf-hQTLNOHflqys8yXDnPG1PmlJNr4oE9l_BDxEtWqRfcJxICn0vqNwwVIXLn0jkVOLhRb37ma1L2eOzGm84sEW5kA3-qrzy39_Ly4ZyiR4E&sai=AMfl-YRfHc2xCWEGy2VXcfrzYU9AedJZzwAwUvsCS7fuOG-gLePO4ics8uA2fIB6prVwqeXEnzANBrbROmk5eaHPZ68D_mEuZYlyaKX_phyFAbIzw8o2r9aHdKgOZj3X7aYWK4fTEXoIpkBqEw5cpW-WJgEFbyt2Dw&sig=Cg0ArKJSzD1EdgBbwVCcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=741&cbvp=1&cstd=721&cisv=r20210428.72904&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
300x250.html
s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/ Frame 2FFB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f66e5ad637732d3dbedf0c168aad5a16950492e7ca00c9964471cdcb51989d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2257
date
Thu, 29 Apr 2021 21:35:46 GMT
expires
Fri, 30 Apr 2021 21:35:46 GMT
cache-control
public, max-age=86400
last-modified
Fri, 08 Jan 2021 08:44:39 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 544A 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIIkkYn6JurFo0uikfjZXuwoS95VcG4HjFpzCl9RhFirTZ0vrySMyACdY3VDzE_TOuE2aPkH4D04nCSh5gd0iE02mN-eptJyU63Epkmu8pEONjKihRNDjirl9OYfQEn1lDcavfR4J44V6MXZuatkuGHZDnps1QV43-TlOvB14I8WugfNjmHUonTlOQ9LYtPpFKClSbb56y9gIGTXiRDm2j1n4pHeNPsRgi1k05_9tSQEyFyudcd5vxVXIX-q6jPBzy7Q39fqi-Wey126YZkEv4gb8Fq1gptclkXqTNIFA0jCvkDUbzXExa52Ox8uRZ_CbTTEbaW2TwrQ-Idt10vqBsa7p30Inype4kUnJfX06gUKIcQetf4RG3mhwkeV4P9aAkdAInGc2ogW0cE7beBtWi3KfMv9spjaWDMoe6Q_7DkQf-6X4xwTr0BvLDfs5w9_GVWgMh6diDCsH-aIZ4O9eb-sr_NIh_TsLi5iFFgSCiLPpP5aSzslGedoeRqSo_bUoj7-jZcBiHecGE86cZKhuaY5NUASdZ0GVm6A489srJFMEcTRRreH_aSPm4hS9z7uu1O09nmXw6U1jvmpY9an-Fg93inHk6HFoA52P2hnmvBxoE6VpGgyVH5GAszL7T2u9s9yon9ES1YeVsCvG2CtKUewP4zgTAppI28EfZsWq029qU8oJk7OEXczVJG7kApmDT7hc_FFWl9tb8qDWObG0aflRsXvawMc1X1kyt_25_to_hCI2IXJfSlu81IVH3kubQWYOQRUITdl3bbqAI8mmoDQMxlk8wjUN-Lk_9xYcjLYFQJlfgpNjUBiAWzyxdU7hPEByIa78icrEsjGh6MFW6bZ8xg2cS3oO8CIFk27ulGlqnDVF1qyWavIwVhoI8rp3gIr666xJoRa2BwC3RYxWKtBjkFAd2I6TayXJj1uBqxPXrM4gaIv6U-MxUUOMFWKkwaNjlBOA_9fxlaQN-uZOeMIFTRJZdU9glS5gxAa29LSqPRg1Zyse9GkaOl6ke5f-JYBZAM4sC7IH48ODbTyhTvSak2BKZjNy3VmfWBa20Li3hxvwcQdygIaY6VvIlRCVrRht8MAkVaXy0QY8Ow-gCKli7QKI2oaYG6Z0DDp4eXlk40YJ3jasYdli3BRo-QUCAkZ4zgUnjtXFT7bPuncP5DFkal_FAIMWq_TXe_P8fhRvXMN06&sai=AMfl-YRF7PbdjEvnz18BHg-jzJ4Hv4Qk6XgQWY_zLnl-G4rTN4Truzbdw5-7D3S5iF94K0oX7KKg-Vh3VchydxSGZf2PG68eO7i1h9i5PbbmFqZSaQUe5WFK4p08u8viyhWoivGHKNW04SJpGVc1pnqlsp51hkP2aA&sig=Cg0ArKJSzATxhsetBWAbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=718&cbvp=1&cstd=693&cisv=r20210428.89914&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/ Frame 26C8 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44f70655319f88028db03bbf414e5c52cfead2ca8174f3d581e81eaeafbaaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8589
date
Thu, 29 Apr 2021 21:35:46 GMT
expires
Fri, 30 Apr 2021 21:35:46 GMT
cache-control
public, max-age=86400
last-modified
Thu, 08 Apr 2021 14:59:40 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame B862 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZwxGo975jzwABE34iO5mqguBzjB2uFbVmGtOyTnN-zbdTNlEy4ER388Kw-r56URdWnMgJgbqKNfqG1NMAxoK1j5QUyhm7feLdWhMOE6L1uYt8kCeSqoJ8D5KssTvSbvdiUe0XdBStwHPYbaiNCAZJ5rowXfM6qDN7tL0j8_8GGkZGut74xOUIqvnacZCpCVAZGN3IdlgHYx0ybT1GJrW7j0lDlwOrjIk6Dk7s81JyNR2LEZpqTyVRjoKhdKwxSbuElYzWkAyxpvMLn-sJw5ao4VP7mC-S6jgb8X8Nqzs3rZE6ELL7kW_x3ShH38_HzJeCd3BMzBN9uwWfwRnRcXFJYCHH8xxH9kJZMNhIqptqHr_gfBRpMjUQ3J8lUaFL4_09-ft02LvJhvynGSTn9i3k3ZViRO6KkUzyngkvQgYmnZpVV-avxo-VVvp6d9Vh1bD2Hl0cjdD7EEv4mFi-ih9hzji4JmIJEY5Qv-i2LFev0k3XW-oLNYtQntQwZg52zG-8hL8BaITyNC2xkK-wbl8V4AgiYPdZDUeF42x0MDwTHtyzCUZtK3P7qYI6Vfn0LpaiLMr5rQWmX42Bs7vz8-b67ePIOSbBJWthyi1YYNM6i9IDdfB3erGcg7mGoeR6NK1yNnMF-wbtg61_7srmnauBKtBkf_TIkwt_MJ60lNk8orRQJl951du3rHmvIEGWqtWaGbIK7zhLEuDwJYNxPwwoDru4vVQNBE-p5UNvV37EQT-AECLzCG4tR4UgcARV5gRICC9lERyzQURdo9AHDT1tsZlXRDBm4Lj7wUnCLnRLTfY0hlzrpzxXPO7hqiAJm2N7tfgk16Afj_6x7rqri_1gdKC5Xmv7s7pN85Kgv2jPRbzCSwdT7HSmV1fbJHwA7APADv4CVr4n9qe-BvoQcgR8ggXCEq2XG6JM9XfcLUgdVVy64DRWa55fUFoOfRc2ZBUGE4b4pEsQnJlXW23Xj0WYeNXeFMQedAflkU4UkOkaglzP6vzZPF5W7mNJ7ux6OOL7ePvYRxb_tONqYDJ0bdOWTnbS1FmkLVzenrl6qLK91ibKeZtb2g9Og_9IyOBkDOKqJHPi4LtQifYy04gbMhm9RyhcLhqqJsjn2oVE3K8_4EH_7MKyw9v5grGm9bcY_P4YmGioW_K-OmvJ9Ruu4XoXdfJY7MxHFt2MlYv7vG450YY3gzJKIX6bNHiShXIwM-oM84zvCO-pBPtx8dHfyMoICGm-f37x_4R0uUY-RxtqMA&sai=AMfl-YT1WQkeJgSaeXOH8P2-DZucWiJZaCzUe_2C634FzXZro13j9nmGWPLRC88h7lF5Xp6cC0NwHa49A7iSHlMBR9sYHOAGZpE51u8XBSlpPfMcy6GiJJDx2_C9Ld63B18TajNJpWbi8ez2fFigTGu0urtEv7bv5-kp7qDtChbK4uQ3rQUQjbBxZQ&sig=Cg0ArKJSzKHUThyvhTPaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=693&cbvp=1&cstd=670&cisv=r20210428.70833&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame FB4B 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5f5bd3fa1f7757b4176c7cca5175007242b4e21ffd1023faedb5ffaab0cad8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8687
date
Thu, 29 Apr 2021 21:35:46 GMT
expires
Fri, 30 Apr 2021 21:35:46 GMT
cache-control
public, max-age=86400
last-modified
Thu, 08 Apr 2021 14:59:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0C65 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKJ-_bymZzQ3Vt5AsZljEUi4xTmGxHKiMOxwM-PWbhAhuDhHzPaBzfoITF7w2ykKRyQlSqdUdRBgd9g5R44rTRaZXcVC-1x4w-e-1H8ci7FKn6h2l7DgaLHpKfwIgP0ZnbSGgmqdr2RcQs7IkFwzKfXR9Xm2L63CtrNXJg2-S5oQnMpkjYV211Az74bOincX-kumcnI6Wnw-xnfhRZf4JKNs_--rM2qx5OCJTiUHOFRUB_ObLh-uiPJSLc9INVQn8J4FiwN-noB8VY2T7LRy2Fl4cXCjyPKf8Ehou1MFaexX5opwOoov0tJBVp7ndAa3q_Eam2dqODk4X7a88oitdqH1VlD2J2SaLV0P7WGoPsHVQ1lK_XUYDcN1NCpn2J6gsdQi2LX_6KHKGybUhknAKQW7VhokrF-KkPJGdte5f_Ew5QZ6PSRJ2D493kIU1PSEAcfiGXl0FUVSs9DgpvRjyWwH_D7qPllWkDdrksY_h537CY_8Wq5VTkhz73OILrd7_h8Y817J5LhRjrYu-LLOE-YDat4c-D1bZoIaClRMV_NVsv-2ysKp6Jd3Cup7S1RoWAMKGlxy3pIQqDgDdwAdFc4fmwdo1Nf18SuuYN6-JksLLkT5wh2uek5KPAH_4atLZSDhujvuqA5aqpyd4B8Gvp6pk1_NyGsl6IN9CHYSWv9Inp-j6BU1AFIeNnhLgrn23hKPjVSHlXlJMhLUlNQOunMifZbayqOndEAjL7fbd4dqEy-Enumclq0g-yFVHdtoi9yzbA1vV4pn5m7jBXKGAjDcGNOf02RY5YJc_LnD8oBWCLwNnHjbpjWEzd8kP9eIANQn7gEC8j843VuejGLxWmD7_EkMGIG6paUyFbtWRyX-o6rOnqmhwtnLBXn_VQgCiqD-oKDlwq3Ctc-6RfHoJwZ_oD-OS7bsYzS6cYrE1sMiGLu_qaeZC100EOjwMefTUCNTklNWFYjghsvVF-qfnzbMpu5xyWHo9Y_MURAU0vy0wWobEOwffS4LntVqL83eL0LJzyFGvODWsKb2SBX4ujh1rSLR1cDWzkJfjfXaWnKY0wJmXGAanL5IO5FTLXDcqljKCL7rhpjuNCkyuVr-or0j-ZlL6YnEfxAFBwLSU0BZlMK3SOQ_i0UisMSImNBWbfZzpLX-J_BRsIwaayj5H6x-BfNdouM0L6kYHhxzaBbOkTf1PCDHldXX93yD4XEgjqguCL8Tjo2jZUcSYlKoE3uRawjH0x8re9MeHKGYg&sai=AMfl-YSyxrwbl5X5VpgtXG_aQ9NYbl7hloeaC-LwY6scr3CSk517dfuzLKi_k3F7COmPspAlizU4y89ryZYsXE9BaTyxO02CraXxBVnTRSP2yZ3NfyyEsyNfsX53z2PJjio0Va1_ghTDWMa88cN_pwFVmjbxF7YYS1-bs_Cd7YJ0t_W4iGQ2-XbkwA&sig=Cg0ArKJSzIinwHvfEpKSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=684&cbvp=1&cstd=661&cisv=r20210428.04845&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
log.gif
includemodal.com/static/ Frame 699B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=2b7e6f34-8162-4448-8fed-939f374a6a8f&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 699B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=2b7e6f34-8162-4448-8fed-939f374a6a8f&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 699B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=2b7e6f34-8162-4448-8fed-939f374a6a8f&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 699B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=2b7e6f34-8162-4448-8fed-939f374a6a8f&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 699B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=2b7e6f34-8162-4448-8fed-939f374a6a8f&url=https://www.newhome.ch/blog/en/services/business-customer/%27%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
728x90.html
s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/ Frame 8317 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba62578a04ac540f31eca1596de6b98b0b0daf98df5e24365065f641d985832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2261
date
Thu, 29 Apr 2021 21:35:46 GMT
expires
Fri, 30 Apr 2021 21:35:46 GMT
cache-control
public, max-age=86400
last-modified
Fri, 08 Jan 2021 12:41:54 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 294B 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN4QpJgEjJHubtdkTuzym7mIJ262SZ96D5DRcjg3eV0KyIqRFafpc4qv67tikNH4jtjKX8GX_lpEfeqOA0RW2x5Th-ZqyounjYBcFLQCKw8mrDa79S_udTwlbyPDZM_u8WcHkYXV0U8A9Hd1q9T2ZwCU9lyPhE6y5C6nMPXkMfESHVDZLkttsvAY0vNNevZlgnI7pvxqil0hT9WrgcvIl-9MGsuoItadbCOOWlVmlL6Vc_OCnMAynm3_s7Mh-rrRaW99e3F6V0GBHRU6AZMiYGmOkZshrzyprs4b6TzqYwzptXElLszA1GiJXTaL7AqMnLVBjzY8LIngjCjeCHYHmOiYp38rhyGDf4l6GZUdx06kU9XTzsZIuPhuAv4qc66fm9PPOLWRsHhtSsmqqo8D0USav4JbAkmv6qAs1nH2548tgYOuml_UNOmLV7cCVBbt7I9JU8XONT6vdZuCTXBSyRb23KQbnDppOKB-s8bqGt6AzBe8CzgPZKQs0bSLo53-fM77pasDegYdfyPLW415s9aNkBWXIdae0--egLxunZjEpw1sfE9-7ed7IVOWx2gdM7zQEp_2K5sAutoycNyE-qFE44RbOEhdH__ZbEFTiKNv75BQqBCSQ3BwXehCrFSrmperiGu6SZXqowhXinOdr2uJ8gdEqMbu-dkkgjcYf0qxWRS0OB8HhhWEhLx0nawYoBKlOqYX8OMP5JVCxlr9eY3oWeWjE53QWqb1OCr1bbcCdXIhN1HOxp50kpkfXWqF5pHpgtBIelAcr5UIvHmFu7dZV4Gg6sTYp6vnwqkamnZlMjbt_abiXc8yOmZHfC1HARTQGXXA4vD6r9VGhNpB8JrzKi1NTpvMfPBzqJH0zb2XArXe1etOKt9DUENAkxvOxt1VTAYqEzonWHz-oN2Of5BA3U74qmm0ZuBqakrAyVumC-R_FWa6UF0zDTO2s5BfEz4qBMNjhpbhoJWNEuqYud9_bNKgXnu4QXfwOhWOFTY1c6pkiryxD4ayT9ckx_irUfDtqyIM7erFcr6hPb4_sREEHGDKqQIyCGduew4ugtWQJGMbCFDCxnfY0zcFk8FzF4SE2LxSpvgEWLOhVBvc3IazVyL6cw0LotQYdmHl2nxRuyoekYCxI2q5BEdgMZCg9HOk9VdJsuE56sOuhFg_xiJN9NqYHxM1Ss18MqtYDd0g&sai=AMfl-YRic9xFOsgIuARX4jTlNxNtDuuetcHjEPhnWAnYX7xCZKze4VbtXAsKI2bVUyQh0MRIhHmFXWJDFwRgpWgyvar0FipRMhnkaOOT7kn2QKsRjHLF7t66ctJO2Y4ZnsqeY_HCWPumG4N7sK2UYXvwtQESkzTi7Q&sig=Cg0ArKJSzF7KIa6_JMsAEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=755&cbvp=1&cstd=731&cisv=r20210428.10076&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
log.gif
includemodal.com/static/ Frame DED0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c5caeb83-1a1e-47d3-b620-52497baa8e15&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame DED0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c5caeb83-1a1e-47d3-b620-52497baa8e15&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame DED0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c5caeb83-1a1e-47d3-b620-52497baa8e15&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame DED0 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c5caeb83-1a1e-47d3-b620-52497baa8e15&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
LB-Zone-1
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		137 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-1?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A46%2B02%3A00&ts=1619732146578
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
298bcc7b07bd4f13defc36ee0724126509b6b89dc4412d12606a91826d29afdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
145
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
1QMzz8WfnEqPhtFAgNbU_p-szscgBokQbnKehqtkf_N3bb1tzkZQXQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-1
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		137 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-1?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A46%2B02%3A00&ts=1619732146581
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
d0cdd936be8a5792b445242e226c21760b576a36b18f13c87027bd707464ea01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
145
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
v3yo8rLJF1gRGZRLkhJ9gdk9hcj11XpikDZqsJYQz0G7O87cS5XBLQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-1
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		137 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-1?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A46%2B02%3A00&ts=1619732146585
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
d2aaf6c71b7f19b4e983cfe52e41b2ce0ca0d0f1560cbc2d29022220cb10c6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
145
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
yNhXoDTH4w9nDcVFf_SwI-rFGGYHoNH6Yd5j1u8ydkCvrFmA4Wfeeg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-1
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		137 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-1?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A46%2B02%3A00&ts=1619732146588
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
77de912445133674a26c1afbb37717e1141f26698e63227b457affe3dc854dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
144
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ajRVX80V3vn8O-ABrG2stHRf0GiuOu6ioZTXgrpZwy0qEyu7nujFwg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-1
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		137 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-1?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A46%2B02%3A00&ts=1619732146591
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
5b81181f657e26566264abde5b06607758ecdcf86e061c7b7ab375b41194831e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
145
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Hjh3zrjIiocLuzLDlsJLuIyzz6YcvT1LakWBo_YbCU35VALxe8AY5g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-1
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		137 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-1?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A46%2B02%3A00&ts=1619732146593
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
43b4a1b292181b36321c126814116537d577ff4b7d4ded01260b52cf407ced8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
145
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
6arTd5q9Tb3RSLr9yMgJxZpxU0ptOcxI-a4nxFJfmkZ0WU7vqDPqpg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-1
blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/ 		137 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.fox4kc.com/DG/DEFAULT/rest/rpc/1022/LB-Zone-1?referer=https%3A%2F%2Ffox4kc.com%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&bcsessionid=762bbc37-f800-4ac7-9756-07862ae78f51&bctempid=&overruleReferrer=&time=2021-04-29T23%3A35%3A46%2B02%3A00&ts=1619732146596
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
- /
Resource Hash
03224f7605d6233bd87b1c435700ce4e07a9770f969f9d3ef1b15c6663292c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
144
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://fox4kc.com
server
-
content-type
application/json; charset=utf-8
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
TJL73S33y4GdbivRg9Up_zki44j3D_Jj1xP0zjeKj5kOQLJy19Rgyg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8E53 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0450 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66097
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 8E53 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6240
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
pwkkdxeBjYoHmC2ZfjpKfP4Keorj9SWVdQ3TzL6sk4Imr6oi8S2O0Q==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame 8E53 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=541777&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 8E53 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
451278215d856b7f331d9d01f16bbda6d3808d75ae20b5dbf4e17f54ccd345e4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 544A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CC9B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66097
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 544A 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6240
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
VZAUgMu1EoyM9z71bgXAiPkUHmps9-25RNGnFAnfR6V8tuV-3kRjiA==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame 544A 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=1038600&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 544A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b69d6c5b7612b7e463147a720f3bad9395f7e781026623a2020063931874f151

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B862 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DC1F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66097
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame B862 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6240
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
Vt6aCkTUSnaBBpuvBC-vY-VGW9Qf7vMDky-o4pxje9kC1_mxAPqZxA==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame B862 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=460727&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame B862 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72635272a797b31b12f36c40e8ba642cb4763101ddfacf8fe1c055b6bdf09024

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0C65 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219150
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AA66 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66097
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 0C65 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6240
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
VVFPEZB_i8BmIYyuIvDdUWE8PkL8p0MoTrm1UwCY98Y8TsnCvm10TA==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame 0C65 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=594621&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:46 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 0C65 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eb34746be7e7b75adc7a6ec51bb47aa475abff8b4f535190c8c3149589d5278

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame 1D1A 		28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5f5bd3fa1f7757b4176c7cca5175007242b4e21ffd1023faedb5ffaab0cad8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8687
date
Thu, 29 Apr 2021 21:35:46 GMT
expires
Fri, 30 Apr 2021 21:35:46 GMT
cache-control
public, max-age=86400
last-modified
Thu, 08 Apr 2021 14:59:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8955 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5maIJGVS8XRn7fYv6V014Ve5MyckMeoUnf6JscYlmUS8KYh7hypMb2YDZON37p21F2i6nRdAqMcFyftAW3FhZ8e9P2ot5qVLCWcH7T3swlg_G4fz1I0zv8aMkBz5-0ZG76raiz8xCU5MihvlaXpuV7ftbFatnUy-6n_UjBj22cDpRS-VltzN8NANYUFvFDewWyInQVT29RXWoy90oSxyNo-9qCD2piag8VTMms6jI_tIc_1PlaWO0RDRQ2RQTZaHiEk7Xczialjbz9Oc2F3oOG918rTDeiT0aX82dpeVzV-wclbx5e9XPVyFgQJu10GXxXaqwbtu5g0lj9_hyaJPXDWQQT8rZft8JgK6F9uFCTETMTbEhknhh1lj8-Ry45N8Nw52WFubBu4wXmXjCHjD5iBzSXW0lPLISt03XdoleiePcRl3lNnBet-TMgCgeZR9ymCpbY1ndtrphpIr-71x-jYiFp7X8G4aC9r9qWAEybuqTkleud1WrRfImPr646-szCo3Ut7WkcuBl0sE5usUCG0i1nYWxx9TGRQFxCDAwi0czQuzRKHNxd6w5uBlJYOCv_jUdTeP5gVLSwLO4fV0uRumcUcRZIqDrY6fRngaV2CCES4-eg5gyS6FyH0HEZHObeMwYM4gHjRDP3BLWoEHb7CsrSxzHCoNHkR6TCVQb00Q9wWGuvaNhWo42ZZbqz9pc2EhHnVzZpFHbgrwxEqA0w55HiyFLGe6bB72YkX66XueepwfMxlIJqpybHBsUQWtV7-5IUig1MxsPgYnpNYGyL0B0oYvCf3Z4ZzEHrtJyOmK6ceSUNa_r8lW48LHeaneqv_b_IhGaTZ9sKOCrAntlCwJSyRIp6pqRDGoe7NYsMHlaOmztz62oWq3mI7j4qRLbW5Lu-sEdDVqetqdS7J8t8w31_Hcm_Ey3j4m_pF1SqOPPR4jhFbaaproZ52N-8yOWAvaDufLyWbf-wRiERgpdkAWhLVy6_AEvyc4pCITIKi6vK_lyURfpJT8BurisVe8pNatxYyVHwrLmB6U0mpmR8rSGG0CGcdZi-OT0-0hyhZJnKKqkHDlHN2EAylyKKnNNLPn9HSwM-63ZeKp-hlsvyFJDX5cr-zuaTuNCTleIS3ImWfuoAfQ2maZiU2RUt2AXQHoH59VMFSWyRVEvqev9-TOAETo_jLlXPtdZiO_x7K5eeOOgCgRHYzjPYDcCQnn8N5wyBkLahB5wzoNHzQzhskCtNMHhdWgwfdQ56f8&sai=AMfl-YQYKy234qNfvqdQfH4hzDjB-gtq76mS78nQZfDSAi_Sb95yzm8loIrn0KJs44RJgQ0bVYxb--e4CoL6orwycF1ir1dcNdq8usUTDBBH44myZrAFx-XphM1Un_oZT0iuiHfL27xK2vd9mw0TE5VN77jedxrunUQ5MkD41nB3o2s-cbgiJ6Rilg&sig=Cg0ArKJSzOWtm0Y8TNbQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1473&cbvp=1&cstd=1446&cisv=r20210428.16956&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 29 Apr 2021 21:35:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 294B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219151
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4542 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66098
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 294B 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6241
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
gm7Zo5qgUSETq5w08LmlwjKeIF986IWscSA4TmJ4Y4WhD-zDInIQ7g==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame 294B 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=702264&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 294B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22b3989f5d05fabbc85f009a0f0d014f234faeaeecf602a898d55735e5b8b01f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
MuseoSans_300.woff
s0.2mdn.net/creatives/assets/4075024/ Frame D63F 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_300.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:07:21 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22016
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
MuseoSans_700.woff
s0.2mdn.net/creatives/assets/4075024/ Frame D63F 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_700.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:06:56 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22640
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8955 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 08:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219151
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 08:43:16 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6D63 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 29 Apr 2021 03:14:09 GMT
expires
Fri, 30 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
66098
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f0d16886-0300-4694-9b7b-37da481f4449.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 8955 		47 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/f0d16886-0300-4694-9b7b-37da481f4449.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:51:46 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
6241
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
access-control-allow-headers
*
x-amz-cf-id
gNPvSDIVmg7G7WMu2nVUVbqfUZWXAWDhw28XQiMsU3XxO1HhAI_csQ==
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/ Frame 8955 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/f0d16886-0300-4694-9b7b-37da481f4449/?rand=1079758&referer=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 8955 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a13614ec0a3832a68aaf091dfd1c4f83d5a3bd536882cb63ebbdd56704b08e6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
log.gif
includemodal.com/static/ Frame 8E53 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=f6fd8193-73bc-49e6-ae3e-9991b6c1f8d2&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 8E53 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=f6fd8193-73bc-49e6-ae3e-9991b6c1f8d2&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 8E53 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=f6fd8193-73bc-49e6-ae3e-9991b6c1f8d2&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 8E53 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=f6fd8193-73bc-49e6-ae3e-9991b6c1f8d2&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 8E53 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=f6fd8193-73bc-49e6-ae3e-9991b6c1f8d2&url=https://www.newhome.ch/blog/en/services/business-customer/%27%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 544A 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=d08590d4-a90d-4d62-a24c-5def01719a95&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 544A 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=d08590d4-a90d-4d62-a24c-5def01719a95&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 544A 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=d08590d4-a90d-4d62-a24c-5def01719a95&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 544A 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=d08590d4-a90d-4d62-a24c-5def01719a95&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 544A 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=d08590d4-a90d-4d62-a24c-5def01719a95&url=https://www.newhome.ch/blog/en/services/business-customer/%27%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame B862 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=79d756f1-06a6-4d5a-b986-4ea139722d85&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame B862 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=79d756f1-06a6-4d5a-b986-4ea139722d85&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame B862 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=79d756f1-06a6-4d5a-b986-4ea139722d85&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame B862 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=79d756f1-06a6-4d5a-b986-4ea139722d85&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 0C65 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=a452edaf-f3c0-4aa3-97e1-9405c8467cfe&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 0C65 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=a452edaf-f3c0-4aa3-97e1-9405c8467cfe&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 0C65 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=a452edaf-f3c0-4aa3-97e1-9405c8467cfe&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 0C65 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=a452edaf-f3c0-4aa3-97e1-9405c8467cfe&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A06D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178615
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A45D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178615
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log.gif
includemodal.com/static/ Frame 294B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=eab56fd4-879f-48c2-a376-f925737d8c69&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 294B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=eab56fd4-879f-48c2-a376-f925737d8c69&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 294B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=eab56fd4-879f-48c2-a376-f925737d8c69&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 294B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=eab56fd4-879f-48c2-a376-f925737d8c69&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 294B 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=eab56fd4-879f-48c2-a376-f925737d8c69&url=https://www.newhome.ch/blog/en/services/business-customer/%27%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
Enabler_01_245.js
s0.2mdn.net/879366/ Frame AD3A 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39710
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame AD3A 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Thu, 29 Apr 2021 21:50:47 GMT
css
fonts.googleapis.com/ Frame AD3A 		2 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b95faf33158f0ef2f83d09c161c984c92d0f709ff9bf258a286a1d03d46f186d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 20:53:06 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
css
fonts.googleapis.com/ Frame AD3A 		2 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31165cdf26e575522064c0bdf4a186e3670d30460356bfcde4d61cd4c4a31014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:18:51 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
css
fonts.googleapis.com/ Frame AD3A 		2 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9737000c048a0de2326225f04d6a22e3fdf4acc2bc18a2577b9d24131796d76a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:35:47 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
728x90.js
s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/ Frame AD3A 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92bd9eba900236160c6d8af35ec029de236deda4b00d4d1f47113826672315fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 02:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70511
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4763
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 12:41:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 02:00:36 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0FAD 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=afe7bbce5aba2f94241a2413&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 0FAD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=fmx&bds_param=e53f2612-cf9d-4737-9c10-2ad29c600323
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=d4fa85ce-e4a8-4700-8ba5-e1a761b4f0e9&expires=10&ssp=fmx&bsw_param=e53f2612-cf9d-4737-9c10-2ad29c600323
  • https://ce.lijit.com/merge?pid=26&3pid=e53f2612-cf9d-4737-9c10-2ad29c600323
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=e53f2612-cf9d-4737-9c10-2ad29c600323
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=e53f2612-cf9d-4737-9c10-2ad29c600323
date
Thu, 29 Apr 2021 21:35:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 0FAD
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=afe7bbce5aba2f94241a2413/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=afe7bbce5aba2f94241a2413/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=78bc2be552ad241dd9492bd95f40e586&gdpr=0&gdpr_consent=
43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=78bc2be552ad241dd9492bd95f40e586&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=78bc2be552ad241dd9492bd95f40e586&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.45.27.186
content-length
0
expires
0
merge
ce.lijit.com/ Frame 0FAD
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003&rndcb=8547869861
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e53f2612-cf9d-4737-9c10-2ad29c600323&google_hm=ZTUzZjI2MTItY2Y5ZC00NzM3LTljMTAtMmFkMjljNjAw...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBDQJI1R0V7GV_6pqJgFc4o&google_cver=1&ssp=adconductor&bsw_param=e53f2612-cf9d-4737-9c10-2ad29c600323
  • https://sync.1rx.io/usersync/bidswitch/e53f2612-cf9d-4737-9c10-2ad29c600323?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=56&3pid=RX-ec0e2a73-e703-4cec-bf1c-d43537d30afc-003
date
Thu, 29 Apr 2021 21:35:48 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXec0e2a73e7034cecbf1cd43537d30afc003
content-type
text/html
merge
ce.lijit.com/ Frame 0FAD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=OzRlVE8F3dlf5hWEYO3C&pi=sovrn&gdpr_consent=&gdpr=0
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=OzRlVE8F3dlf5hWEYO3C&pi=sovrn&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=OzRlVE8F3dlf5hWEYO3C&pi=sovrn&gdpr_consent=&gdpr=0
pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT, Thu, 29 Apr 2021 21:35:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 0FAD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=afe7bbce5aba2f94241a2413&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=adff608b-26b1-4d00-8480-2197b8001798&gdpr=0&gdpr_consent=
43 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=adff608b-26b1-4d00-8480-2197b8001798&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:41 GMT
Server
MT3 3709 11aaa92 master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=adff608b-26b1-4d00-8480-2197b8001798&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 29 Apr 2021 21:35:40 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D63F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:35:47 GMT
EasePack.min.js
s0.2mdn.net/creatives/assets/4075024/ Frame D63F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/EasePack.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1342
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 09:57:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:40:57 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame D63F 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39710
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
mobileApp-chf500cashout-parallaxe-sprite-728x90.png
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame D63F 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/mobileApp-chf500cashout-parallaxe-sprite-728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
mobileApp-chf500cashout-728x90.png
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame D63F 		43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/mobileApp-chf500cashout-728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-de.png
s0.2mdn.net/creatives/assets/4075024/ Frame D63F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-de.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e80f81e5b69695951f84911afdb73956189f169ddcd2f403c6b3c6435ae9f107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:34 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1938
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-fr.png
s0.2mdn.net/creatives/assets/4075024/ Frame D63F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-fr.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85c7af28b9204d427f24d94550c0c27cae84eeac5748a3fc854200505a7b2036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:37 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1864
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-it.png
s0.2mdn.net/creatives/assets/4075024/ Frame D63F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-it.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14abc3181b1130b7a64b8364ee7a954a468fa2e2d5addad559ae7ec006acf021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:39 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1890
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
log.gif
includemodal.com/static/ Frame 8955 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c2245a80-0d7d-4934-99ab-fdda072fa55e&url=https://protected-by.clarium.io%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 8955 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c2245a80-0d7d-4934-99ab-fdda072fa55e&url=https://%22%29%2Cl%3Dp.indexof%28%22/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 8955 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c2245a80-0d7d-4934-99ab-fdda072fa55e&url=https://protected-by.clarium.io/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
log.gif
includemodal.com/static/ Frame 8955 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=c2245a80-0d7d-4934-99ab-fdda072fa55e&url=https://%29%2Cl%3Dp.indexof%28/%3F&o=https://fox4kc.com/
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 699B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjmlV3jOgeawCfGNTvgGu3jCnF-dsIu4iTFbnARzH3zsoKUQTStTZDvu3wyS9W4lcTDeD1cUsKOdA3Zge995Tl0M4W6L_QRrfklfcOgnYT2lfOx6T3WoQLFU8&sai=AMfl-YSSR1W4pDMYgPiIyCJwFJu8AxDYfzT201ETzs3gIBn6mbUCX2xlxNRb74CaW9KrH95TVnSNpKwcE6miCUH0_BOxjZ6VbcIfT5EdGh3nKPvtpZnIoCSiOzGJUbs&sig=Cg0ArKJSzI5FQCUMlUE_EAE&cid=CAASEuRoRpTQ6OtYhpldXOrcMokt3A&id=lidar2&mcvt=1593&p=234,436,324,1164&mtos=1593,1593,1593,1593,1593&tos=1593,0,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1938417587&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&r=v&fum=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MuseoSans_300.woff
s0.2mdn.net/creatives/assets/4075024/ Frame 26C8 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_300.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:07:21 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22016
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
MuseoSans_700.woff
s0.2mdn.net/creatives/assets/4075024/ Frame 26C8 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_700.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:06:56 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22640
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
MuseoSans_300.woff
s0.2mdn.net/creatives/assets/4075024/ Frame FB4B 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_300.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:07:21 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22016
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
MuseoSans_700.woff
s0.2mdn.net/creatives/assets/4075024/ Frame FB4B 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_700.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:06:56 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22640
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
pixel
cm.g.doubleclick.net/ Frame 9C31
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEN9dicjrBSEwxMaeoUqdFsQ&google_cver=1&google_push=AQvitUKH_pkXIKbekamw3vQ_1LqdNaWPu0KTLtDaJdk5J7HY5er-2RGaDgO50CGS4Dxm88z9IN96MJGY7diwb01a0iDir3jzGLKn
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WXZWY1hhaVZCMy1tR3lpSXRTYUxZQQ%3D%3D&google_push=AQvitUKH_pkXIKbekamw3vQ_1LqdNaWPu0KTLtDaJdk5J7HY5er-2RGaDgO50CGS4Dxm88z9IN96MJGY7diwb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WXZWY1hhaVZCMy1tR3lpSXRTYUxZQQ%3D%3D&google_push=AQvitUKH_pkXIKbekamw3vQ_1LqdNaWPu0KTLtDaJdk5J7HY5er-2RGaDgO50CGS4Dxm88z9IN96MJGY7diwb01a0iDir3jzGLKn
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=WXZWY1hhaVZCMy1tR3lpSXRTYUxZQQ%3D%3D&google_push=AQvitUKH_pkXIKbekamw3vQ_1LqdNaWPu0KTLtDaJdk5J7HY5er-2RGaDgO50CGS4Dxm88z9IN96MJGY7diwb01a0iDir3jzGLKn
date
Thu, 29 Apr 2021 21:35:49 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 9C31
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKzsvVqiS08DVcH_EmxHIco&google_cver=1&google_push=AQvitUJmZc-wxJbOuK0dMqSd_-REprmef2hwaU9C51kOmlYUX2wWp4rC5owTf_X33ThO-qB7rX_A9cVcXL0Z1rJV8EEK...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=61c13c9f-1000-4c62-b505-87b92890816d&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJmZc-wxJbOuK0dMqSd_-REprmef2hwaU9C51kOmlYUX2wWp4rC5owTf_X33ThO-qB7rX_A9cVcXL0Z1rJV8EEKxB0grrwU&google_hm=5T8mEs-dRzecECrSnGADIw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJmZc-wxJbOuK0dMqSd_-REprmef2hwaU9C51kOmlYUX2wWp4rC5owTf_X33ThO-qB7rX_A9cVcXL0Z1rJV8EEKxB0grrwU&google_hm=5T8mEs-dRzecECrSnGADIw==
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJmZc-wxJbOuK0dMqSd_-REprmef2hwaU9C51kOmlYUX2wWp4rC5owTf_X33ThO-qB7rX_A9cVcXL0Z1rJV8EEKxB0grrwU&google_hm=5T8mEs-dRzecECrSnGADIw==
date
Thu, 29 Apr 2021 21:35:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9C31
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEOhnDoSRvjwj5uymU_8MhhQ&google_cver=1&google_push=AQvitUKieNmS2SPfiYXbpIUp5Nc063SSJZAi8asOrxjfHc6Yk_jTaOT_idzS7JWNbdeXVl329vq7jgsb0WVdYK1EHqL1dfQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZFdOTE4yU1hUY2ls&google_ula=2046794&google_push=AQvitUKieNmS2SPfiYXbpIUp5Nc063SSJZAi8asOrxjfHc6Yk_jTaOT_idzS7JWNbdeXVl329vq7jgsb0W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZFdOTE4yU1hUY2ls&google_ula=2046794&google_push=AQvitUKieNmS2SPfiYXbpIUp5Nc063SSJZAi8asOrxjfHc6Yk_jTaOT_idzS7JWNbdeXVl329vq7jgsb0WVdYK1EHqL1dfQW7WE
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=ZFdOTE4yU1hUY2ls&google_ula=2046794&google_push=AQvitUKieNmS2SPfiYXbpIUp5Nc063SSJZAi8asOrxjfHc6Yk_jTaOT_idzS7JWNbdeXVl329vq7jgsb0WVdYK1EHqL1dfQW7WE
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
pixel
cm.g.doubleclick.net/ Frame 9C31
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&google_push=AQvitUJO0ekAk1AQVIFLaXmtiFCXUu_Qh5gAF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&google_push=AQvitUJO0ekAk1AQVIFLaXmtiFCXUu_Qh5gAFa6IaDce3l-X4ocB_G-If2EYlweJarDI6xCy2JgxdaoVUaGmufr3YLmPEWJskLPZ
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&google_push=AQvitUJO0ekAk1AQVIFLaXmtiFCXUu_Qh5gAFa6IaDce3l-X4ocB_G-If2EYlweJarDI6xCy2JgxdaoVUaGmufr3YLmPEWJskLPZ
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Thu, 29 Apr 2021 21:35:47 GMT
pixel
cm.g.doubleclick.net/ Frame 9C31
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUKAVWcvLvRCLgMctGyTo1LykrqruBXt1SOtxUSAkoqWeTYTnhVJe_Q_NRa7nbRTqgy2NU96BiOdyb...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKAVWcvLvRCLgMctGyTo1LykrqruBXt1SOtxUSAkoqWeTYTnhVJe_Q_NRa7nbRTqgy2NU96BiOdybNZHA22JrLrvU15bNI&google_hm=db785df9-a1fa-47e4-85a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKAVWcvLvRCLgMctGyTo1LykrqruBXt1SOtxUSAkoqWeTYTnhVJe_Q_NRa7nbRTqgy2NU96BiOdybNZHA22JrLrvU15bNI&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUKAVWcvLvRCLgMctGyTo1LykrqruBXt1SOtxUSAkoqWeTYTnhVJe_Q_NRa7nbRTqgy2NU96BiOdybNZHA22JrLrvU15bNI&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9C31
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEF3s8QIHXdMSsqNQxRYSjZ8&google_cver=1&google_push=AQvitUK6PKjNc1L9BUuXhYG5YDa1Wuv8aPdvS33ayhLzqwZCaoT8Zba253sXaHU-eSPD5uXJKgbfIu2TLTLCnAv7IQ9FOEP2pYg
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK6PKjNc1L9BUuXhYG5YDa1Wuv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK6PKjNc1L9BUuXhYG5YDa1Wuv8aPdvS33ayhLzqwZCaoT8Zba253sXaHU-eSPD5uXJKgbfIu2TLTLCnAv7IQ9FOEP2pYg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:47 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK6PKjNc1L9BUuXhYG5YDa1Wuv8aPdvS33ayhLzqwZCaoT8Zba253sXaHU-eSPD5uXJKgbfIu2TLTLCnAv7IQ9FOEP2pYg
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 29 Apr 2021 21:35:47 GMT
pixel
cm.g.doubleclick.net/ Frame 9C31
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMJydClL95A1SRN2v-7oMLo&google_cver=1&google_push=AQvitUKPaJ5_cVFye1ThftVtpff3Xqx6RXmGIDunf5ya5uFtKc7gS196B6XZ2GHe-LqJ7wBMZYTmRQ9yps46x__AA...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKPaJ5_cVFye1ThftVtpff3Xqx6RXmGIDunf5ya5uFtKc7gS196B6XZ2GHe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKPaJ5_cVFye1ThftVtpff3Xqx6RXmGIDunf5ya5uFtKc7gS196B6XZ2GHe-LqJ7wBMZYTmRQ9yps46x__AAIggPbBjyQpFxA
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKPaJ5_cVFye1ThftVtpff3Xqx6RXmGIDunf5ya5uFtKc7gS196B6XZ2GHe-LqJ7wBMZYTmRQ9yps46x__AAIggPbBjyQpFxA
date
Thu, 29 Apr 2021 21:35:47 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9C31 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKK89O6eSWCpZaQPH2A9OV9X2uP_6Tlbp5ONf8jMYmcCtYg49FU5efC3DKSUU22dm1ljnFmQ
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 66C2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178615
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E53 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUZiLopyD6flprjvlHOTFRlkAXsZfaPb_3OJrVlMNL0pfo-zpZFPObk2C61J6RJVF25MncitCOOR7cHrCy7yI0chtbgrOO8uNl2ipE_rUa1PrcuynOnwf7Cl4&sai=AMfl-YT4JSEGQ5r0W50Nr1g0UBcl0uzOl-GniN9ORkS57lZUsibq_CmIldO2NWYHOxWIpfLTQ3wb_DWH85amMNtB_g7JjhNQtitYKdODPoXQ1ULpGdkOelm6vOg4udY&sig=Cg0ArKJSzErj5dcDxutoEAE&cid=CAASEuRoVXquB7iVDbU-94wWdpLgnw&id=lidar2&mcvt=1129&p=479,1108,1079,1408&mtos=1129,1129,1129,1129,1129&tos=1129,0,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2784530135&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619732143629&dlt=41&rpt=3505&isd=0&msd=0&r=v&fum=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8FB5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178615
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CDC4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178615
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 13A7 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39710
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 13A7 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Thu, 29 Apr 2021 21:50:47 GMT
css
fonts.googleapis.com/ Frame 13A7 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b95faf33158f0ef2f83d09c161c984c92d0f709ff9bf258a286a1d03d46f186d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:20:35 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
css
fonts.googleapis.com/ Frame 13A7 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31165cdf26e575522064c0bdf4a186e3670d30460356bfcde4d61cd4c4a31014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:31:09 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
css
fonts.googleapis.com/ Frame 13A7 		2 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9737000c048a0de2326225f04d6a22e3fdf4acc2bc18a2577b9d24131796d76a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:29:04 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
300x600.js
s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/ Frame 13A7 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1badd5b38347290909463a683c1dbc944663b5ef9df88b3a6ce85e8ef7a3a805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 14:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26291
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4731
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 12:42:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 14:17:36 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 837D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95720437&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
88d1dcbbc52b0b11c5ef41717cbe1745fefb0a10350664cf502eff9ede2f4aa6

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:46 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A199 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178615
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 2FFB 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39710
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 2FFB 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Thu, 29 Apr 2021 21:50:47 GMT
css
fonts.googleapis.com/ Frame 2FFB 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b95faf33158f0ef2f83d09c161c984c92d0f709ff9bf258a286a1d03d46f186d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 20:24:20 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
css
fonts.googleapis.com/ Frame 2FFB 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31165cdf26e575522064c0bdf4a186e3670d30460356bfcde4d61cd4c4a31014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:35:47 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
css
fonts.googleapis.com/ Frame 2FFB 		2 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9737000c048a0de2326225f04d6a22e3fdf4acc2bc18a2577b9d24131796d76a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:23:23 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:47 GMT
300x250.js
s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/ Frame 2FFB 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fbfe18cc168ca5b585e397d47590a5327d5984746fda373e82dff22af82a429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 15:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20479
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4759
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 08:44:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:54:28 GMT
MuseoSans_300.woff
s0.2mdn.net/creatives/assets/4075024/ Frame 1D1A 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_300.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:07:21 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22016
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
MuseoSans_700.woff
s0.2mdn.net/creatives/assets/4075024/ Frame 1D1A 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_700.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:31:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:06:56 GMT
server
sffe
age
280
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22640
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:46:07 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 26C8 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:35:47 GMT
EasePack.min.js
s0.2mdn.net/creatives/assets/4075024/ Frame 26C8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/EasePack.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1342
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 09:57:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:40:57 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 26C8 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39710
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
mobileApp-chf500cashout-parallaxe-sprite-300x600.png
s0.2mdn.net/creatives/assets/4074705/ Frame 26C8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4074705/mobileApp-chf500cashout-parallaxe-sprite-300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c581bf5f0cd960147b7f674dd9136cc0c28b4c5f0ac3b8c1856430467015a18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:34:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 16:31:55 GMT
server
sffe
age
61
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8852
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:49:47 GMT
mobileApp-chf500cashout-300x600.png
s0.2mdn.net/creatives/assets/4074705/ Frame 26C8 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4074705/mobileApp-chf500cashout-300x600.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2830c3bb61f394aa2dc7e98a6e4d1009cf462a98636fbf984424f2c263899d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:34:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 15:58:14 GMT
server
sffe
age
61
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41974
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:49:47 GMT
cssLogo-300x600-de.png
s0.2mdn.net/creatives/assets/4075024/ Frame 26C8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-300x600-de.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f5e020060fbb3912268eb129e4af6c7c40511b58e049437c0103d990a95816e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:34:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 13:20:09 GMT
server
sffe
age
61
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3978
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:49:47 GMT
cssLogo-300x600-fr.png
s0.2mdn.net/creatives/assets/4075024/ Frame 26C8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-300x600-fr.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2d194239b9ec67d3a4a1e1862e0ce46d59a89f3b489060e3c5cc2abe25aeba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:34:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 13:20:12 GMT
server
sffe
age
61
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3832
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:49:47 GMT
cssLogo-300x600-it.png
s0.2mdn.net/creatives/assets/4075024/ Frame 26C8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-300x600-it.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8200d712fcf28a213e4cfcda850f2a25a7b738b63bdccde74d5acd629ab3bc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:34:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 13:20:15 GMT
server
sffe
age
61
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3988
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:49:47 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FB4B 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:35:47 GMT
EasePack.min.js
s0.2mdn.net/creatives/assets/4075024/ Frame FB4B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/EasePack.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1342
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 09:57:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:40:57 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame FB4B 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39710
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
mobileApp-chf500cashout-parallaxe-sprite-728x90.png
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame FB4B 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/mobileApp-chf500cashout-parallaxe-sprite-728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
server
sffe
age
0
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
mobileApp-chf500cashout-728x90.png
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame FB4B 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/mobileApp-chf500cashout-728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
server
sffe
age
0
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-de.png
s0.2mdn.net/creatives/assets/4075024/ Frame FB4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-de.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e80f81e5b69695951f84911afdb73956189f169ddcd2f403c6b3c6435ae9f107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:34 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1938
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-fr.png
s0.2mdn.net/creatives/assets/4075024/ Frame FB4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-fr.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85c7af28b9204d427f24d94550c0c27cae84eeac5748a3fc854200505a7b2036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:37 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1864
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-it.png
s0.2mdn.net/creatives/assets/4075024/ Frame FB4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-it.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14abc3181b1130b7a64b8364ee7a954a468fa2e2d5addad559ae7ec006acf021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:39 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1890
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BD8E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178615
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 8317 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39710
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 8317 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Thu, 29 Apr 2021 21:50:48 GMT
css
fonts.googleapis.com/ Frame 8317 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b95faf33158f0ef2f83d09c161c984c92d0f709ff9bf258a286a1d03d46f186d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:00:23 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:48 GMT
css
fonts.googleapis.com/ Frame 8317 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31165cdf26e575522064c0bdf4a186e3670d30460356bfcde4d61cd4c4a31014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 21:35:48 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:48 GMT
css
fonts.googleapis.com/ Frame 8317 		2 KB
542 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9737000c048a0de2326225f04d6a22e3fdf4acc2bc18a2577b9d24131796d76a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 20:25:55 GMT
server
ESF
date
Thu, 29 Apr 2021 21:35:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Apr 2021 21:35:48 GMT
728x90.js
s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/ Frame 8317 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92bd9eba900236160c6d8af35ec029de236deda4b00d4d1f47113826672315fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 02:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70511
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4763
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 12:41:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 02:00:36 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9FCC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 27 Apr 2021 19:58:52 GMT
expires
Wed, 27 Apr 2022 19:58:52 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
178616
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1D1A 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:35:48 GMT
EasePack.min.js
s0.2mdn.net/creatives/assets/4075024/ Frame 1D1A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4075024/EasePack.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1342
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 09:57:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Apr 2021 21:40:57 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 1D1A 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 10:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39711
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Apr 2021 10:33:57 GMT
mobileApp-chf500cashout-parallaxe-sprite-728x90.png
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame 1D1A 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/mobileApp-chf500cashout-parallaxe-sprite-728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
server
sffe
age
0
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
mobileApp-chf500cashout-728x90.png
s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/ Frame 1D1A 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/mobileApp-chf500cashout-728x90.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
server
sffe
age
0
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-de.png
s0.2mdn.net/creatives/assets/4075024/ Frame 1D1A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-de.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e80f81e5b69695951f84911afdb73956189f169ddcd2f403c6b3c6435ae9f107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:34 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1938
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-fr.png
s0.2mdn.net/creatives/assets/4075024/ Frame 1D1A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-fr.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85c7af28b9204d427f24d94550c0c27cae84eeac5748a3fc854200505a7b2036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:37 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1864
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
cssLogo-728x90-it.png
s0.2mdn.net/creatives/assets/4075024/ Frame 1D1A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4075024/cssLogo-728x90-it.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14abc3181b1130b7a64b8364ee7a954a468fa2e2d5addad559ae7ec006acf021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Mar 2021 14:13:39 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1890
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:50:48 GMT
pixel
cm.g.doubleclick.net/ Frame 29D8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1pHZVN3am8xTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUL0RAUl2qPaXkWDnyi9tR8SBlVm5wbkKrMdC1Ngdy4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1pHZVN3am8xTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUL0RAUl2qPaXkWDnyi9tR8SBlVm5wbkKrMdC1Ngdy4y-JfYXYoHc-GAfLvYuIWcUtqQGU5TVf1EEvQAC2chdfx9qe1QAbra
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-02897015ee195686e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d1pHZVN3am8xTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUL0RAUl2qPaXkWDnyi9tR8SBlVm5wbkKrMdC1Ngdy4y-JfYXYoHc-GAfLvYuIWcUtqQGU5TVf1EEvQAC2chdfx9qe1QAbra
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 29D8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUIQyXPaENRaw8NvNw1z7Wxokz9paWk1LwnQvaMkm_NKA_jCa4Ta9qfHxKRN851xXgwTU4ohnD_...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUIQyXPaENRaw8NvNw1z7Wxokz9paWk1LwnQvaMkm_NKA_jCa4Ta9qfHxKRN851xX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 29D8
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJBMjrZWsAx9Jde-ZXN0Bpo&google_cver=1&google_push=AQvitUIPDJvHMomj_rSqhdQKJeIPTxWjqdVBUAefWLQENAQlBODsuemQ0gAU0d-xFXLddSxPajfbLk9Fw82YntAR_6wF_uF2baBl
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIPDJvHMomj_rSqhdQKJeIPTxWjqdVBUAefWLQENAQlBODsuemQ0gAU0d-xFXLddSxPajfbLk9Fw82YntAR_6wF_uF2baBl&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIPDJvHMomj_rSqhdQKJeIPTxWjqdVBUAefWLQENAQlBODsuemQ0gAU0d-xFXLddSxPajfbLk9Fw82YntAR_6wF_uF2baBl&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIPDJvHMomj_rSqhdQKJeIPTxWjqdVBUAefWLQENAQlBODsuemQ0gAU0d-xFXLddSxPajfbLk9Fw82YntAR_6wF_uF2baBl&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
90oji4dgkkk0vgepp7s6ik5objaq7dui
pixel
cm.g.doubleclick.net/ Frame 29D8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBc5iU8GpAPyViF_7cfWmoQ&google_cver=1&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBc5iU8GpAPyViF_7cfWmoQ&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1mwVYEze7-mb4zVF&google_hm=czZkMjdkQW5UUlczVE9x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1mwVYEze7-mb4zVF&google_hm=czZkMjdkQW5UUlczVE9xSFZISzQ=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AQvitUKKCDfR8IR957QbPk3lG_aBEutaHgpQsM0XPOIdrngJLGpaiXY8kLoMGj9w9Ev5x5a3aD6GGAealXPQ1mwVYEze7-mb4zVF&google_hm=czZkMjdkQW5UUlczVE9xSFZISzQ=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 29D8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJXp0dRavBKTW2WyuR1uv_Jp4P4j2VCKfzDatLb0Ag0egTivqz3xGaiLf9NceipryzWetv89gbxmPZs1c5oWQB_jLOWIdo
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJXp0dRavBKTW2WyuR1uv_Jp4P4j2VCKfzDatLb0Ag0egTivqz3xGaiLf9NceipryzWetv89gbxmPZs1c5oWQB_jLOWIdo
Date
Thu, 29 Apr 2021 21:35:46 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 29D8
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzvNRzsPyo...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzvN...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzvNRzsPyodlND0a
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJe2ezOpedUQR1feSYuU6T2L_LNHeKYBQYFdbdsRAaYxPeVF6PbNy2ZpGaq35-v3kujKtvAwG6Md2_muzvNRzsPyodlND0a
date
Thu, 29 Apr 2021 21:35:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
cc.adingo.jp/adx/push/ Frame 29D8 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEEPkvu6qfGE4wy1otFrsDUA&google_cver=1&google_push=AQvitUKHXXkizUA1uKjuZCucnbbw8EZHAYiNLasRgU7TbwpJ17r5OJfgJfas_1hipORKX-BxYCm_7Xyor70tDDA3QEloj8NJwsY
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.53.220 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:51 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 29D8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvMb-tfNHl5cznlaD6owYwyNfa4crV8wU4CYvUTsGBMZrQmdD4uklx7MFsuNPJSExriBqO
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame 7800 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIOcVRdjmMW0iOed9m1yHe8&google_cver=1&google_push=AQvitUKi0Sg_lQ_CG-QxcJW3l5pgNhDnqvfk3I7zKednUV6mtqwnATRUpew18ChgI8u4ym60U8xTkA5gHkQXlKJ9d2yLZKC37k9w
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 7800
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aVI2cFcyQnAxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIL8YArD492fv746LvA2me5mB1I-RDEwA2hFU5OKRQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aVI2cFcyQnAxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIL8YArD492fv746LvA2me5mB1I-RDEwA2hFU5OKRQjG0cj1F9t4IjzoLXvkaEBazpB4fM25NVAV_w3xo9iamlXah788lY
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-02897015ee195686e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aVI2cFcyQnAxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIL8YArD492fv746LvA2me5mB1I-RDEwA2hFU5OKRQjG0cj1F9t4IjzoLXvkaEBazpB4fM25NVAV_w3xo9iamlXah788lY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
match
um.wbtrk.net/doubleclick/user/ Frame 7800 		0
0
pixel
cm.g.doubleclick.net/ Frame 7800
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D4YXMWsO5iFgzdHe8OV-fA&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991LwQ8_9OSvVGyTr6pxU5D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D4YXMWsO5iFgzdHe8OV-fA&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991LwQ8_9OSvVGyTr6pxU5Dv2F4M3FvKVPD3OgSUGy
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=D4YXMWsO5iFgzdHe8OV-fA&google_push=AQvitUJBM9rXUCn5He10RPk2MK30dLuIWtBFn-9mS41krr_Tz1xpOnHM8k991LwQ8_9OSvVGyTr6pxU5Dv2F4M3FvKVPD3OgSUGy
Date
Thu, 29 Apr 2021 21:35:50 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
238
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7800
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGObvzX4xtFm3ubfR7nVy4k&google_cver=1&google_push=AQvitUKXL1yBkhvEA3bsrzuCNZtNfCeGF2Gny1XKVk0uRnpSRxeXxtssewyhTX5ISseBN3e2WepFIA5gwpxsQmhyV7SV5-txuLM
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUKXL1yBkhvEA3bsrzuCNZtNfCeGF2Gny1XKVk0uRnpSRxeXxtssewyhTX5ISseBN3e2WepFIA5gwpxsQmhyV7SV5-txuLM&google_hm=Z2M4NzRlMTZiMzdhN2RiZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUKXL1yBkhvEA3bsrzuCNZtNfCeGF2Gny1XKVk0uRnpSRxeXxtssewyhTX5ISseBN3e2WepFIA5gwpxsQmhyV7SV5-txuLM&google_hm=Z2M4NzRlMTZiMzdhN2RiZjAyZjA=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUKXL1yBkhvEA3bsrzuCNZtNfCeGF2Gny1XKVk0uRnpSRxeXxtssewyhTX5ISseBN3e2WepFIA5gwpxsQmhyV7SV5-txuLM&google_hm=Z2M4NzRlMTZiMzdhN2RiZjAyZjA=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7800
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEFW8IWkJPB6NYKA2JEhkp0U&google_cver=1&google_push=AQvitUJuokXXzQ8BPwwi9lctb3ba5KKyaa_otRUZnAzi7GFs2hLkVgBUXgAlV6bNVZ2EWq1hQAxrjC-qlvGGf4RylpElSlT...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJuokXXzQ8BPwwi9lctb3ba5KKyaa_otRUZnAzi7GFs2hLkVgBUXgAlV6bNVZ2EWq1hQAxrjC-qlvGGf4RylpElSlT955rtww&google_hm=ODYzNDE1N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJuokXXzQ8BPwwi9lctb3ba5KKyaa_otRUZnAzi7GFs2hLkVgBUXgAlV6bNVZ2EWq1hQAxrjC-qlvGGf4RylpElSlT955rtww&google_hm=ODYzNDE1NTUyMzA1NzM4NDg4Ng==
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AQvitUJuokXXzQ8BPwwi9lctb3ba5KKyaa_otRUZnAzi7GFs2hLkVgBUXgAlV6bNVZ2EWq1hQAxrjC-qlvGGf4RylpElSlT955rtww&google_hm=ODYzNDE1NTUyMzA1NzM4NDg4Ng==
Date
Thu, 29 Apr 2021 21:35:51 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7800
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk&google_cver=1&google_push=AQvitUItg5tfUKMpBCleAmeYoQpRZTLcBocWBW6x5Wta0VnMGIcVElCkGbTfiIfC1XKVv1TX1m7TQ1so_ksKimaiLQqeuaRu0licJA
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUItg5tfUKMpBCleAmeYoQpRZTLcBocWBW6x5Wta0VnMGIcVElCkGbTfiIfC1XKVv1TX1m7TQ1so_ksKimaiLQqeuaRu0licJA&av_tc=True&google_gid=CAESEJ7ndnghDw3...
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUItg5tfUKMpBCleAmeYoQpRZTLcBocWBW6x5Wta0VnMGIcVElCkGbTfiIfC1XKVv1TX1m7TQ1so_ksKimaiLQqeuaRu0licJA&google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
date
Thu, 29 Apr 2021 21:35:51 GMT
x-envoy-upstream-service-time
3
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7800 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGfVnVEAKA5brsWia8_bSwpr5hl9kOR2xj9KJtvRnGRvIZZP1x3tlkhaBmZsNoW63jhssF24I
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame AD3A 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 06:19:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:20 GMT
server
sffe
age
486954
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17784
x-xss-protection
0
expires
Sun, 24 Apr 2022 06:19:54 GMT
728x90_atlas_1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/ Frame AD3A 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90_atlas_1.jpg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15c9ebdf33fd00cf70ff59fbba60a5a1215324165e27642d57b23f3dfe185a4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=llDTWt0yGY&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 14:21:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 12:41:54 GMT
server
sffe
age
26074
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55910
x-xss-protection
0
expires
Fri, 30 Apr 2021 14:21:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 699B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssKb7znp-Qt8syex7vCEPAtkA6odNX8friw8YaX7XBM3UrcBOnz07G90yU3ky9UByNW5FkCIFXne1eq8pfB9UpTVgCY3_S4mmeaYGOCj2KES42NhdR-BlBjOh4PKLyJilh24nMttRs7yLd8zUdj0LeXkrYXy6H-jt0If6K0aMBU7aD2dTUyw0jnMXcBeBE67-V1UPt9mpmf446rqWzCEgrfTwxNsi4s6ugRs-A2i44LiSQA33NaPPKySAn11Xv_wzhBdakwpfyklDwHcgPG-gIq9lXinuH7vAjRNhANVO_bdvLt3YEidy7SeZfz3UfO8tjnpGORLHpb3h3m-sAe8bwVCHhTFKvsm3qP238Xkwaf4BypqVTeO6HwIJtWc7KkLQHnje73orYh1dCjAMp4PtjQsdmcrmuslBUt_6xaX6g6H82PbHcNdTAuNswTE0YHeUTNm7ynO8FagzmjtZNhhHXuOluIeMetUf7BjNtz4GUu8kIGVTLicmm58u4d2x5YR49yTdS-CVgfcpRtlE2xNrLhZKs_HbTTn6D8gAa3ZlCQVvI13TRsTxj6OwK6tC7sL-fWwnWPqf5djENuL0PkHk49uNb8Hjgy-gkO7pnNFaM_SSxdc57au_Kmtm2uxvhEWslLyexf534R6CHEFWcGF0LQjdMYDHi3GrDulNS5RbVCr9J693TH95mrBZPP4NlL6lIunh_iKR64hWoS5-OnaT2ZUg1lg-Mt1jwho_aRusHN70vkHsGQpTZL0XUgDMQTkhNJy_50lgjvqY-A9yrDz5CuIsDiz28Q9twzZXLIeipB6-_W94W-ndBbrXsIvewxJHO_ho7jAfm3pSXqS8gsNKnrRjBVrmxT7o_cMkQKUH8BU05DTHPgcxRz699cZWV8t4PJSpb81uC3pLTMDt0CpWMalUJ_YJ23J0jEne-cCom-ZrwZKsjB-2QhW56VPrdS0-8xv_8wUfq6HQUH5MK_Ec6a3yIG77a17BFlfljqTPS1_Q5s8JweVLfIahupwwqvBlC4t_fEZBGuMpBI7AApL_lUwOkpQmtat0ytHwh5kuFEZXb60giLYXmjY89ZnbZjZnfElt-idb4H3azDaYIwYOv9sQqTHleTmA1A-CnKvNNHeqRPnIPbhgz5eBN_jJjf-Mv0pJp4BNVz54nBDnrbngn2gl11L-YvdGx2eAUwfA&sai=AMfl-YQjfcDIr-e1t4uKr8d7lmCJEZd_2_gqVb3NQphIXrii1Rzp5sl3A-iR3Gj7r2hDr7mBuie1_02N5eubnt0KOa_RVg8dDd3x9tf5Msh3GOPBpTYJgXSK7fjgZBJG8RmYMJJv-nVvVmMNuNI8D75duaVzJN5lHw&sig=Cg0ArKJSzNjaPn0idKdGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3053&vt=11&dtpt=2148&dett=3&cstd=872&cisv=r20210428.77303&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 294B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOnZVXaFH2i8fa7KyHRS4bkz8jIEbuFoaqSF_u2QQbqFObu_TwYFZIh6i5IdtSdAy5KyJXISbBTcM0_CTTO-4b8icwJOckmZ0lsDzBWuIv3fS1z9MUjIn3rRg&sai=AMfl-YRaAo8mx8sWUKpi65CtNchzkf8FEyS0HqlDQ3dBQR7AZyBD2Vn_mJYP58q96T2gMKceTDyIwIzRZUD3eXFvuQ93b9NAxozKsP1DJkqdMO5w0dsd-1SkLQqQk_s&sig=Cg0ArKJSzMS4hNWV1yXQEAE&cid=CAASEuRo4whv_2bmu1zqSj7iPCaM7g&id=lidar2&mcvt=1088&p=1110,436,1200,1164&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2128450825&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&r=v&fum=1
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 0450 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB4rac3A_h_ocnBtOd3IbY8&google_cver=1&google_push=AQvitUL_N3VTNet5ZL99003SuFJMheZ_OM34HFEmk836scrm3OK97huic1qjLE9B4j4va-Wp_hHyjIEkqVTYNX10v2oDF9Q1iJ60
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0450
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWFxWHpqUzkxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIbjrYDXCXsFSZLNd7cwMI-kORW-v9IsG_XLEP7f7b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWFxWHpqUzkxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIbjrYDXCXsFSZLNd7cwMI-kORW-v9IsG_XLEP7f7bRdxFruZWL_XZZGArFdzNI1FkB6GWFshjMWUW9O6a-hMui70AD5TJW
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-0836db39755ba9113@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWFxWHpqUzkxTENlazY1&google_gid=CAESEMm3R4_j2MlFUhcAkK-tpBc&google_cver=1&google_push=AQvitUIbjrYDXCXsFSZLNd7cwMI-kORW-v9IsG_XLEP7f7bRdxFruZWL_XZZGArFdzNI1FkB6GWFshjMWUW9O6a-hMui70AD5TJW
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0450
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOoeK_Ek9lekZcOufW0pxtE&google_cver=1&google_push=AQvitUJ8aVf1QDbcFvGACRzOY5VyvEmrAgmVQQVAEbwF0AAYST9k0kCKhHcAgVUXsTh-zV5dlj5ZsRp5D3Z9Wp...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk1NjY5NjYwODIzOTk3NDU1MQ%3D%3D&google_push=AQvitUJ8aVf1QDbcFvGACRzOY5VyvEmrAgmVQQVAEbwF0AAYST9k0kCKhHcAgVUXsTh-zV5dlj5ZsRp5D3Z9WpdygW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk1NjY5NjYwODIzOTk3NDU1MQ%3D%3D&google_push=AQvitUJ8aVf1QDbcFvGACRzOY5VyvEmrAgmVQQVAEbwF0AAYST9k0kCKhHcAgVUXsTh-zV5dlj5ZsRp5D3Z9WpdygWiX0IM5Z_bV
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk1NjY5NjYwODIzOTk3NDU1MQ%3D%3D&google_push=AQvitUJ8aVf1QDbcFvGACRzOY5VyvEmrAgmVQQVAEbwF0AAYST9k0kCKhHcAgVUXsTh-zV5dlj5ZsRp5D3Z9WpdygWiX0IM5Z_bV
Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 0450
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7n...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJj245zjI6PI6ncls-dWsi8&google_cver=1&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7n...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=UuQaJbNo5-xemy1s8toHoA&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7nU6yxGNnOKlGlb7u4YCDm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=UuQaJbNo5-xemy1s8toHoA&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7nU6yxGNnOKlGlb7u4YCDmcFhnvH1BYY-ytVvp5s
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=UuQaJbNo5-xemy1s8toHoA&google_push=AQvitUKW-ZYpjKOhu2YOduPJCNI4XUFsDa2JxclbbsdQesINgBicjPtQlan7nU6yxGNnOKlGlb7u4YCDmcFhnvH1BYY-ytVvp5s
Date
Thu, 29 Apr 2021 21:35:50 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
237
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0450
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur0E1gn...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur0E1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur0E1gn2rfiQRDDlR8t7tEw6vf4
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUJc2xHp2FaNmZu2pWZ_7frcm7AItQ_q_u0YZM7Te8h1rr0Zd5gqcqiB6BndxBYjGlnSlur0E1gn2rfiQRDDlR8t7tEw6vf4
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0450
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM0BjjO0IqmJlkibzNJeQ7Y&google_cver=1&google_push=AQvitUIWU1jf-H4BpBlku6k_oBcN-kNlrddCNGSXodbCRHJNPakttzG-76R_jmihYie7MSFszPEEZsqYB9T8NG_5M...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIWU1jf-H4BpBlku6k_oBcN-kNlrddCNGSXodbCRHJNPakttzG-76R_jmihYie7MSFszPEEZsqYB9T8NG_5MjkbLroJUdM&google_hm=afe7bbce5aba2f94241a2413
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIWU1jf-H4BpBlku6k_oBcN-kNlrddCNGSXodbCRHJNPakttzG-76R_jmihYie7MSFszPEEZsqYB9T8NG_5MjkbLroJUdM&google_hm=afe7bbce5aba2f94241a2413
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIWU1jf-H4BpBlku6k_oBcN-kNlrddCNGSXodbCRHJNPakttzG-76R_jmihYie7MSFszPEEZsqYB9T8NG_5MjkbLroJUdM&google_hm=afe7bbce5aba2f94241a2413
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0450
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk&google_cver=1&google_push=AQvitUL2UHC38AhZ_rTY_yLqghJgb8pEhRxIG2d365NwE1BYrcj4fgvvDH4EP6V99GcejgE4eZoCpz1B1Xjs5GBULUNPcDOTbCjU5A
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUL2UHC38AhZ_rTY_yLqghJgb8pEhRxIG2d365NwE1BYrcj4fgvvDH4EP6V99GcejgE4eZoCpz1B1Xjs5GBULUNPcDOTbCjU5A&av_tc=True&google_gid=CAESEJ7ndnghDw3...
  • https://ads.avads.net/sync/ggl?google_cver=1&google_push=AQvitUL2UHC38AhZ_rTY_yLqghJgb8pEhRxIG2d365NwE1BYrcj4fgvvDH4EP6V99GcejgE4eZoCpz1B1Xjs5GBULUNPcDOTbCjU5A&google_gid=CAESEJ7ndnghDw3QaJl8hrt9unk
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=NTlhY2IwY2YtYjMxMy00OTE3LWFhZjgtNzNhMGZlZTllZTNl
date
Thu, 29 Apr 2021 21:35:51 GMT
x-envoy-upstream-service-time
3
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 0450 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jof1OqWUVruQGySj2WcwzPeERGX1dsl4fUz7TDHEVYgHec0hRLq3MxKqz5nJ0G1OlUJFHu9g
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
google2waycm.netmng.com/cm/ Frame CC9B 		0
0
pixel
cm.g.doubleclick.net/ Frame CC9B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUIIkQ_Xojan3Kd5va0Eoqyza6YD8X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUIIkQ_Xojan3Kd5va0Eoqyza6YD8XrEP44J8ISL6U3qr6O_i-SeK08oHedq75I4P9plTqr4hEffLrPIRBvlxcf29wJq7PVVxA
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619732148.275692,VS0,VE0
x-served-by
cache-fra19165-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUIIkQ_Xojan3Kd5va0Eoqyza6YD8XrEP44J8ISL6U3qr6O_i-SeK08oHedq75I4P9plTqr4hEffLrPIRBvlxcf29wJq7PVVxA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame CC9B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr8tPwd...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr8tP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr8tPwdpNwilDH2SUk5gNk5LEBg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUK5CUBKYlteZ-vPbuhOCYXwcG-8nzbGQRpLZXtiy_DnSC9RTXSyGcQPaXWnN1zHxr6Xphr8tPwdpNwilDH2SUk5gNk5LEBg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame CC9B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIwcrm0oCrFNkl26ESccu16OTKEKCPV-v2O0ZUF_uvGVWYVj9Bu_TAMqajwVkMcioXt73exaF3Io-0K5nI4bN0vT4yAeOKLOw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIwcrm0oCrFNkl26ESccu16OTKEKCPV-v2O0ZUF_uvGVWYVj9Bu_TAMqajwVkMcioXt73exaF3Io-0K5nI4bN0vT4yAeOKLOw
Date
Thu, 29 Apr 2021 21:35:46 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame CC9B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_push=AQvitUKotmjtA7zMWXrEqyAD8vcMqJ0Eyem_V3EDCa77XGoelzOjPpEajIAGZ1_qNRPgxgSyShvSaYtMwQ18L3ulpl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_push=AQvitUKotmjtA7zMWXrEqyAD8vcMqJ0Eyem_V3EDCa77XGoelzOjPpEajIAGZ1_qNRPgxgSyShvSaYtMwQ18L3ulpltdL6DH0FHN1Q&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIsmsS9BHXfgS4v-FHCbhgAABGgAAAAB&google_push=AQvitUKotmjtA7zMWXrEqyAD8vcMqJ0Eyem_V3EDCa77XGoelzOjPpEajIAGZ1_qNRPgxgSyShvSaYtMwQ18L3ulpltdL6DH0FHN1Q&google_gid=CAESENIDvwjToFCk7nCR-DBkpDw&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
462
Expires
Thu, 29 Apr 2021 21:35:48 GMT
pixel
cm.g.doubleclick.net/ Frame CC9B
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJhCsYWaqzouotnY40ZU72UBz_Dh3tBzsydN8lm_Yc40NgtNU8OuvIg_Y6bqpw5URN-W_FuVptPAEiqnXuGgQN5mt...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJhCsYWaqzouotnY40ZU72UBz_Dh3tBzsydN8lm_Yc40NgtNU8OuvIg_Y6bqpw5URN-W_FuVptPAEiqnXu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJhCsYWaqzouotnY40ZU72UBz_Dh3tBzsydN8lm_Yc40NgtNU8OuvIg_Y6bqpw5URN-W_FuVptPAEiqnXuGgQN5mte1Ogdwxw
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJhCsYWaqzouotnY40ZU72UBz_Dh3tBzsydN8lm_Yc40NgtNU8OuvIg_Y6bqpw5URN-W_FuVptPAEiqnXuGgQN5mte1Ogdwxw
date
Thu, 29 Apr 2021 21:35:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame CC9B
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIB1U6TCvNxX6AhAxAER2zQ&google_cver=1&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zoj...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Df305a4a8-b816-4944-9d9e-2f693d30e6c4%26google_push%3DAQvitULbfsV-ZuzrXeQBW4pbSZIip...
  • https://tech.rtb.mts.ru/?dsp_uid=f305a4a8-b816-4944-9d9e-2f693d30e6c4&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Df305a4a8-b816-4944-9d9e-2f693d30e6c4%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=f305a4a8-b816-4944-9d9e-2f693d30e6c4&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=f305a4a8-b816-4944-9d9e-2f693d30e6c4&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=f305a4a8-b816-4944-9d9e-2f693d30e6c4&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zojpaX24GrUl53BYk&google_tc=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=f305a4a8-b816-4944-9d9e-2f693d30e6c4&google_push=AQvitULbfsV-ZuzrXeQBW4pbSZIipvv9iWc5bTBp5nQe0-FdyeeTXy-9AogbySSyisT33G8dQ2-UL2_uvLsrF-zojpaX24GrUl53BYk&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
434
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CC9B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmFmwwu5cxm3D7PPaODFmpy2D2s1pJnehlZsnWD8qIIUaOoh8TfKQTtCAF8DLf296iRSc70g
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 1F73
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6171827806238432927
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6171827806238432927
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=95720437&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_391=22924-1934972794013617698&KRTB&23263-1934972794013617698; PugT=1619732148; PUBMDCID=3; KRTBCOOKIE_377=6810-2919fc60-ade0-4564-ab0b-d5a4d241a4ba&KRTB&22918-2919fc60-ade0-4564-ab0b-d5a4d241a4ba&KRTB&23031-2919fc60-ade0-4564-ab0b-d5a4d241a4ba
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 29 Apr 2021 21:35:48 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-6171827806238432927; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 21:35:48 GMT; path=/ PugT=1619732148; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 29-May-2021 21:35:48 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 28-Jul-2021 21:35:48 GMT; path=/
X-lat
amspug016:0:276
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6171827806238432927
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync
rtb.gumgum.com/ Frame 2FEF 		35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=58E84782-7B05-4B45-9CA7-40645D439258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.104.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=58E84782-7B05-4B45-9CA7-40645D439258
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 837D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WOhHgnsFS0Wcp0BkXUOSWA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=25998
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 30 Apr 2021 04:49:06 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 837D 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=58E84782-7B05-4B45-9CA7-40645D439258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
647ba986ca954aa4-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09c128483800004aa42780c000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 837D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=58E84782-7B05-4B45-9CA7-40645D439258&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=58E84782-7B05-4B45-9CA7-40645D439258&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=58E84782-7B05-4B45-9CA7-40645D439258&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
frontend-id
3
location
/pubmatic/1/info2?sType=sync&sExtCookieId=58E84782-7B05-4B45-9CA7-40645D439258&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 837D
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=58E84782-7B05-4B45-9CA7-40645D439258&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=58E84782-7B05-4B45-9CA7-40645D439258&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=58E84782-7B05-4B45-9CA7-40645D439258&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=58E84782-7B05-4B45-9CA7-40645D439258&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:50 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 29 Apr 2021 21:35:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=58E84782-7B05-4B45-9CA7-40645D439258&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 837D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NThFODQ3ODItN0IwNS00QjQ1LTlDQTctNDA2NDVENDM5MjU4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:47 GMT
X-lat
amspug005:0:358
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 837D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-2QvHaG2f_mxGxAywDix4&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-2QvHaG2f_mxGxAywDix4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:47 GMT
X-lat
amspug013:0:377
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM-2QvHaG2f_mxGxAywDix4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 837D 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 28 Apr 2021 21:35:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 837D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1934972794013617698
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1934972794013617698
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:48 GMT
X-lat
amspug007:0:412
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1934972794013617698
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 837D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2919fc60-ade0-4564-ab0b-d5a4d241a4ba
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2919fc60-ade0-4564-ab0b-d5a4d241a4ba
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 29 Apr 2021 21:35:48 GMT
X-lat
amspug012:0:493
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2919fc60-ade0-4564-ab0b-d5a4d241a4ba
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
i.match
s.tribalfusion.com/z/ Frame DC1F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJz_mCnjgjJGzMEgB-HZwl0&google_cver=1&google_push=AQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJz_mCnjgjJGzMEgB-HZwl0&google_cver=1&google_push=AQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJz_mCnjgjJGzMEgB-HZwl0&google_cver=1&google_push=AQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
647ba9885c7edfff-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
09c12849330000dfff21299000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
99
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
647ba986fac6dfff-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJz_mCnjgjJGzMEgB-HZwl0&google_cver=1&google_push=AQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitULVCkoJgRi9kBcxwQZt2fHQ0Fb-vJMTN8vCAwCixD_g8gKKnBT5qPvM9ihEmIz-nJHT4wrwZQUmNfuzci2EMT6tSxV-rTQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09c128485f0000dfffe9358000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC1F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUInCumbOb9HFHw64sCLLPLQWKvczl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUInCumbOb9HFHw64sCLLPLQWKvczlC1IlBnRxLvOQDwzEgnF_dmLOfW2Crjd8f46e-ToHDddYbHR6qR7cHazwgQ5GUn2Lc
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619732148.287825,VS0,VE0
x-served-by
cache-fra19165-FRA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUlzbXNRQUFtNTNBcXdBNA==&google_gid=CAESEDTZlsFHBtxbo1mXhD1Z8sQ&google_cver=1&google_push=AQvitUInCumbOb9HFHw64sCLLPLQWKvczlC1IlBnRxLvOQDwzEgnF_dmLOfW2Crjd8f46e-ToHDddYbHR6qR7cHazwgQ5GUn2Lc
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame DC1F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJjXmC-xYe--MmPGMjYeYrVQ4WbVa3Ml2NQ-x9M5nBMN1WC4mHLxau3nn8ApZrGsNkVAXFqwm_...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJjXmC-xYe--MmPGMjYeYrVQ4WbVa3Ml2NQ-x9M5nBMN1WC4mHLxau3nn8ApZrGs...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame DC1F
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM0BjjO0IqmJlkibzNJeQ7Y&google_cver=1&google_push=AQvitUKpAXI2vHg3UO-aYQlMaveNZZQjIcfBJMU2oxwWdq8t2-Rtgj5D5UR2_otWzg5xzWFguAVOkLkgH3aK_jgPT...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKpAXI2vHg3UO-aYQlMaveNZZQjIcfBJMU2oxwWdq8t2-Rtgj5D5UR2_otWzg5xzWFguAVOkLkgH3aK_jgPTMpUyOZcvgF0&google_hm=afe7bbce5aba2f94241a2413
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKpAXI2vHg3UO-aYQlMaveNZZQjIcfBJMU2oxwWdq8t2-Rtgj5D5UR2_otWzg5xzWFguAVOkLkgH3aK_jgPTMpUyOZcvgF0&google_hm=afe7bbce5aba2f94241a2413
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKpAXI2vHg3UO-aYQlMaveNZZQjIcfBJMU2oxwWdq8t2-Rtgj5D5UR2_otWzg5xzWFguAVOkLkgH3aK_jgPTMpUyOZcvgF0&google_hm=afe7bbce5aba2f94241a2413
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DC1F
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitULBRJr_qWttB49mkkGUhWnWaJKwhy6TeAj9RN6az9PXJ7HhdEe5C8ZvN1QJy8P8uH3z9D_Hgu0WBVKiCQEhO54tm7...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitULBRJr_qWttB49mkkGUhWnWaJKwhy6TeAj9RN6az9PXJ7HhdEe5C8ZvN1QJy8P8uH3z9D_Hgu0WBVKiCQE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitULBRJr_qWttB49mkkGUhWnWaJKwhy6TeAj9RN6az9PXJ7HhdEe5C8ZvN1QJy8P8uH3z9D_Hgu0WBVKiCQEhO54tm7BRaCkH
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitULBRJr_qWttB49mkkGUhWnWaJKwhy6TeAj9RN6az9PXJ7HhdEe5C8ZvN1QJy8P8uH3z9D_Hgu0WBVKiCQEhO54tm7BRaCkH
date
Thu, 29 Apr 2021 21:35:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame DC1F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEF77jFXDlOl5qlpx7QDTmnE&google_cver=1&google_push=AQvitULvGs-G0Z9GvlksFw60pqcwzO8QcBJNC72yyou7FOuBuCvV3tnCie3WufNm72Q0LHwmth...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EM1RRN3E5RTJ1RzZmMmFOOV9NcFV2ODVYSDFYY0RoeX5B&google_push=AQvitULvGs-G0Z9GvlksFw60pqcwzO8QcBJNC72yyou7FOuBuCvV3tnCi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EM1RRN3E5RTJ1RzZmMmFOOV9NcFV2ODVYSDFYY0RoeX5B&google_push=AQvitULvGs-G0Z9GvlksFw60pqcwzO8QcBJNC72yyou7FOuBuCvV3tnCie3WufNm72Q0LHwmthVGB7ICeOqtGwafbdLmpIh8K_p7iQ
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1EM1RRN3E5RTJ1RzZmMmFOOV9NcFV2ODVYSDFYY0RoeX5B&google_push=AQvitULvGs-G0Z9GvlksFw60pqcwzO8QcBJNC72yyou7FOuBuCvV3tnCie3WufNm72Q0LHwmthVGB7ICeOqtGwafbdLmpIh8K_p7iQ
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame DC1F
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIB1U6TCvNxX6AhAxAER2zQ&google_cver=1&google_push=AQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQMtpN...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db046af40-7ba6-4486-a0df-237f3a92338a%26google_push%3DAQvitULynU2Sepjd2gXJA8EAalzKA...
  • https://tech.rtb.mts.ru/?dsp_uid=b046af40-7ba6-4486-a0df-237f3a92338a&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Db046af40-7ba6-4486-a0df-237f3a92338a%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b046af40-7ba6-4486-a0df-237f3a92338a&google_push=AQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b046af40-7ba6-4486-a0df-237f3a92338a&google_push=AQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQMtpN62MF44B70NA1g
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=b046af40-7ba6-4486-a0df-237f3a92338a&google_push=AQvitULynU2Sepjd2gXJA8EAalzKAe3UUM265lNU71oNpiowRFUv1yCbJ16JaAlWn3RcpJmdm1autISx3m4UQMtpN62MF44B70NA1g
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame DC1F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPOz_OpmWielbdC5yktIt1t5r5ScLdULkbktq35jFmP4NQa_abYQt26Mob6fjH33gnbocZFog
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AA66
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGSeGBUs139UxEG0nszMW60&google_cver=1&google_push=AQvitULm4C7l0Lvrvyp0f4eRkXHWXkQ6y9VKgkt15ZtIHHv2600GSosjtwk9xyEIrAkG_feLWA80QHOQSooD-XrIV1rOCb9Xrp5l
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU0MzIzNjA5OTU2NjU2NjA2Mg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKwfnMU1MDt2ffGk1joHIHo&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKwfnMU1MDt2ffGk1joHIHo&google_cver=1
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKwfnMU1MDt2ffGk1joHIHo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AA66
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBOJRbqelVEDlBoVBHG7k3Y&google_cver=1&google_push=AQvitUIiVteNwZ-Vi6bzWnhIHl0ttVs2kIYDrxlTBzPXKdh8kvGXppjvYjaapRR3jKLZU3GjJuK5gNzlziJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIiVteNwZ-Vi6bzWnhIHl0ttVs2kIYDrxlTBzPXKdh8kvGXppjvYjaapRR3jKLZU3GjJuK5gNzlziJ6vqM8vNg8AYMcsJQ3&google_hm=8rbHodeVQGOYxZVUZSfXoYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIiVteNwZ-Vi6bzWnhIHl0ttVs2kIYDrxlTBzPXKdh8kvGXppjvYjaapRR3jKLZU3GjJuK5gNzlziJ6vqM8vNg8AYMcsJQ3&google_hm=8rbHodeVQGOYxZVUZSfXoYQ
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIiVteNwZ-Vi6bzWnhIHl0ttVs2kIYDrxlTBzPXKdh8kvGXppjvYjaapRR3jKLZU3GjJuK5gNzlziJ6vqM8vNg8AYMcsJQ3&google_hm=8rbHodeVQGOYxZVUZSfXoYQ
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame AA66 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEKOvrHE2dhZtEzQCveaor24&google_cver=1&google_push=AQvitUIYbR-sCC-PDOYtkc0N4R5Yr0w6AYN6Xe52ulUG5LHUitRst3ZN6CakBoA9j_MnImjEeiRzQ1Rra1FvNYPJOMMMGdxB7j8R
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 30 Apr 2021 21:35:48 GMT
pixel
cm.g.doubleclick.net/ Frame AA66
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUJ3qMtYkbtQJCj5amcjhcQFE49XJm8-SY47bWRbP6QmfDQvW-ArwLvVv6MR9IRvpkE9IbLjLi3Zby...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJ3qMtYkbtQJCj5amcjhcQFE49XJm8-SY47bWRbP6QmfDQvW-ArwLvVv6MR9IRvpkE9IbLjLi3Zby86mzJwC-LPZib9q8Hs&google_hm=db785df9-a1fa-47e4-85...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJ3qMtYkbtQJCj5amcjhcQFE49XJm8-SY47bWRbP6QmfDQvW-ArwLvVv6MR9IRvpkE9IbLjLi3Zby86mzJwC-LPZib9q8Hs&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJ3qMtYkbtQJCj5amcjhcQFE49XJm8-SY47bWRbP6QmfDQvW-ArwLvVv6MR9IRvpkE9IbLjLi3Zby86mzJwC-LPZib9q8Hs&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AA66
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGObvzX4xtFm3ubfR7nVy4k&google_cver=1&google_push=AQvitUIzw44I19fWVHU0PddGOf5k-KFARUURS6ZxNCr7Lldlw3i7r7YNECQ0RwsfK-vd68XbEYP8Puy-2QbN86urBS8TZnbGGTA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUIzw44I19fWVHU0PddGOf5k-KFARUURS6ZxNCr7Lldlw3i7r7YNECQ0RwsfK-vd68XbEYP8Puy-2QbN86urBS8TZnbGGTA&google_hm=ZzY5MGU4N2E3NDYzZDdkM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUIzw44I19fWVHU0PddGOf5k-KFARUURS6ZxNCr7Lldlw3i7r7YNECQ0RwsfK-vd68XbEYP8Puy-2QbN86urBS8TZnbGGTA&google_hm=ZzY5MGU4N2E3NDYzZDdkM2UxNjU=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUIzw44I19fWVHU0PddGOf5k-KFARUURS6ZxNCr7Lldlw3i7r7YNECQ0RwsfK-vd68XbEYP8Puy-2QbN86urBS8TZnbGGTA&google_hm=ZzY5MGU4N2E3NDYzZDdkM2UxNjU=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame AA66
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEF3s8QIHXdMSsqNQxRYSjZ8&google_cver=1&google_push=AQvitUJ_g47ImuyUSKi1BXnTr5usMubTLV_X_QI13V5Wqa8PGjuf2XYRPbRkWnfcZ1bPMnF6gJafVnjbRboixc50z1V1oc-TI6Y
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ_g47ImuyUSKi1BXnTr5usMub...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ_g47ImuyUSKi1BXnTr5usMubTLV_X_QI13V5Wqa8PGjuf2XYRPbRkWnfcZ1bPMnF6gJafVnjbRboixc50z1V1oc-TI6Y
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&mn_hm=MjYyNzMzNzQ3MDMwNDQ1MTAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUJ_g47ImuyUSKi1BXnTr5usMubTLV_X_QI13V5Wqa8PGjuf2XYRPbRkWnfcZ1bPMnF6gJafVnjbRboixc50z1V1oc-TI6Y
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 29 Apr 2021 21:35:48 GMT
pixel
cm.g.doubleclick.net/ Frame AA66
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHEWyaQGte44M3r2gXei8L8&google_cver=1&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roG...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHEWyaQGte44M3r2gXei8L8&google_cver=1&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roG...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHEWyaQGte44M3r2gXei8L8&google_cver=1&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7r...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkZDc0ZjI5MS1hOTMyLTExZWItOGNhZC0wMjdiMjRjMWY5YWM%3D&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roGWtJZGLW8Ty...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkZDc0ZjI5MS1hOTMyLTExZWItOGNhZC0wMjdiMjRjMWY5YWM%3D&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roGWtJZGLW8TyKhlgBGsJBiER0IG5R9I7NDzLZATHc43VtPsA
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBkZDc0ZjI5MS1hOTMyLTExZWItOGNhZC0wMjdiMjRjMWY5YWM%3D&google_push=AQvitUIHaMJEQ38AgbiihuUD4Z5yIo2a7HyExdW4yog6TTPprq_z7roGWtJZGLW8TyKhlgBGsJBiER0IG5R9I7NDzLZATHc43VtPsA
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame AA66 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8wj_FrAOW_8Wx2E13gUTtig7GEdPgZzjsiV9-5HLbYJ1mvRw7DfxOPPyCtLCK2oC7BdRxMA
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 13A7 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 06:19:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:20 GMT
server
sffe
age
486954
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17784
x-xss-protection
0
expires
Sun, 24 Apr 2022 06:19:54 GMT
300x600_atlas_1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/ Frame 13A7 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600_atlas_1.jpg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266b1011af1c0508b80c9bbb695dfa109dbcafad2493c2bd69aeb28307cf75ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681314/20210108044202904/300x600.html?e=69&leftOffset=0&topOffset=0&c=k9FkEvrZs4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 08:53:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 12:42:02 GMT
server
sffe
age
45743
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90349
x-xss-protection
0
expires
Fri, 30 Apr 2021 08:53:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8E53 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-6_MIW1_Q_m-jDoIRDubiuv6s2Vla2X_BzYu5t4St3xDgwpY5lyGHOTRt6k4chQBTANrxzQHbnGg1FZZ6_FP76VG_VdRbpI3-pgFlThI_Mtqru8zJh1OQddXGcmXbCTAmmNa0yagex6MpNkpGcKTANHqjQUf8T51qLCslUIVQZWyi-Bu9VF2pZyz8C9F29qJXcVYDT8eISaR95sAzVnSO69CaKCO8ZhP5hP5cO3jVwR-Hwr1nxiLwp01W5iL7SJCbcCxChaoanskaLkYccO9AvvqZmm0lRXM8flCsdUHuJ8Mh9sGfEy78MuWttwg51wJG_5OUYHhNUZ9vQMhs9yFyZlniZ11xs9YVAJQtFQDtQRAcLL6oYgA-bByVnlpiTy_OC8rx8gfCEJ1T_CPyH4jfsDKy7rfK4UZacLyVMfsfIQ6BueGSwV7hG7dRrgqGTLk6dfob18iQmfRKSogptrAAVeelSmH5Fk6PIrpcZG_ZZtZGfLXb0ltuc0iYFDVkIM19Rg8hJz_Pa65Lt2RG4KWiqSoYfRGrZb6hiabNuN5-tmwaubHTPwGuRvLZI8uGW8MA3L5k5WZhR0lAw_sJkPT15VKed0_gv_0NJYZx-2zAPUquko-L7VlEsqJGTaksCBgyG6-fnFi_uLQMy6faw68jWoQKcbykuMShRacVbbhZVS3rhHH5_0q3fLEId_jqir-n9onbDvOQzkFjYQILgo1K1np3j0Lm5CdkQvvQ5a8oWzRyOUZh33NqX7Q5BCak2wwxZ-BIObBqqtR_lLUE-NrEgyyoCvRt7ncc8VDPlgeG2p_mszUj6Wa1ZDSxTsyFh3Uc-mOScGCUxPQH8bC8CTE41jZhIJDAsaF0t89fePXnFjT7ZK3aW1HWwbiphLAiuiCEhMXykfwqfn0TEOkO1aljJm88ItpooVsUbgk3-hjZwgFINmOd2Thv3KDk5kbvOoj67XdQuX7JmcdfgmPgEAZRWBcOR1LYAD6GIvjtO4VrpbsuDhpYC8H0MofN90EUm_F_UVgzc9OLRl8rQtpsp0tiauZbqPeVG30YLntMVLUMyVB5CmNqhYSdXSqUXNsKJOyWf-hQTLNOHflqys8yXDnPG1PmlJNr4oE9l_BDxEtWqRfcJxICn0vqNwwVIXLn0jkVOLhRb37ma1L2eOzGm84sEW5kA3-qrzy39_Ly4ZyiR4E&sai=AMfl-YRfHc2xCWEGy2VXcfrzYU9AedJZzwAwUvsCS7fuOG-gLePO4ics8uA2fIB6prVwqeXEnzANBrbROmk5eaHPZ68D_mEuZYlyaKX_phyFAbIzw8o2r9aHdKgOZj3X7aYWK4fTEXoIpkBqEw5cpW-WJgEFbyt2Dw&sig=Cg0ArKJSzD1EdgBbwVCcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2767&vt=11&dtpt=2026&dett=3&cstd=721&cisv=r20210428.72904&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame 4542
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB4rac3A_h_ocnBtOd3IbY8&google_cver=1&google_push=AQvitUIXfBspMkTqr5fOSsWZ9YjLc2CelutDwE1wPc-Tt2T6EqHWvyN12s...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIXfBspMkTqr5fOSsWZ9YjLc2CelutDwE1wPc-Tt2T6EqHWvyN12saNTrx6wJb_JNcAMKYWL-GUDW_86Pz5C0Lh5ONsJFgM&google_hm=b25S2W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIXfBspMkTqr5fOSsWZ9YjLc2CelutDwE1wPc-Tt2T6EqHWvyN12saNTrx6wJb_JNcAMKYWL-GUDW_86Pz5C0Lh5ONsJFgM&google_hm=b25S2WpUno8oT4y9LlNedQ
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUIXfBspMkTqr5fOSsWZ9YjLc2CelutDwE1wPc-Tt2T6EqHWvyN12saNTrx6wJb_JNcAMKYWL-GUDW_86Pz5C0Lh5ONsJFgM&google_hm=b25S2WpUno8oT4y9LlNedQ
pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4542
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUJThegIlpvo-xHXwbyfvM7ulrvFjmm3M0WOrzHcKYc6mZ993HvMB6iSoGaC-c55tGILVJZBt36kv7...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJThegIlpvo-xHXwbyfvM7ulrvFjmm3M0WOrzHcKYc6mZ993HvMB6iSoGaC-c55tGILVJZBt36kv7jOoHYo6jAEksyX4xqL&google_hm=db785df9-a1fa-47e4-85...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJThegIlpvo-xHXwbyfvM7ulrvFjmm3M0WOrzHcKYc6mZ993HvMB6iSoGaC-c55tGILVJZBt36kv7jOoHYo6jAEksyX4xqL&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AQvitUJThegIlpvo-xHXwbyfvM7ulrvFjmm3M0WOrzHcKYc6mZ993HvMB6iSoGaC-c55tGILVJZBt36kv7jOoHYo6jAEksyX4xqL&google_hm=db785df9-a1fa-47e4-85a8-9745fa963b5e
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4542
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEM0BjjO0IqmJlkibzNJeQ7Y&google_cver=1&google_push=AQvitUIoviyu5DItqQMyZ6sinB7fs2DhgsM0sdYaZUPvERMkC0Zzg7lqm6YKO-ji5lbLKwTcwS9vTT6gdSqxcTM8Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoviyu5DItqQMyZ6sinB7fs2DhgsM0sdYaZUPvERMkC0Zzg7lqm6YKO-ji5lbLKwTcwS9vTT6gdSqxcTM8ZY8W_BJKKy5w&google_hm=afe7bbce5aba2f94241a2413
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoviyu5DItqQMyZ6sinB7fs2DhgsM0sdYaZUPvERMkC0Zzg7lqm6YKO-ji5lbLKwTcwS9vTT6gdSqxcTM8ZY8W_BJKKy5w&google_hm=afe7bbce5aba2f94241a2413
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:48 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIoviyu5DItqQMyZ6sinB7fs2DhgsM0sdYaZUPvERMkC0Zzg7lqm6YKO-ji5lbLKwTcwS9vTT6gdSqxcTM8ZY8W_BJKKy5w&google_hm=afe7bbce5aba2f94241a2413
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4542
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEFC-CY8g0dtpYVRtDDz36c&google_cver=1&google_push=AQvitUI842VFdG_jfgowNRbOvBggBrCMbLcp5oJ9bDImuHDhryksOGKzfpgDyoByKKawj146BgZwT_lWL2hOWmaa...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed862ac2176af6471d9a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUI842VFdG_jfgowNRbOvBggBrCMbLcp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed862ac2176af6471d9a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUI842VFdG_jfgowNRbOvBggBrCMbLcp5oJ9bDImuHDhryksOGKzfpgDyoByKKawj146BgZwT_lWL2hOWmaa6QJD1WK2JUg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 29 Apr 2021 21:35:48 GMT
via
1.1 41232b1248b5064ae14550b383a46695.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
TXL52-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed862ac2176af6471d9a&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUI842VFdG_jfgowNRbOvBggBrCMbLcp5oJ9bDImuHDhryksOGKzfpgDyoByKKawj146BgZwT_lWL2hOWmaa6QJD1WK2JUg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
gQRJfEoAMbotR08EkSp2i6rH7xzyNf7PH5EeUQEDUKJGmAL4Nc5waw==
pixel
cm.g.doubleclick.net/ Frame 4542
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEAjSrXHztuS5E73d7gyWV60&google_cver=1&google_push=AQvitUJCSdB2xfHIJ462gKjoCIcOeDnInPeh5IETEBnihdkzPu2NJQ6vAbK8JksLo8ZeZdDDs8RZpkyVf4UFZbAzVNiOjd...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJCSdB2xfHIJ462gKjoCIcOeDnInPeh5IETEBnihdkzPu2NJQ6vAbK8JksLo8ZeZdDDs8RZpkyVf4UFZbA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJCSdB2xfHIJ462gKjoCIcOeDnInPeh5IETEBnihdkzPu2NJQ6vAbK8JksLo8ZeZdDDs8RZpkyVf4UFZbAzVNiOjdgkwlK_
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=bh5euH3DS7uI7xoFRyi9xA&google_push=AQvitUJCSdB2xfHIJ462gKjoCIcOeDnInPeh5IETEBnihdkzPu2NJQ6vAbK8JksLo8ZeZdDDs8RZpkyVf4UFZbAzVNiOjdgkwlK_
date
Thu, 29 Apr 2021 21:35:48 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 4542
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENDMY92jWckxLrxxrh8Neh8&google_cver=1&google_push=AQvitUJWGdyavr30JUf_O6eV3PrNJjQXcg0MatXlVq8fCbSlNdiRJ3msWkfYS2WRf9lLdo7lI9FSy2...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJWGdyavr30JUf_O6eV3PrNJjQXcg0MatXlVq8fCbSlNdiRJ3msWkfYS2WRf9lLdo7lI9FSy2bHvHWUnqP8GxBwSkEHcgnp&google_hm=NzE4MTQzOT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJWGdyavr30JUf_O6eV3PrNJjQXcg0MatXlVq8fCbSlNdiRJ3msWkfYS2WRf9lLdo7lI9FSy2bHvHWUnqP8GxBwSkEHcgnp&google_hm=NzE4MTQzOTk4MDU4NjYzNTA0OA%3D%3D
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUJWGdyavr30JUf_O6eV3PrNJjQXcg0MatXlVq8fCbSlNdiRJ3msWkfYS2WRf9lLdo7lI9FSy2bHvHWUnqP8GxBwSkEHcgnp&google_hm=NzE4MTQzOTk4MDU4NjYzNTA0OA%3D%3D
date
Thu, 29 Apr 2021 21:35:49 GMT
content-length
0
/
cc.adingo.jp/adx/push/ Frame 4542 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEEPkvu6qfGE4wy1otFrsDUA&google_cver=1&google_push=AQvitUJfWI112fL3RyANbQJiNlXSllWmiJKT6ox0K8fJ5o68RHxsoAbPfT0qiYcjYlbiowH_V19sm-BBK8o5qHusFDdHQ94-CUE6
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.53.220 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:51 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 4542 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpLT-WWJlCx2oJSwRntppTnbfoV6iVfSQn1i3583dmyo2HfTeKUfXO9w_J68LYJ3WWqWCj
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 2FFB 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 06:19:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:20 GMT
server
sffe
age
486954
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17784
x-xss-protection
0
expires
Sun, 24 Apr 2022 06:19:54 GMT
300x250_atlas_1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/ Frame 2FFB 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250_atlas_1.jpg
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59671fe86ef9ca4130a39dc3d5567ccb734b0fdbdd5969ccab03e37d05c964b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61681308/20210108244439760/300x250.html?e=69&leftOffset=0&topOffset=0&c=QClGAHmB0P&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 07:46:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 08:44:39 GMT
server
sffe
age
49781
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88367
x-xss-protection
0
expires
Fri, 30 Apr 2021 07:46:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 544A 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIIkkYn6JurFo0uikfjZXuwoS95VcG4HjFpzCl9RhFirTZ0vrySMyACdY3VDzE_TOuE2aPkH4D04nCSh5gd0iE02mN-eptJyU63Epkmu8pEONjKihRNDjirl9OYfQEn1lDcavfR4J44V6MXZuatkuGHZDnps1QV43-TlOvB14I8WugfNjmHUonTlOQ9LYtPpFKClSbb56y9gIGTXiRDm2j1n4pHeNPsRgi1k05_9tSQEyFyudcd5vxVXIX-q6jPBzy7Q39fqi-Wey126YZkEv4gb8Fq1gptclkXqTNIFA0jCvkDUbzXExa52Ox8uRZ_CbTTEbaW2TwrQ-Idt10vqBsa7p30Inype4kUnJfX06gUKIcQetf4RG3mhwkeV4P9aAkdAInGc2ogW0cE7beBtWi3KfMv9spjaWDMoe6Q_7DkQf-6X4xwTr0BvLDfs5w9_GVWgMh6diDCsH-aIZ4O9eb-sr_NIh_TsLi5iFFgSCiLPpP5aSzslGedoeRqSo_bUoj7-jZcBiHecGE86cZKhuaY5NUASdZ0GVm6A489srJFMEcTRRreH_aSPm4hS9z7uu1O09nmXw6U1jvmpY9an-Fg93inHk6HFoA52P2hnmvBxoE6VpGgyVH5GAszL7T2u9s9yon9ES1YeVsCvG2CtKUewP4zgTAppI28EfZsWq029qU8oJk7OEXczVJG7kApmDT7hc_FFWl9tb8qDWObG0aflRsXvawMc1X1kyt_25_to_hCI2IXJfSlu81IVH3kubQWYOQRUITdl3bbqAI8mmoDQMxlk8wjUN-Lk_9xYcjLYFQJlfgpNjUBiAWzyxdU7hPEByIa78icrEsjGh6MFW6bZ8xg2cS3oO8CIFk27ulGlqnDVF1qyWavIwVhoI8rp3gIr666xJoRa2BwC3RYxWKtBjkFAd2I6TayXJj1uBqxPXrM4gaIv6U-MxUUOMFWKkwaNjlBOA_9fxlaQN-uZOeMIFTRJZdU9glS5gxAa29LSqPRg1Zyse9GkaOl6ke5f-JYBZAM4sC7IH48ODbTyhTvSak2BKZjNy3VmfWBa20Li3hxvwcQdygIaY6VvIlRCVrRht8MAkVaXy0QY8Ow-gCKli7QKI2oaYG6Z0DDp4eXlk40YJ3jasYdli3BRo-QUCAkZ4zgUnjtXFT7bPuncP5DFkal_FAIMWq_TXe_P8fhRvXMN06&sai=AMfl-YRF7PbdjEvnz18BHg-jzJ4Hv4Qk6XgQWY_zLnl-G4rTN4Truzbdw5-7D3S5iF94K0oX7KKg-Vh3VchydxSGZf2PG68eO7i1h9i5PbbmFqZSaQUe5WFK4p08u8viyhWoivGHKNW04SJpGVc1pnqlsp51hkP2aA&sig=Cg0ArKJSzATxhsetBWAbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2765&vt=11&dtpt=2047&dett=3&cstd=693&cisv=r20210428.89914&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
current
dclk-match.dotomi.com/match/bounce/ Frame 6D63 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIOcVRdjmMW0iOed9m1yHe8&google_cver=1&google_push=AQvitULc5KERyvAwwP6115_2r0h0sn96n5DBkYcSb1EP7uwgO0gJJL4od2Z_NtjldzHy3F9DEfPOd75FEp1eD1RNOLimL3g7hFA
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 6D63
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJoBV-z15rioabhdsesDjPgN1DqmkxV60BBQ8lF13MohnHIlj29rQLiozdIt3rYICGm2mKKoVc...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHeQSMiZZ7bVowXvLrHdKlY&google_cver=1&google_push=AQvitUJoBV-z15rioabhdsesDjPgN1DqmkxV60BBQ8lF13MohnHIlj29rQLiozdIt3rYI...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=Tn00Vu3CT9Wq-jlEYWeZ42CLJrY
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
gg_pixel
sync.adaptv.advertising.com/ Frame 6D63 		0
0
pixel
cm.g.doubleclick.net/ Frame 6D63
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO7jg7IrwLXa0kZMaIepSNE&google_cver=1&google_push=AQvitUIbxOfXSx_LnnQBnZ4lGuMS-ESh_5IP5AxnohTsfLrNmn8_NohvJqlvS1ERZhiw3jLuDCSpwU_K...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUIbxOfXSx_LnnQBnZ4lGuMS-ESh_5IP5AxnohTsfLrNmn8_NohvJqlvS1ERZhiw3jLuDCSpwU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUIbxOfXSx_LnnQBnZ4lGuMS-ESh_5IP5AxnohTsfLrNmn8_NohvJqlvS1ERZhiw3jLuDCSpwU_KqA3tFePNFbWA3e6OLQ
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTkzNDk3Mjc5NDAxMzYxNzY5OA&google_push=AQvitUIbxOfXSx_LnnQBnZ4lGuMS-ESh_5IP5AxnohTsfLrNmn8_NohvJqlvS1ERZhiw3jLuDCSpwU_KqA3tFePNFbWA3e6OLQ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6D63
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEJBMjrZWsAx9Jde-ZXN0Bpo&google_cver=1&google_push=AQvitUI_bJjFH1qcvpGDjA4tskcKPU7_yj-FSE4ZKW6-MWdNpQZNWIQrZXO4BpAUycA_OmP1kjm9ghg4Hc_WXszxq8lka8Ilz0I
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI_bJjFH1qcvpGDjA4tskcKPU7_yj-FSE4ZKW6-MWdNpQZNWIQrZXO4BpAUycA_OmP1kjm9ghg4Hc_WXszxq8lka8Ilz0I&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI_bJjFH1qcvpGDjA4tskcKPU7_yj-FSE4ZKW6-MWdNpQZNWIQrZXO4BpAUycA_OmP1kjm9ghg4Hc_WXszxq8lka8Ilz0I&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:47 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI_bJjFH1qcvpGDjA4tskcKPU7_yj-FSE4ZKW6-MWdNpQZNWIQrZXO4BpAUycA_OmP1kjm9ghg4Hc_WXszxq8lka8Ilz0I&google_hm=WdCDu8LnwwsuezzpZGcuKQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
t3o2jkhh1lklpt2qevt2s31ikoh084tu
pixel
cm.g.doubleclick.net/ Frame 6D63
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMJydClL95A1SRN2v-7oMLo&google_cver=1&google_push=AQvitUKogx9F7M8LByEnT1HmF8JNNi287QV5Nn6thz2hv07raqAHEQwmBA6uESsiouozJclgdMAL8pRTMvhOaid9p...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKogx9F7M8LByEnT1HmF8JNNi287QV5Nn6thz2hv07raqAHEQwmBA6uESsi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKogx9F7M8LByEnT1HmF8JNNi287QV5Nn6thz2hv07raqAHEQwmBA6uESsiouozJclgdMAL8pRTMvhOaid9pHEKN9WYOhgR
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YjcyN2QyNmEtZjM4Yi00ZDk0LTg3OTctYzY4N2IzYmNjM2E5&google_push=AQvitUKogx9F7M8LByEnT1HmF8JNNi287QV5Nn6thz2hv07raqAHEQwmBA6uESsiouozJclgdMAL8pRTMvhOaid9pHEKN9WYOhgR
date
Thu, 29 Apr 2021 21:35:48 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6D63
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIB1U6TCvNxX6AhAxAER2zQ&google_cver=1&google_push=AQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPRB9p...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D7e703249-2c6b-4647-a3f1-e245fc729fa5%26google_push%3DAQvitULPz_kgFRoAYy-levTmdBQVS...
  • https://tech.rtb.mts.ru/?dsp_uid=7e703249-2c6b-4647-a3f1-e245fc729fa5&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D7e703249-2c6b-4647-a3f1-e245fc729fa5%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=7e703249-2c6b-4647-a3f1-e245fc729fa5&google_push=AQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=7e703249-2c6b-4647-a3f1-e245fc729fa5&google_push=AQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPRB9pUfpQTrdw8o
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 29 Apr 2021 21:35:49 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=7e703249-2c6b-4647-a3f1-e245fc729fa5&google_push=AQvitULPz_kgFRoAYy-levTmdBQVSIdA6nVRiipNNeK1YNqx1jonso9aMdAC483yTwNKTeHfy3qtFhLafKPtPRB9pUfpQTrdw8o
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame 6D63 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I88J-O2ca364A2vf3jBBHKda3l-tIoOxg-PlewiK8CZOC2saeDmROmHStwfllDYO0zIBYBk24
Requested by
Host: 56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
URL: https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 8317 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:regular&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 06:19:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:20 GMT
server
sffe
age
486954
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17784
x-xss-protection
0
expires
Sun, 24 Apr 2022 06:19:54 GMT
728x90_atlas_1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/ Frame 8317 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90_atlas_1.jpg
Requested by
Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15c9ebdf33fd00cf70ff59fbba60a5a1215324165e27642d57b23f3dfe185a4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61670776/20210108044154305/728x90.html?e=69&leftOffset=0&topOffset=0&c=mZtn8xICtF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 14:21:14 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 12:41:54 GMT
server
sffe
age
26074
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55910
x-xss-protection
0
expires
Fri, 30 Apr 2021 14:21:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 294B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN4QpJgEjJHubtdkTuzym7mIJ262SZ96D5DRcjg3eV0KyIqRFafpc4qv67tikNH4jtjKX8GX_lpEfeqOA0RW2x5Th-ZqyounjYBcFLQCKw8mrDa79S_udTwlbyPDZM_u8WcHkYXV0U8A9Hd1q9T2ZwCU9lyPhE6y5C6nMPXkMfESHVDZLkttsvAY0vNNevZlgnI7pvxqil0hT9WrgcvIl-9MGsuoItadbCOOWlVmlL6Vc_OCnMAynm3_s7Mh-rrRaW99e3F6V0GBHRU6AZMiYGmOkZshrzyprs4b6TzqYwzptXElLszA1GiJXTaL7AqMnLVBjzY8LIngjCjeCHYHmOiYp38rhyGDf4l6GZUdx06kU9XTzsZIuPhuAv4qc66fm9PPOLWRsHhtSsmqqo8D0USav4JbAkmv6qAs1nH2548tgYOuml_UNOmLV7cCVBbt7I9JU8XONT6vdZuCTXBSyRb23KQbnDppOKB-s8bqGt6AzBe8CzgPZKQs0bSLo53-fM77pasDegYdfyPLW415s9aNkBWXIdae0--egLxunZjEpw1sfE9-7ed7IVOWx2gdM7zQEp_2K5sAutoycNyE-qFE44RbOEhdH__ZbEFTiKNv75BQqBCSQ3BwXehCrFSrmperiGu6SZXqowhXinOdr2uJ8gdEqMbu-dkkgjcYf0qxWRS0OB8HhhWEhLx0nawYoBKlOqYX8OMP5JVCxlr9eY3oWeWjE53QWqb1OCr1bbcCdXIhN1HOxp50kpkfXWqF5pHpgtBIelAcr5UIvHmFu7dZV4Gg6sTYp6vnwqkamnZlMjbt_abiXc8yOmZHfC1HARTQGXXA4vD6r9VGhNpB8JrzKi1NTpvMfPBzqJH0zb2XArXe1etOKt9DUENAkxvOxt1VTAYqEzonWHz-oN2Of5BA3U74qmm0ZuBqakrAyVumC-R_FWa6UF0zDTO2s5BfEz4qBMNjhpbhoJWNEuqYud9_bNKgXnu4QXfwOhWOFTY1c6pkiryxD4ayT9ckx_irUfDtqyIM7erFcr6hPb4_sREEHGDKqQIyCGduew4ugtWQJGMbCFDCxnfY0zcFk8FzF4SE2LxSpvgEWLOhVBvc3IazVyL6cw0LotQYdmHl2nxRuyoekYCxI2q5BEdgMZCg9HOk9VdJsuE56sOuhFg_xiJN9NqYHxM1Ss18MqtYDd0g&sai=AMfl-YRic9xFOsgIuARX4jTlNxNtDuuetcHjEPhnWAnYX7xCZKze4VbtXAsKI2bVUyQh0MRIhHmFXWJDFwRgpWgyvar0FipRMhnkaOOT7kn2QKsRjHLF7t66ctJO2Y4ZnsqeY_HCWPumG4N7sK2UYXvwtQESkzTi7Q&sig=Cg0ArKJSzF7KIa6_JMsAEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2616&vt=11&dtpt=1861&dett=3&cstd=731&cisv=r20210428.10076&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame B862 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZwxGo975jzwABE34iO5mqguBzjB2uFbVmGtOyTnN-zbdTNlEy4ER388Kw-r56URdWnMgJgbqKNfqG1NMAxoK1j5QUyhm7feLdWhMOE6L1uYt8kCeSqoJ8D5KssTvSbvdiUe0XdBStwHPYbaiNCAZJ5rowXfM6qDN7tL0j8_8GGkZGut74xOUIqvnacZCpCVAZGN3IdlgHYx0ybT1GJrW7j0lDlwOrjIk6Dk7s81JyNR2LEZpqTyVRjoKhdKwxSbuElYzWkAyxpvMLn-sJw5ao4VP7mC-S6jgb8X8Nqzs3rZE6ELL7kW_x3ShH38_HzJeCd3BMzBN9uwWfwRnRcXFJYCHH8xxH9kJZMNhIqptqHr_gfBRpMjUQ3J8lUaFL4_09-ft02LvJhvynGSTn9i3k3ZViRO6KkUzyngkvQgYmnZpVV-avxo-VVvp6d9Vh1bD2Hl0cjdD7EEv4mFi-ih9hzji4JmIJEY5Qv-i2LFev0k3XW-oLNYtQntQwZg52zG-8hL8BaITyNC2xkK-wbl8V4AgiYPdZDUeF42x0MDwTHtyzCUZtK3P7qYI6Vfn0LpaiLMr5rQWmX42Bs7vz8-b67ePIOSbBJWthyi1YYNM6i9IDdfB3erGcg7mGoeR6NK1yNnMF-wbtg61_7srmnauBKtBkf_TIkwt_MJ60lNk8orRQJl951du3rHmvIEGWqtWaGbIK7zhLEuDwJYNxPwwoDru4vVQNBE-p5UNvV37EQT-AECLzCG4tR4UgcARV5gRICC9lERyzQURdo9AHDT1tsZlXRDBm4Lj7wUnCLnRLTfY0hlzrpzxXPO7hqiAJm2N7tfgk16Afj_6x7rqri_1gdKC5Xmv7s7pN85Kgv2jPRbzCSwdT7HSmV1fbJHwA7APADv4CVr4n9qe-BvoQcgR8ggXCEq2XG6JM9XfcLUgdVVy64DRWa55fUFoOfRc2ZBUGE4b4pEsQnJlXW23Xj0WYeNXeFMQedAflkU4UkOkaglzP6vzZPF5W7mNJ7ux6OOL7ePvYRxb_tONqYDJ0bdOWTnbS1FmkLVzenrl6qLK91ibKeZtb2g9Og_9IyOBkDOKqJHPi4LtQifYy04gbMhm9RyhcLhqqJsjn2oVE3K8_4EH_7MKyw9v5grGm9bcY_P4YmGioW_K-OmvJ9Ruu4XoXdfJY7MxHFt2MlYv7vG450YY3gzJKIX6bNHiShXIwM-oM84zvCO-pBPtx8dHfyMoICGm-f37x_4R0uUY-RxtqMA&sai=AMfl-YT1WQkeJgSaeXOH8P2-DZucWiJZaCzUe_2C634FzXZro13j9nmGWPLRC88h7lF5Xp6cC0NwHa49A7iSHlMBR9sYHOAGZpE51u8XBSlpPfMcy6GiJJDx2_C9Ld63B18TajNJpWbi8ez2fFigTGu0urtEv7bv5-kp7qDtChbK4uQ3rQUQjbBxZQ&sig=Cg0ArKJSzKHUThyvhTPaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2781&vt=11&dtpt=2088&dett=3&cstd=670&cisv=r20210428.70833&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame AD3A 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26721869f484d392ce5c0a2e755637833e0ac2a21619b8b0e50f9576b3f2bca1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4160
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D63F 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5379c9126454ee970b6c397c73c5c1ac32e30134a8e282ad21ea19fd61476199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4144
x-xss-protection
0
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame A06D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame A45D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 13A7 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f181f6ae4856bb3d55494dae5c4990bfeaa660238b0f2e0b699be008f98ff0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4203
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2FFB 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c63ed7df3f35261fc0d6164b6aad82175c18a7a416d8d34e133cd4a0686b26d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4226
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AD3A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 26C8 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71ec4510fdfbc2b3fa54e4382eff7c4a335f028834201227585f33a5e2aa2359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4150
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FB4B 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de5d4ee314c53ba3fa5c9af5b4749140d48f4a276431e269b3fd7a52130471b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4205
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8317 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dea6447b2b453cd9372c823d6d5a6e1912938d1bfa41279a6539e8c3e707e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4170
x-xss-protection
0
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 66C2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 8FB5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame CDC4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
enjoy-Benefit-Wohlbefinden-300x600_sprite_01.png_1618062080400_enjoy-Benefit-Wohlbefinden-300x600_sprite_01.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame 26C8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-300x600_sprite_01.png_1618062080400_enjoy-Benefit-Wohlbefinden-300x600_sprite_01.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df7e9a40a189f4c1c7111b00e9348166c2bdca33ee87ffe00b4aca94c36efe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 12:22:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 10 Apr 2021 13:41:29 GMT
server
sffe
age
551574
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5467
x-xss-protection
0
expires
Sat, 23 Apr 2022 12:22:54 GMT
enjoy-Benefit-Wohlbefinden-300x600-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-300x600-phone.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame 26C8 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-300x600-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-300x600-phone.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa341f761780a356205e5a62c3e66c020d5aa425865c090153647e90d12a904f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 04:42:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 09:02:46 GMT
server
sffe
age
579181
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13606
x-xss-protection
0
expires
Sat, 23 Apr 2022 04:42:47 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame A199 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1D1A 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dd91576d290a1d7459618ba41ae2546a796bb835a7b953bf45edfcffc916f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4129
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 13A7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:48 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame BD8E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 9FCC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2FFB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 26C8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8317 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:48 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 30DE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FB4B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0C65 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKJ-_bymZzQ3Vt5AsZljEUi4xTmGxHKiMOxwM-PWbhAhuDhHzPaBzfoITF7w2ykKRyQlSqdUdRBgd9g5R44rTRaZXcVC-1x4w-e-1H8ci7FKn6h2l7DgaLHpKfwIgP0ZnbSGgmqdr2RcQs7IkFwzKfXR9Xm2L63CtrNXJg2-S5oQnMpkjYV211Az74bOincX-kumcnI6Wnw-xnfhRZf4JKNs_--rM2qx5OCJTiUHOFRUB_ObLh-uiPJSLc9INVQn8J4FiwN-noB8VY2T7LRy2Fl4cXCjyPKf8Ehou1MFaexX5opwOoov0tJBVp7ndAa3q_Eam2dqODk4X7a88oitdqH1VlD2J2SaLV0P7WGoPsHVQ1lK_XUYDcN1NCpn2J6gsdQi2LX_6KHKGybUhknAKQW7VhokrF-KkPJGdte5f_Ew5QZ6PSRJ2D493kIU1PSEAcfiGXl0FUVSs9DgpvRjyWwH_D7qPllWkDdrksY_h537CY_8Wq5VTkhz73OILrd7_h8Y817J5LhRjrYu-LLOE-YDat4c-D1bZoIaClRMV_NVsv-2ysKp6Jd3Cup7S1RoWAMKGlxy3pIQqDgDdwAdFc4fmwdo1Nf18SuuYN6-JksLLkT5wh2uek5KPAH_4atLZSDhujvuqA5aqpyd4B8Gvp6pk1_NyGsl6IN9CHYSWv9Inp-j6BU1AFIeNnhLgrn23hKPjVSHlXlJMhLUlNQOunMifZbayqOndEAjL7fbd4dqEy-Enumclq0g-yFVHdtoi9yzbA1vV4pn5m7jBXKGAjDcGNOf02RY5YJc_LnD8oBWCLwNnHjbpjWEzd8kP9eIANQn7gEC8j843VuejGLxWmD7_EkMGIG6paUyFbtWRyX-o6rOnqmhwtnLBXn_VQgCiqD-oKDlwq3Ctc-6RfHoJwZ_oD-OS7bsYzS6cYrE1sMiGLu_qaeZC100EOjwMefTUCNTklNWFYjghsvVF-qfnzbMpu5xyWHo9Y_MURAU0vy0wWobEOwffS4LntVqL83eL0LJzyFGvODWsKb2SBX4ujh1rSLR1cDWzkJfjfXaWnKY0wJmXGAanL5IO5FTLXDcqljKCL7rhpjuNCkyuVr-or0j-ZlL6YnEfxAFBwLSU0BZlMK3SOQ_i0UisMSImNBWbfZzpLX-J_BRsIwaayj5H6x-BfNdouM0L6kYHhxzaBbOkTf1PCDHldXX93yD4XEgjqguCL8Tjo2jZUcSYlKoE3uRawjH0x8re9MeHKGYg&sai=AMfl-YSyxrwbl5X5VpgtXG_aQ9NYbl7hloeaC-LwY6scr3CSk517dfuzLKi_k3F7COmPspAlizU4y89ryZYsXE9BaTyxO02CraXxBVnTRSP2yZ3NfyyEsyNfsX53z2PJjio0Va1_ghTDWMa88cN_pwFVmjbxF7YYS1-bs_Cd7YJ0t_W4iGQ2-XbkwA&sig=Cg0ArKJSzIinwHvfEpKSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3002&vt=11&dtpt=2318&dett=3&cstd=661&cisv=r20210428.04845&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 0407 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 9B3E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame EA47 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame D85E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png_1617890070064_enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame FB4B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png_1617890070064_enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ad91658b329dd263a96b53c40da95f91f20d423f4141164602ca082cbba02e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 15:29:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 13:54:34 GMT
server
sffe
age
281179
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15968
x-xss-protection
0
expires
Tue, 26 Apr 2022 15:29:29 GMT
enjoy-Benefit-Wohlbefinden-728x90-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-728x90-phone.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame FB4B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-728x90-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-728x90-phone.png
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708e91c3bd12b3d0f7c1123157cb1ccd1f7f305812eddfb8a21c4d22b8854312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 15:29:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 09:02:48 GMT
server
sffe
age
281179
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3728
x-xss-protection
0
expires
Tue, 26 Apr 2022 15:29:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1D1A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:48 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8955 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5maIJGVS8XRn7fYv6V014Ve5MyckMeoUnf6JscYlmUS8KYh7hypMb2YDZON37p21F2i6nRdAqMcFyftAW3FhZ8e9P2ot5qVLCWcH7T3swlg_G4fz1I0zv8aMkBz5-0ZG76raiz8xCU5MihvlaXpuV7ftbFatnUy-6n_UjBj22cDpRS-VltzN8NANYUFvFDewWyInQVT29RXWoy90oSxyNo-9qCD2piag8VTMms6jI_tIc_1PlaWO0RDRQ2RQTZaHiEk7Xczialjbz9Oc2F3oOG918rTDeiT0aX82dpeVzV-wclbx5e9XPVyFgQJu10GXxXaqwbtu5g0lj9_hyaJPXDWQQT8rZft8JgK6F9uFCTETMTbEhknhh1lj8-Ry45N8Nw52WFubBu4wXmXjCHjD5iBzSXW0lPLISt03XdoleiePcRl3lNnBet-TMgCgeZR9ymCpbY1ndtrphpIr-71x-jYiFp7X8G4aC9r9qWAEybuqTkleud1WrRfImPr646-szCo3Ut7WkcuBl0sE5usUCG0i1nYWxx9TGRQFxCDAwi0czQuzRKHNxd6w5uBlJYOCv_jUdTeP5gVLSwLO4fV0uRumcUcRZIqDrY6fRngaV2CCES4-eg5gyS6FyH0HEZHObeMwYM4gHjRDP3BLWoEHb7CsrSxzHCoNHkR6TCVQb00Q9wWGuvaNhWo42ZZbqz9pc2EhHnVzZpFHbgrwxEqA0w55HiyFLGe6bB72YkX66XueepwfMxlIJqpybHBsUQWtV7-5IUig1MxsPgYnpNYGyL0B0oYvCf3Z4ZzEHrtJyOmK6ceSUNa_r8lW48LHeaneqv_b_IhGaTZ9sKOCrAntlCwJSyRIp6pqRDGoe7NYsMHlaOmztz62oWq3mI7j4qRLbW5Lu-sEdDVqetqdS7J8t8w31_Hcm_Ey3j4m_pF1SqOPPR4jhFbaaproZ52N-8yOWAvaDufLyWbf-wRiERgpdkAWhLVy6_AEvyc4pCITIKi6vK_lyURfpJT8BurisVe8pNatxYyVHwrLmB6U0mpmR8rSGG0CGcdZi-OT0-0hyhZJnKKqkHDlHN2EAylyKKnNNLPn9HSwM-63ZeKp-hlsvyFJDX5cr-zuaTuNCTleIS3ImWfuoAfQ2maZiU2RUt2AXQHoH59VMFSWyRVEvqev9-TOAETo_jLlXPtdZiO_x7K5eeOOgCgRHYzjPYDcCQnn8N5wyBkLahB5wzoNHzQzhskCtNMHhdWgwfdQ56f8&sai=AMfl-YQYKy234qNfvqdQfH4hzDjB-gtq76mS78nQZfDSAi_Sb95yzm8loIrn0KJs44RJgQ0bVYxb--e4CoL6orwycF1ir1dcNdq8usUTDBBH44myZrAFx-XphM1Un_oZT0iuiHfL27xK2vd9mw0TE5VN77jedxrunUQ5MkD41nB3o2s-cbgiJ6Rilg&sig=Cg0ArKJSzOWtm0Y8TNbQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3422&vt=11&dtpt=1949&dett=3&cstd=1446&cisv=r20210428.16956&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame CD70 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13698
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png_1617890070064_enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame 1D1A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png_1617890070064_enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ad91658b329dd263a96b53c40da95f91f20d423f4141164602ca082cbba02e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 15:29:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 13:54:34 GMT
server
sffe
age
281179
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15968
x-xss-protection
0
expires
Tue, 26 Apr 2022 15:29:29 GMT
enjoy-Benefit-Wohlbefinden-728x90-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-728x90-phone.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame 1D1A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-728x90-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-728x90-phone.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708e91c3bd12b3d0f7c1123157cb1ccd1f7f305812eddfb8a21c4d22b8854312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 15:29:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 09:02:48 GMT
server
sffe
age
281179
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3728
x-xss-protection
0
expires
Tue, 26 Apr 2022 15:29:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D63F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DED0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDQOrx13SSBpZ-yWR0YKinUGNYOUyCi0TlEc0p3i2EfOATTNR67v6iyqVFi3K5eblt0MuurX1aNW8AS8E3m3HRhQGqg6nvBLcmri2YChCZB65KCtrpYI3dBjOEkeuHpFqbfJtMRH6qGHRNykgE6QKbCCkYaGoB9BpnAu1IdtDVuIsueH0qXqaN9CLlz0e4elipL_IgASAlVorLTO7VVmcsXFdC-es-T4EYhFH8y0hz_HMAhEsP43_NOvnRzI1PPUXLA38QA_1qmmQERPU6Q2d1pEEONe6RlIO3fZqoeIm7gvY8fPfaXWQCB1OsJTgSlTgA-WPjP-aidHm7Il2RXr0hPZbUu50oClSFonRzGJT6j0wWD4bUBDW7ZnJDlR7SFh3RHbqLmPszplcKqiQNLOXSRJZP9latiEpuqnyZ7FnJT-lJ5LYaqwIoShcU0zJUy7rCHd9RsnH9t1rEAi07gAHQLOcz-W2Xk5r6Raw_s5fDShNCd77pnlNQ1uUm2_Nrs-PJAFXhp6FINdDfwnOMDEdEonh3XPqvoziX8e6A4Hcmy_tedtWLeBpk-Ix2ZRdsL-EtVthxZuU_rYgOW5KJAm2WAduuaQfzWeYo9-q1QT3mtZ-cEZuRYiBDmW0RNXGxp3lVyDzqQMbYaCu9SzJblDLRW72OpC0kIqfNFElAQNeElgGJr1vwEOpMDsz_LZ7lQFY7q3LWy4lb7iWjSM_RTLZhNrqZWZ1xckaHwB7qWdvq63Gj_eaVf3f7hD3h9DqYd8D4iFlm4d5YCS0WbOwWpYZUlca96-Z1Wsl_gn_h2lSnG6Bn59e1s3KaaxS-4iz7eMvzfGxvFK9Cv6AOm_pOWVAquRI4RQ2AAy3yJ72diTaF5rTeJ-kD2I0gnyebWHuxlsgtjNUhV2uU9_TKXF8X2jzFBdNDlg8660PpRrICz19NgnuFXs6GNez_YazJZasTTnmN6IXFZ1p-zhv_E0hXAdpF2Clufo6zp8weas66WPC8wcQGMwebsg7Rng4FXOvpOY8Hyr1JXuYPi8Hr2dHYUMo23Bp2kDrBBDluZhjfgoiyAvKWbyAIqYPPv9TY6T6K22lguGelIo66X4kTf4fj1tpqJ3nIjl8rndTDIR1GZkT1Qz3vp0NkfIbqxk4Hb-79Rsd8WJdgASXVo9hlzCV2oGLPNVpPYqAEDbHdQPvlC3J_x4w-7bOs7stPVot6JoR3gwPHqLaH02kcPZZZoSAJvDEpoEKxKI0aefvrlhvCvDs&sai=AMfl-YTEkEP3Bhoco0W3HEuDH1BhqwuMLvlAlS-sZXKGkiWroDwsXFsxtVt1HNok5vGV0Iv7uEqYnCSzToZMLnGR6131x8Jch6LXWfVu5l1kFIveqOP8YEu5ZY6PZKpMiJnZ6O40FZVdc4frxnfSulXnFY9Gvqgzi4_ATi5pZmqhJxkQ5qQUJz_QpQ&sig=Cg0ArKJSzDSLUgfnp9sAEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3883&vt=11&dtpt=2990&dett=3&cstd=868&cisv=r20210428.02525&adurl=
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png_1617890070064_enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame D63F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png_1617890070064_enjoy-Benefit-Wohlbefinden-728x90_sprite_01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ad91658b329dd263a96b53c40da95f91f20d423f4141164602ca082cbba02e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 15:29:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 13:54:34 GMT
server
sffe
age
281180
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15968
x-xss-protection
0
expires
Tue, 26 Apr 2022 15:29:29 GMT
enjoy-Benefit-Wohlbefinden-728x90-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-728x90-phone.png
s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame D63F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/enjoy-Benefit-Wohlbefinden-728x90-phone.png_1617008565371_enjoy-Benefit-Wohlbefinden-728x90-phone.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
708e91c3bd12b3d0f7c1123157cb1ccd1f7f305812eddfb8a21c4d22b8854312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 15:29:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 09:02:48 GMT
server
sffe
age
281180
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3728
x-xss-protection
0
expires
Tue, 26 Apr 2022 15:29:29 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame C979 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13699
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 26E2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13699
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A06D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRyBvryaLYP_iNafc7_UP44Sv8AEAAAAAOAHgBAI&bg=!wcKlwobNAAZLnZBaS507ACkAdvg8Wl7urvL-C_iPUzno73LDDtrDkEV3TUZ5A2tUnVDVhmVsaiI5pwIAAALtUgAAAMZoAQeZAnBpSmnxwWldUJZEYw2PHbKilIRzBot0GOg6GZHNxZQdBaabxXhe0ixqqeQ0E-CZ-L1e-eshtnCLXxo9azgmtj67NSWMkf1tcELLoyhsxj-0ctzdccEsl-3-wizZgOS4rlEkGnYTY86d2JrbDD4lYNrSki36zp_xHYSKEgHmFQldpttbdbU8EZlXxFdN4RoE9ZNKksr942kV0QegE7hs2T61EKK73FhSn6LODHCUOO6m9ifZK3KReVOQuCYw4uAq6VVrOrjXwpQopzlegca1umlKtD7-miI1x5KyNKi9qg-VDqXP_g2ZvB_j97p3ophOJJDQeXpV6HE8--5H_MMr0xp4dN4h6Z-D-MhatFdjASAa74G2_83DxVXycPhrbzY-w06eozWbmaeVIx8iDr72Xjgf8rkiLLKpEqMrd5fqhLiINoaR6gfN8VeRduu4oVrDZ9gr8l1VqbrwEHUySZDth45BDrLeyJIZBg5_InWS9PAoBU1Qj3KeA-_jZiuYZnJtB-vaRMLkB3UQ_8BKuBK8t7wPJTBmzzUVM3SUayDLRYDQoTJZKdP7UvXjUT_Kwur-bLouGX9dey-OSQkNLXw90gm3wLsxgWf4Fv_LkWKK-11mfFpR5WaZ3JtMizCipkV3c5QIeHkNzs_dUazL3uTfolrsYJ2DMnB2oUvao2pGV1WyGUv0avr5m8zU4cYAPGywTQCWM4b2iIdSVN3Cczx4TFyECfjuQgOrzNXCAwYSf8uMB5_EJLFekEqsfxiaRvIonqSoldr27y_2rGSjAfTRQytTA2Xsc4ieEhjLJAkcAopeFx-RTO28PGnBbM-Cw-_AQoY
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A45D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqtPQsCaLYPMMjYvfA8rlmqAMAAAAADgB4AQC&bg=!zM-lz4vNAAZLnZBaS507ACkAdvg8WgBT4XPsoMBEZj09MQT9bMTUNH3Vw2wpPRSn-Nc8KVMimxKN5gIAAAL5UgAAAMJoAQcKAI_AwUg5tEE9_YrrbpvmLES04oU59F38nbKFANqJ_cfLapGHLY491oPtBIRDJqxJMde-Z2SjFrztCjdkwEGxOitDs7PvN3PY9pohOcIkoiOBZbjjgwkoDQe4FCOl62_0DvAKl1yCdAzJH6CfcwxYHeSwosECui6NGMIswxlIn7vpcwdIGWbaM2U2y9mZgszPQJkCeYD6RzBMPOtOGuVVDXc7o6fMHbjbTMo1JanvHeuIupG24HgWINkMFEqiqoft9o4TewYRyM0OqkXAXbicAMj5qSsW7n1Q6nQHEeRikBdbhTASVNxjRbs2JayB7jpfauORbsVPGoTP_DTCWHFxNuahu6nyIsDmRK3eboBRVVXdx08M7D_BjFJxz9JHqcvxwSVPTp08r4GgeVN77TiU2WdILUV0OQUGMHs4flAN5xtJglLrIK39L0VbiYyIudI6jBGNOKL7y5BYx8_dQiXD9IbAaef9YqZ-bGDJfjdCIyvCw_n-Kj9cHQyI1qcgvq_tDnenY9Zpp_DCkZg1N3RE5hDpRI7MDOom2yeh10j5eA0DTvRWeyOJcsHyDn5Pp3RQ0RprMwOHjtNfvVci_umuc9NlgIvqHBgBYTgwyoD6JDDohlugr2Iu8-F9EwsJFiS37yGb6bFPBJs-NseVJcjix1Od99V3LxmFuzCdnG7omBl1-1Fwk7jq0w4fIYgrKVlcOIntrMOiz28ZJc3vvmI20NNqgMkKbAkxtdcNSKY9DYeY11_MMD2wJrvHGmxzoN7K8TPGXmHJC6YkAh2TU43Vy2YkGq53ZZ3YBH5dA766GUSHe7ah2y07HaFodMK2GO-F39WLoOeaueRXif5DjC9aS-w3YJA9HcPgCI07gvVdfYl2I1sdRaKov4bG-FclblX9_hFf9tyDEI0JGW0oJVTgIhYa8fTNlErNRloS26muH7f0O3Rsu2EvON7--gQBSiBFUnd833czv0EQ2c3UTjofbilGQ3QC9I4DXoyAdRqcrtVS4SX467FQboZbLOCBa5Q3kTU7S-T2AP_23WTY2A
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FB5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNsaHsCaLYMz9Jc6LjuwPtoyAmAwAAAAAOAHgBAI&bg=!8POl87fNAAZLnZBaS507ACkAdvg8WvWeeGgOOQRcYiAFPKHLtR6sqJhLXlP9YIZiWf1VVzHd4TjiwQIAAANGUgAAAJRoAQeZAl3Hz9k9My9BxSDPf5tQlqtEdaRf5fQExNUKRlz6gk92nvoEhriFUAssbKPtLmLyY-wJjcAqVDPKVfXQ6d1UiXrj9zyPn1nEtqod8sy4U23XPPLm01_ZgCord3Wy75ULiJb3ba2v44bW1ySrXKpGxSAKdkfD0TA-BnGeLY2wdkimosm_2DZIC_PIiIgQYbaOjYIpsCqEqpSdB2Ut0vVK-t4T_vjL5G_BDXvsy7huCUKIOhDuczIjHEYiG2CrW-wNwiW8ThNWAafLiN1Sh-20P1EmUlQav-oPv717HCAW92zJwTXCVmPYPDMhXxNIi2j_RfIVoYOFUIefPn5wVT4viE9BCh5S1aPNC1_mc80OT5B0WuhCKe4yy8Md35b5SXDmcNUinSTABlk8YRjbFeCrI8l0zGpF27Y37xg-9Bdiu_Cx9z6RCF3u3IIs3abp4RZlqkW4eC6liu3-Xg-oXXS04eHQc2TC6dO7MMOJt5HtI3dpZBg7GHmy1qJ4ja18oBRhiQ6lJCO21iFbNSB55aXDqxQ_oJRp3WuAdLHwYkeWmAxRLBkXt_9kVNdbmRMQSEptz756jaKQkItpFxavTZGSdzETY6BeUYoj29PqpWSHiJPrhopW_WgoNk_HfrpF6ZNUXcDUKBk3_QCV8HrkbSAe8zpr16aHZ1RrykD0Y4CK562AgwVrOOd2v04Uow9nVubsuEKA3qKhDnaa54rvQYgOzE6OYtNJcVVPlNmBuZ5F94lsVxjeWbDDheMvDrmiTa7C83Qng1jMzxN4Ic2-gbg-B4JDumCd_AMl1-AGYIur4w
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1BW-sCaLYPDwLe-T7_UP-eSwmAcAAAAAOAHgBAI&bg=!-vml-b3NAAZLnZBaS507ACkAdvg8WkIAf026xGONi8erLNmRbmp2uChjz4WgO_gsmz5BdSz6QF-VmgIAAANDUgAAAJNoAQcKAKxCXgn6laoyMkDhLU94ERy4vD94_Dy_epqwYLKYCHZgPxbXFvAWA3Sxsp3vLFWYhB-SMu5fr6QteLQEYPl7HtC1VFQPc_0RSi7SixCBsWhGEvS1w9PQf73NshhbdJ6GlmwobcX4v6LOnulPpIiZmO-FbqDt2a2bJuie9adT4CbuyOthfGKQ8S6tzmy12L9B-mbqjz6EYBtMNd6hLdDETi-AIEF7ZvBDnpEl8Y-OmQJoc8DVL0c40Z7KCFuxr2v26Z67mJGdIcyeBQ_Z6cRyAbSOPXgYAudG8oIVd2xn4vPMKXhy2PNdSBLAIOcQ5ZZWnq7dsla_dMvHv3f6idPo2C5wGEHAh9wxZJfcU4v942RxZtxGrfhc5Xt-JzFZu9TitZlqR9zK4rlBJBiHVuLdVv5CNmV3VxQFI5jMOUu_RJwYOa8C_IkY_1jxqhB_-kho9MNuJHMh-OEMEIWLtkMoXVkAtKAj6DFkNnR4xYT8ik94-BeLpE7jNIXSWxx6NQ7cPKFjglWQN2AKvPO0BGEzyJiZ63kccfWcvETqz9zd-u62xKEZiKiyCG48pbWm0hjCDrqBq6MNcoeETZhekstaOJ6B7hqXmuFW4zfIgMTofiK1pKIu4AGZnFsCejEco9WLazQ_y72HP5vWxerb4PKf5AhuiPAqe9lV6nAdWotBNdpRdOtHcc_S2w3TqG8qGjA_AkIeXs5SCKOTPmneHilSxiXyUefk2m_SS215Oe48H4dbwnWJivpBokreuZduO17NzIxqrdGsD5GslWeWGDE-dP0RkH8ZIMzZnsPnqF7qvP7C4pUwt4Nb50MN4kGxapdI3605qhlg-Qu26hRTj_6FA3ti9VVeQM1tOyMLQqR6Q3Ms7fSqPKEy4QKWCXQjynvjYD8BbIQlJACihStu-0-qEyDTusur17qs_jOfpolw4wey_Tro5Yk99m98dxjATlul60CY0IFnvzR7NvTBK-iiv7caeHqDa2Ekm8hQ7cz1IHUxF_FdpFn4PWjISLR_XYGFwqQO_Z48ZtMSQMhE4JvhcUiC1wK50U18Cw
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A199 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuQUlsCaLYN-QNdGO7_UP_sS-iAgAAAAAOAHgBAI&bg=!ExClEFTNAAZLnZBaS507ACkAdvg8Wk0BaXM9MxBzTr6W40LOsuJlop8eZJQPaaqAj9toEde_OQ6lEgIAAANIUgAAAI1oAQcKAFKta-FRDjRz013XrzKiUzUdAHAoCapbpKiN8-3CltWBH_h-Pp394ODL7ei1IkuSokZ89TL2jEUgrC-xIWmmqLatpWAKrThEJFTXZLp2YNTxC4NnmQJyg17sloYzj8VdqL6GmO5ZpE_EtJpKJJQb5yx6aH0LN2sXgBa48SM8ziLTi1z4kgp6s19mx2pOO1TyIGnRo8gNlCpPyxQLwlwxM9IZ44BOk9nMhgjit1P_y_Zxvx1x7bBqjwWbuoC3sa_LUs-px4K1sLbLMB6-WNFJCCJ5NPsrpiUzw6L4d9Jcg4SEyZ1yT7aRjpROYyjUkkj_VduoPqGZpd67lmrL4Xy20Jptc3tvDyCFGEXSNiKT16Y9tY0ZZXl4pZgYPLaStczSx-lfkReFZ8wLyUMxYM8m-8BORyOw0c-GDLwXg51Y1ZJEcqDAokIWY3FULgBhXUjHym0iw8wV4nI2ZRJVH3LMQoj3ed6bm4s4eONfKy6xhmo6n8Msua9DMKTYCJWF2YI2fN0oeaguqtAC6AV8Oj9X-05dXOvauScURrh0zldoF3H1nC5QvFT_t6xj5L6rI2LhgeyKN7EEKSWJQzSAvl1nT6Yo9bMUq3Weo4ekfFniUX9sCUNuONxaKk8Z0bcTRPSPmAqZkHEQb9trx-aGTSW0AiTY51fno1jcBGCg2UNs6qDDyiY2jy0XYfBi2m7tLO6mwqtFi_Ni3TReY_t8DEYQHCnr2fcqRnkLTyg5XY2vyM_3Nj9HN2DiU3bpzRn5SW264Wq2FF8mkvPwnEfRxh5wwLApcwHz5P9f4czwzJAYwTwauvKXtalO4m_VtqS31QH1xwVtQE294ZxNSgiF9W1wuOyT7WhYjxIx14QqV7v3nDJWfdnPYRToahZFkE-jifPn_Ydl_ySyQAdehR5q_kDaVXNYyf3HvlhpcVNH6rv3fmvlKJlbM-6nLNM
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD8E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW4WvsSaLYKSRApD23wPfiJzYDwAAAAA4AeAEAg&bg=!sbKlsvbNAAZLnZBaS507ACkAdvg8WjnSsruFGXi4BcwosV8ea6EP-4HCQ-z-Txx_WSYH4K6Ig2O3rwIAAAM8UgAAAI5oAQeZAl61eEEJW-R5IdObLtjj_IT9nJfxGXShLAIarrZsmN7Z63Hnht6hFc2Gsx8fnEXEKGh59ZlJ4qpmq93ecmATHxi-J7SWtNfjU-o6feIIAOz1WnrOuA8Up9NUD_W3dYhERCOcPvzIUkNg7NTjFyMxKUuElk65WNyXcGgQ_1R62vkx-sBn9OPBgGn9u-DhTBuFvhHexvnylz4oiHE_aSX4c6L30T5U4B6TsCNeQGZRDo270gdNBuTjbO7_Lu9BEjlmTdT3cVmpydrmCZvrbrXrgcqlVJKTHUUgHiVZT49zDSH3i2uhmHblU9HnvU4SXovLpkE2XdlAd2BecVRzdWoZmF-WP9axAwJaXPdsoZEJcZvREjk3lg8SJSIl4-S9DLZniuqximqu-W2eA4EGJQ22my_4WSsFEFTrA_Ef-S9F6F-eFynLomtH2QTJurmeBNkVr3TY4fw8h7ISlqEl7DH1TmmT2QEikpnkZNIY6vOBwuz62TJI71zHkoKUoIJttYkiAajZrQHKtPCb5DGkgy1xTuOF071W2g9GDi8zYJFuHkcpSrraC9GJUt8eU07pDu3iOIRS1ZwMW9HWbWL1POke7Os0pwSl0dvz8fCnrlc7gghpdzqN9KTrc9n1gl6mb-zbo7oDe2K8U6vT-KKKFGyGwex-AGy6W4xr9ker04zRzzA1fQLvskI_YHUn6FH0HOHFmfljZZAw0h3QOQENGxHEUDFf4DffKHqyeF_EdCOc7f7YJzrLQVtXm3Pd9Rr4oecCe-55JVOZRwTtxIL5mV-GDcWqvzximqJL2rHZ3bWcvk8
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FCC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdA7RsCaLYMfQForH7_UP3eW4gAsAAAAAOAHgBAI&bg=!4OOl46fNAAZLnZBaS507ACkAdvg8WiIMwRKSiz0_p2F1K9edQoxV36Sz3bQZZLNgxS-PrI8M6TYWSQIAAAM5UgAAAI1oAQcKAA5uznudU8wlRjNmD0mfR5kCaswEgWX3NlzW65lMyJFML8fd53HE-I2eUQkD48Aq8Uy0XUv8Cmovd931OSV54TVciwPNIAQdYNmRQNwLUMaTqv6QO2q1SH4z9yWc5sqH07HPvjd2MqtMrKMUKeWG2R8Wjam6I8LwRgLb_TF5JA3YJOiOWG348ZzY2WnoyQEsGt7PV82SnDiqtUYzBksrB2nYVJ5xjgZ3ZlNsXsCdVzlKrjQ9FEf_a6Jv1gTFCyPTA7B96WBs5ohvyllypX-p8RuxwDV1G1wgOp1TvG8e_OvTR2vVj_xPNpPFC9Raj9bvXmkCV4sNGdUjZeKIewLZZBYZCVpQKNr4TqZGAfMhp60-9jVHXFg0bJbfoeLzIBqAOfn_8n6rcOOVDwjP_oVETfCq_m71v4GoSo8mgViwZSAzdiJ2NVyP_SI3jxnHuqQTbMrSMUXiWE-t6bstJQBF-DtQ2ghY66Qik2-D4Q_3kNdlgm-kYyPuBkEBr2fgX9FpNoiA8JxzvBuKr9TJJpWrF0uALhiVv_GKtyiNrySiEzNijszovEaMsBjwtRyHA5IZgCEGK0dwSCek641gZ8cx45exAtpDHoKlX4ITCIjGgZ-xXXs-O-L3SmwNEYegEUMVT32CKiVVbnS0NKDPnOj3WhMp61arC83wRnM-FPbQNkx3JPJUF9QPSK1CQsUT0rEu_5gh7b9Aq_Fnw9jPuFWtEJX3Pg4jyj7mg22BeQ6TZVQkAEbzESuwS1EUmGLghMt-tszdRXa61QA6u9NwUfsSNZMcUOq5tosuxcSe124YqeFXtVrtzGGBSNkmJ76c7RCiGBIPx-3t9j4OoMGcgg
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 66C2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaANgsCaLYM6HHo2V3wPVxY-gCwAAAAA4AeAEAg&bg=!bm2lbSnNAAZLnZBaS507ACkAdvg8WvrOOr8HXoRR6jcAIzffJDngROydJjYVQO-JMf6uhrGSOewgQwIAAAO3UgAAAH1oAQcKAMqjhxM7Y8y3SuIG9hv2LAAMdzx7EsGOEfKESN7wSNWAHr9PrS2aJCqHVnygJdp7UIo2eREUMnA5fxG2BKQugTJ7AcF3BFpbA8-1qmZglDTzPcnw9yY7O00a86nV9K3-Ees6r-Tz3sNABdFYynouAopAjNJkG4PFtQ4fLOVvD1euKsi2Of2zbPTAKczYAH-tzWcvCWEiuUQMvsjRt1LRqq3SyCE6fyWUUOxpsX1yuIsgG_ki1ej-gWpbtlvpX_4PSrWlomZZfBzDUDKsmQJs-_oLpYiIIz95x6OPRPczJ1AyLdxAkBPrPssEcEsWV5Kxj7MnsNCF-KqzlhNfIg-8heHRrNFAXCRQZuLH_s3OCL8DgbIyAMszcUziFQx0NwBiU7gIDfFp_btOWCQ2jC6mAy761ggLM2rPEpQuK5N8URuHEtEEcx4HdXdI6DpmZ_9Xv0FoZAnGzZf4xazSavpE-iQDOl33TcGUKMehN0WeXDfvKpG551ipWIkGlH7IWYSOFjHwtTsf24OczbCMcPPNtFLz46hoiUhW4IYY8PbDmC8jjwKWWHo3j2OjF4EsSs-d-oTdwtedkZa-31EHk7T7OmeNm8_3ckKsROhJfWBe91HLQKAGF8zrfUoycPl0zvqy1v8pCcv1J7MjQ_D31h6D9n8yR2Ut7_CXqjKvP7gJnj2WZHCSRpA9YiXWqnSdCr6BdUI38oy7m5_0K3SJSh7V31AGnJH30vlOqjwrHuNzagFMjKsW1AoVd_iTtdiORSaHUrKROvePc0BdHvgAV1sByIE2x2siZCKWpT0vQYwazdZwTEV36l-2atH3r8MnGgP9S9MAgJuhq7ml2pC312pVZ7z95LTNmOFn8b60EKsc2JJOSG_L-ONEmYTUmLTxr6dLc0byX39Si4t47zr11YMCBOvJYkfs6exO2jOjHoPVCMRb5FofLerjhhlRHsS_cXUNC1N-RK2lJdDKKHwl2xBLcTslJV2vJvG2hNr-DXkeQYEzJ2nO8arDvoEiMF-TiWUOsbKqbJdu71UPJK1NDfIH2o4EdWifZS2httBVe6oCf9pBdielbDLInAzppRlWsEg6FeqWqpaSGVD50P8
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=7756&ntv_r2=8930&ntv_r3=9228&ntv_r4=9486&ntv_pl=1114554&ntv_it
Requested by
Host: fox4kc.com
URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.219.139.115 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-139-115.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:51 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5b7190c0239b8829/ 		1 KB
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5b7190c0239b8829/_ate.track.config_resp
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffe8d407737eb90e9dcba6d5ecd4ae359e4dfea8d79254943c3d059258b9c1f2

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:51 GMT
content-encoding
gzip
etag
890303311--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=55, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
533
post.php
www.facebook.com/v2.3/plugins/ Frame ED10 		80 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
77e571c05527edc1ea1b3a422449600aeac91306fb22fddc8821e2f4f9cefc83
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
content-encoding
br
strict-transport-security
max-age=15552000; preload
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
cross-origin-opener-policy
same-origin-allow-popups
content-type
text/html; charset="utf-8"
x-fb-debug
AxGxTbnHIj36w2imiCIV8JHySO4DmfNXKaq889RTp7JnI9dYuamatFLfL3MZNBoZEDkmd+fmezEa5AR17z5Ukg==
date
Thu, 29 Apr 2021 21:35:52 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042701.js?31060934
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf84817b187b2c03e15b7b6008a81d25cc254709e694d6a05905423585430c77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 29 Apr 2021 21:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6990
x-xss-protection
0
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 29 Apr 2021 21:35:52 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 21:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 29 Apr 2021 21:35:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 856B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fox4kc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fox4kc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 29 Apr 2021 18:53:21 GMT
expires
Fri, 29 Apr 2022 18:53:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9751
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
pagead2.googlesyndication.com/bg/ Frame 856B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 17:47:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 15:58:00 GMT
server
sffe
age
13702
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
expires
Fri, 29 Apr 2022 17:47:30 GMT
54798658_10157121477224253_3635582218543300608_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p40x40/ Frame ED10 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p40x40/54798658_10157121477224253_3635582218543300608_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=jshum1JYB4MAX8GUfag&_nc_ht=scontent-frx5-1.xx&tp=27&oh=bc81f6adb2b5218c6c03b6e43d10ef28&oe=60B06926
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
085601c2e3db9a3b89a922b774ee152280779647790f7b1c575ff76b8bb00d68

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2460216711
date
Thu, 29 Apr 2021 21:35:52 GMT
x-fb-trip-id
917726464
last-modified
Tue, 26 Mar 2019 20:40:48 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1941783785
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1246
afk-8279vNB.png
www.facebook.com/rsrc.php/v3/yM/r/ Frame ED10 		522 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yM/r/afk-8279vNB.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b27e8c5823c90a3d22394ca95e0f70c935fc02b610f9f04447b87b3d4908c5b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
2aBQ3aUBK9E9/EKzI9YM69yBHl14q6h0PZq3O8RbrWQjjtPcAteK0ZNZJDLzPwRA0z5xALeMtSn9HjndZG/xKQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
3F2V8DkEuvPJ1AB5Ik0Jig==
date
Tue, 20 Apr 2021 00:45:18 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
522
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 00:45:18 GMT
179642220_10159198787774253_6542837725221012939_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p350x350/ Frame ED10 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p350x350/179642220_10159198787774253_6542837725221012939_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=8024bb&_nc_ohc=D5czIPRVascAX_N-W4j&_nc_ht=scontent-frx5-1.xx&tp=6&oh=e2df6fb0c666026c0e0c4e023960799f&oe=60B16DC4
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a8079f8ffce29139148c1266e7cff7b54cf488f3dcd5093b27382ecb3cd32

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
4276911172
date
Thu, 29 Apr 2021 21:35:52 GMT
x-fb-trip-id
917726464
last-modified
Tue, 27 Apr 2021 15:01:26 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3386705902
x-fb-config-version-olb-prod
1088
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
26904
OJ9vHp8_VCm.js
www.facebook.com/rsrc.php/v3i9744/yR/l/en_US/ Frame ED10 		730 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3i9744/yR/l/en_US/OJ9vHp8_VCm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74ba53e559aad4cd97d76d532878492efcee908cab0c2d1a6907f5cfd9ffea0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 23:37:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kKQYVlM6dnP1oIano3LxQw==
cross-origin-resource-policy
cross-origin
content-length
189118
x-fb-rlafr
0
x-fb-debug
oWFhGUqt794taGxOeN9LrCJAs255YVswDgvKzO8Cs31UdTvOvud80/7dMYZICryAkafgWC26S2e2pb8eZdOhyA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Apr 2022 23:37:17 GMT
qGoWo6gBwwP.png
www.facebook.com/rsrc.php/v3/yy/r/ Frame ED10 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
DfbpoHVBs/gSFGG+0TYywiTIMQEYvIYxQBOv1qVqZwC+sPiDFDFwGjPZ6DQSPqcc9x9QANKmSIynw7DpUWRXsA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
iN31dShDArRt9ZikrDb13w==
date
Mon, 26 Apr 2021 10:25:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
2616
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Tue, 26 Apr 2022 10:25:46 GMT
2764.png
www.facebook.com/images/emoji.php/v9/t6c/1/16/ Frame ED10 		436 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/images/emoji.php/v9/t6c/1/16/2764.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d2c7c5dd5a210855e87667cf7cf52cde6b9d39c68408fcdbbaf3788a5fe2f90c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
DZ3QjvpDLhRvW3Kgyh4UzqTuWf0AEN4XuGCDD2NenrIPw14RwgbAZ1qpi5qesHtQIRzR3h6uOqdhE47MWsaxhA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
vfHv65zRFlbw48sCXIpbfw==
date
Tue, 20 Apr 2021 02:38:43 GMT
strict-transport-security
max-age=15552000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
436
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 02:38:43 GMT
L0hsXTmQDMQ.png
www.facebook.com/rsrc.php/v3/yx/r/ Frame ED10 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yx/r/L0hsXTmQDMQ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
BjDfBsgXeqO1SP93yy9p/05EcGDTmURyylRNc8kyjs0m59YCOsl5GHUHv22UuK3pk/TbHZnmSB5mBX/SYe6C/A==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
CTfFh11siKPUBP61de0FYg==
date
Wed, 21 Apr 2021 19:20:55 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
2023
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Thu, 21 Apr 2022 19:20:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042701&jk=2708290412864603&bg=!ysmlyY3NAAZLnZBaS507ACkAdvg8Wu6FyhZTtV50MmQXYoIW7I818BUrgURYQdcq2Hjvq6DWaqda1wIAAABXUgAAAA5oAQcKAGeAYlPcg8mDeP3uVm30oAc5n_kiaWOtq2VTI3VzZfWRJNSpdxEMYAFwSI5SgfTtAi8hkAng5FpR8HQNHoRBFo5toANamWBtk8B4O9LqZvhF6vkgRGkQOG-g5miHDgYe42xhppzpG6VqmQIigwDhxTZ3ETHOMJFA8gHuOHbsTMAcoHxkZEOiZ90HrtbHNlZ3PYqtX46MZ-ptF7uZNCzxBQl31qLxdA0NvhZIJM6KDrR8RI6e43y8uqIR3j6OPNIoee_SKh3SKcvcmFfSZIAXyyjw3zRWnakyURH4SLgglY6VkNvNLiyWjlviSxyILgCYybCZxzX_4Hh_dBIWHoRTE2APT8GuxvGicEFSppCPmer5j9gfWfm1KGgm2XzOatQa-fE-tUz0NDc6j_1rdqJUD6UPUUN03mkbwQeFzR9zHETCHRE3pUASVrWVirneCPZaghTUyFLSd0GhTqCKqBog4xcOPabNDXAgKR1zxBCpXRMGkNcQEz4dOqD2VB5zJ_mTdDURS8UdjKOJ82GlKTXDE4NBE3rURyeCKGMdSiEoTPQl3anzEddugzmO-BFUvhFWh3EkEWqsQbABThrZUn2m9LpmYJ4TgKCU3I-s9YTNyjPR-065twaYwo22SjUc1JmDpt5Qud0rB7Oqp_XIXZ4Tgb3Rn7Q6n-ZV1_numorptS0s5ouesevHyAZ89VBhMshqVbetiH4E-FmZEnNdtoyhGoW3kcfB4c2I9C8xH4SGy8LNCidU-Bm2zh2yJlBxqI7LylvbFz9qWADWesf7G75BT33C8b438FiNlOaPz42_K5-r0hXe0HBEfXLOEjacLuQ4lzpNtTe5B2bV18Y6cV5vMy2IAhmjhRdL_jgBXnAO
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame ED10 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619732152148&t_start=1619732152148&t_domcontent=1619732152154&t_layout=1619732152218&t_onload=1619732152218&t_paint=1619732152218&t_creport=1619732152218&t_tti=1619732152154&lid=6956696622515115194-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.3/plugins/post.php?app_id=249643311490&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26c525558babc%26domain%3Dfox4kc.com%26origin%3Dhttps%253A%252F%252Ffox4kc.com%252Ff3d3cd5c32211f%26relation%3Dparent.parent&container_width=876&href=https%3A%2F%2Fwww.facebook.com%2Fchipotle%2Fposts%2F10159198788319253&locale=en_US&sdk=joey&width=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Vo48qxEQUnLDshd5Lmn+7wxM5IcW4DxId7wmZSOhatmNfa1C9pdRq2zDOCMAaiR3/TZaNff8PK/HMDJ5ak7Kkw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 29 Apr 2021 21:35:52 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
197.f40f0b8442ffcba47a35.js
s7.addthis.com/static/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/197.f40f0b8442ffcba47a35.js
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
2be26b2e7ea57676a49e6af3c8624a919d4e4967fbd709703c1e5c76ab7adc40
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-7a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 29 Apr 2021 21:35:52 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
755
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame AD3A 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a60331c6fb3a2eef23e7c1e44f7ee6bf41f4f2f96b99757d8bc845b3a807b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 00:11:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:33 GMT
server
sffe
age
77038
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17976
x-xss-protection
0
expires
Fri, 29 Apr 2022 00:11:55 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 13A7 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a60331c6fb3a2eef23e7c1e44f7ee6bf41f4f2f96b99757d8bc845b3a807b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 00:11:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:33 GMT
server
sffe
age
77038
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17976
x-xss-protection
0
expires
Fri, 29 Apr 2022 00:11:55 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 8317 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a60331c6fb3a2eef23e7c1e44f7ee6bf41f4f2f96b99757d8bc845b3a807b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 00:11:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:33 GMT
server
sffe
age
77038
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17976
x-xss-protection
0
expires
Fri, 29 Apr 2022 00:11:55 GMT
zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 2FFB 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:700&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a60331c6fb3a2eef23e7c1e44f7ee6bf41f4f2f96b99757d8bc845b3a807b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 00:11:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:33 GMT
server
sffe
age
77038
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17976
x-xss-protection
0
expires
Fri, 29 Apr 2022 00:11:55 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame AD3A 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0792d5285778bb59de16512d07ace9d728a161c5006148717d9eea6223ebf84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 05:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:10:35 GMT
server
sffe
age
488247
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18912
x-xss-protection
0
expires
Sun, 24 Apr 2022 05:58:27 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 8317 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0792d5285778bb59de16512d07ace9d728a161c5006148717d9eea6223ebf84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 05:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:10:35 GMT
server
sffe
age
488248
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18912
x-xss-protection
0
expires
Sun, 24 Apr 2022 05:58:27 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 2FFB 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0792d5285778bb59de16512d07ace9d728a161c5006148717d9eea6223ebf84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 05:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:10:35 GMT
server
sffe
age
488248
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18912
x-xss-protection
0
expires
Sun, 24 Apr 2022 05:58:27 GMT
zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ Frame 13A7 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:600&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0792d5285778bb59de16512d07ace9d728a161c5006148717d9eea6223ebf84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 05:58:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:10:35 GMT
server
sffe
age
488248
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18912
x-xss-protection
0
expires
Sun, 24 Apr 2022 05:58:27 GMT
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=fox4kc.com&p=%2Fnmw%2Fnews%2Fchipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one%2F&u=RLzxOBmLY0IZB1qT&d=nxsttv.com&g=23192&g0=News&g1=Nexstar%20Media%20Wire&n=1&f=00001&c=0.25&x=0&m=0&y=9613&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1489&t=D3jcHIgQ0SgDKz9imtZuvjB_vwU1&V=126&tz=-120&sn=2&sv=BgbctnBsM6vhI5YWqDomGjGBlTHok&sd=1&im=064b0c5f&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.178.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-178-4.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
dc_oe=ChMIv_bEuLSk8AIVJ-67CB1jwgseEAAYACC04uZEQhMIppLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158432;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 699B 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv_bEuLSk8AIVJ-67CB1jwgseEAAYACC04uZEQhMIppLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158432;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI86TMuLSk8AIVjcV3Ch3KsgbEEAAYACD87-VGQhMIp5Ltt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158439;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DED0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI86TMuLSk8AIVjcV3Ch3KsgbEEAAYACD87-VGQhMIp5Ltt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158439;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzp_quLSk8AIVjcp3Ch3V4gO0EAAYACDg3OhEQhMIqpLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158492;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8E53 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzp_quLSk8AIVjcp3Ch3V4gO0EAAYACDg3OhEQhMIqpLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158492;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzJXyuLSk8AIVzoWDBx02BgDDEAAYACCO9eZEQhMIq5Ltt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158495;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 544A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzJXyuLSk8AIVzoWDBx02BgDDEAAYACCO9eZEQhMIq5Ltt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158495;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8Ij6uLSk8AIV78m7CB15MgxzEAAYACDZnehGQhMIrJLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158504;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B862 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8Ij6uLSk8AIV78m7CB15MgxzEAAYACDZnehGQhMIrJLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158504;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI36iBubSk8AIVUce7CB1-og-BEAAYACD87-VGQhMIrZLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158508;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0C65 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI36iBubSk8AIVUce7CB1-og-BEAAYACD87-VGQhMIrZLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158508;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5K2LubSk8AIVEPt3Ch1fBAf7EAAYACC04uZEQhMIrpLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158513;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 294B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5K2LubSk8AIVEPt3Ch1fBAf7EAAYACC04uZEQhMIrpLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158513;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIx-jiuLSk8AIViuO7CB3dMg6wEAAYACD87-VGQhMIqZLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158532;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 8955 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIx-jiuLSk8AIViuO7CB3dMg6wEAAYACD87-VGQhMIqZLtt7Sk8AIVpFzlCh0rcwOH;met=1;&timestamp=1619732158532;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 21:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
67.json
dgcbxsxpz6nta.cloudfront.net/ 		977 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dgcbxsxpz6nta.cloudfront.net/67.json
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7600:10:f35:4380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55d0a127e211a6cb13f1edd40518fbe4f4e4e463c4b98bd59f38bd4622b15142

Request headers

Referer
https://fox4kc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 19:08:49 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
8835
x-cache
Hit from cloudfront
content-length
977
last-modified
Mon, 29 Mar 2021 21:14:24 GMT
server
AmazonS3
etag
"224c8ef196cc73aaae1b4aa069738832"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=84600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
qzO5LGJIFqmGP6dUqRNV4ueE7ef8H_zRnKBOoCGU5zgrnJ-EBY3BWQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEJk86rcPLD_ZTH0QqoHf1zc&google_cver=1&google_push=AQvitUKwXZYR2t8SFGuSxG4Ck98XZ7vW-3lkACk5wFec3crR8t3YSrLBkaqey-Swgw66msv_7av9OF85mNpOfsT4RwhLSMavASqs
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEMZ5miSMybPVmERQ4HqETkg&google_cver=1&google_push=AQvitUL6zNdqQ_9H1t8YmScWw9shEFjIUV3coQ_OXDue8J40nC1Mly2prGQgN_QqtbyvRm_1vMOt2R6dveYDlpaREuOL55unlBHWXw
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEJK1LUbqwtLn3UkLNmCofaw&google_cver=1&google_push=AQvitUKC0ogyS10mu-8rLotWQOGsYCzSnsIJ6-7eS2jmh-ttgAuiJvagY2U42m-zGOE9c7dUjB2L6HudxXh-Y567B_1ZbXBlpQ

Verdicts & Comments Add Verdict or Comment

340 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| __inScopeForCCPA function| __uspapi object| utils function| captchaOnloadCallback function| addVideoPlayer function| uuid4 function| populatePage function| populateAdSlots function| populatePrivacy function| populateIdentity function| populateNXSTData object| NXSTdata object| blueConicPreListeners function| BCClass object| blueConicClient string| page_url string| cats string| bob_kw string| bob_desc string| bob_story_author string| cat_data string| bob_base string| bob_cb boolean| isHtlbidEnabled boolean| isPrebidEnabled boolean| isPrebidVideoEnabled object| prebidData string| clientID boolean| isApsEnabled object| apstag object| _sf_async_config object| googletag object| dataLayer object| OneSignal object| preloadAnvato function| loadAnvato object| SecondStreetSDK object| amScripts object| rtkcategories object| pbjs object| nexstarA9 object| nexstarPrebid undefined| $ function| jQuery object| tag function| setImmediate function| clearImmediate object| WebComponents object| ShadyCSS function| filterCSS function| filterXSS object| anvp function| AnvatoPlayer function| checkSizeClasses object| NXST_RAMPS object| sailthru_vars object| _cb_shared object| adv_id object| s boolean| __xshjryhdhjkuehd object| ggeac object| google_js_reporting_queue object| google_tag_manager object| confiant undefined| __pubTime function| getPubTime string| dayOfWeekString string| hm number| wcTemp number| wcStart number| wcEnd string| wcRange undefined| ccValue object| google_tag_data string| GoogleAnalyticsObject function| ga object| csData string| cfr object| _comscore object| el object| nSdkInstance object| nielsenMetadata object| NOLBUNDLE object| atsScript string| p505319556 number| p505319557 function| p505319558 function| p505319554 function| p505319552 function| p505319559 function| p505319535 function| p505319540 function| p505319526 function| p505319525 function| p505319523 function| p505319516 function| p505319543 function| p505319518 function| p505319507 function| oPageUnload function| p505319436 function| p505319441 number| p505319426 string| p505319427 object| p505319428 object| p505319429 boolean| p505319430 number| p505319432 number| p505319433 object| p505319454 string| p505319496 number| p505319437 object| p505319504 string| p505319472 string| p505319473 string| p505319481 object| p505319510 number| p505319511 boolean| p505319515 number| p505319517 boolean| p505319519 boolean| p505319545 boolean| p505319544 boolean| oAudienceListenerEnabled_ object| p505319521 string| oDevice string| oParentHostname_ string| oParentPathname_ boolean| p505319522 boolean| p505319524 number| p505319539 boolean| p505319541 number| p505319542 object| p505319531 object| oAdSlots_ object| otkjs function| p505319434 string| p505319435 boolean| p505319503 boolean| p505319483 object| p505319482 string| p505319501 number| p505319485 object| opbjs object| oaudLibjs number| p505319484 object| jpfbembed function| fbAsyncInit function| Cookies object| hurrytimer_ajax_object function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| HurrytimerAction function| _typeof function| HurrytimerCampaign object| lakana object| nexstar object| nsApiSettings object| weatherAlerts object| wpJsonpNxsApp object| wpApiSettings object| wp object| core object| fastdom function| sprintf function| vsprintf boolean| walesHasMessages object| addthis_config object| addthis_share number| anvatofloatCount object| anvatoUnfloatTrigger string| anvatoVideoTitle string| anvatoVideoAssetId object| _stq object| ua_result object| revcontent function| revCriteoRTUSCallback function| renderRCWidget function| st_go function| linktracker_init object| wpcom object| setDateValue object| _f0d16886-0300-4694-9b7b-37da481f4449 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| _cbm function| pbjsChunk object| _pbjsGlobals object| Sailthru object| gaplugins function| anvatoListener object| anvpData object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| p505319509 object| oDv number| p505319438 string| oUrl_ object| FB boolean| apstagLOADED function| udm_ object| ns_p object| COMSCORE undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| regeneratorRuntime object| ats number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| __@@##MUH object| gaGlobal object| gaData number| oIndex4_ number| p505319453 object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| addLoadEvent function| generateUUID function| getCookie function| setCookie object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| bc_json1023 undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| justDetectAdblock function| BlueConicEngagement function| FormRuleService function| RuleService object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtil object| jsonpath string| _contentURL string| _title object| bc_json1024 object| GoogleGcLKhOms object| google_image_requests boolean| msgData object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

12 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6171827806238432927
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-2919fc60-ade0-4564-ab0b-d5a4d241a4ba&KRTB&22918-2919fc60-ade0-4564-ab0b-d5a4d241a4ba&KRTB&23031-2919fc60-ade0-4564-ab0b-d5a4d241a4ba
.pubmatic.com/ Name: PugT
Value: 1619732148
fox4kc.com/ Name: __atuvc
Value: 1%7C17
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1934972794013617698&KRTB&23263-1934972794013617698
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yieldmo.com/ Name: yieldmo_id
Value: g690e87a7463d7d3e165%7C1619732151237%7C0%7C
fox4kc.com/ Name: __atuvs
Value: 608b26ad12f6f37f000
fox4kc.com/ Name: sailthru_pageviews
Value: 1
fox4kc.com/ Name: BCZoneID
Value: LB-Zone-2
fox4kc.com/ Name: BCSessionID
Value: 762bbc37-f800-4ac7-9756-07862ae78f51

27 Console Messages

Source Level URL
Text
console-api log URL: https://ccpa.psg.nexstardigital.net/site/fox4kc?perf=jsmin(Line 11)
Message:
cookieString = usprivacy=1---; expires=Fri, 29 Apr 2022 21:35:41 GMT; path=/; domain=.fox4kc.com; samesite=lax
console-api log URL: https://fox4kc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'articleListCarousel' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'articleListCarousel' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'articleListTabs' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'articleListTabs' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'photoGalleryCarousel' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'photoGalleryCarousel' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'videoPlaylistFactory' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'videoPlaylistFactory' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'videoPlaylist' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'videoPlaylist' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'weatherCurrent' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'weatherCurrent' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'weatherTimeline' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'weatherTimeline' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/wp-content/themes/nexstar/client/build/js/common.chunk.min.js?ver=59c9ea7651edc4e44f08(Line 64)
Message:
Component 'weatherTabs' does not exist or is configured incorrectly. Check this component's config to ensure this component has a configuration object. Also, verify the 'weatherTabs' class extends the core component class located in client/js/site/Component.js
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-billboard1-billboard1, isEmpty: false, size: 728,90, adUnitPath: /5678/nx.wdaf/news, position: billboard1, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-leader_mr3-leader_mr3, isEmpty: false, size: 728,90, adUnitPath: /5678/nx.wdaf/news, position: leader_mr3, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-leader_mr1-leader_mr1-story-pages, isEmpty: false, size: 728,90, adUnitPath: /5678/nx.wdaf/news, position: leader_mr1, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-leader_mr2-leader_mr2, isEmpty: false, size: 728,90, adUnitPath: /5678/nx.wdaf/news, position: leader_mr2, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-mr_combo1-mr_combo1, isEmpty: false, size: 300,600, adUnitPath: /5678/nx.wdaf/news, position: mr_combo1, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-mr1-mr1, isEmpty: false, size: 300,250, adUnitPath: /5678/nx.wdaf/news, position: mr1, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-mr_combo2-mr_combo2, isEmpty: false, size: 300,600, adUnitPath: /5678/nx.wdaf/news, position: mr_combo2, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-leaderboard3-leaderboard3, isEmpty: false, size: 728,90, adUnitPath: /5678/nx.wdaf/news, position: leaderboard3, }
console-api info URL: https://fox4kc.com/news/chipotle-giving-free-burritos-to-health-care-workers-heres-how-to-get-one/(Line 3362)
Message:
AD SLOT RENDERED { containerId: acm-ad-tag-adhesion-adhesion, isEmpty: false, size: 728,90, adUnitPath: /5678/nx.wdaf/news, position: adhesion, }
console-api log URL: https://d1bvk193qme2fc.cloudfront.net/script.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://d1bvk193qme2fc.cloudfront.net/script.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733166/20210408075940073/index.html?e=69&leftOffset=0&topOffset=0&c=ihqp7ae4Da&t=1&renderingType=2(Line 353)
Message:
HAAAALOOOOOOOOO!
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=OX1rRGTqZ0&t=1&renderingType=2(Line 362)
Message:
HAAAALOOOOOOOOO!
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=NVRvmTIGy4&t=1&renderingType=2(Line 362)
Message:
HAAAALOOOOOOOOO!
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61733214/20210408075937168/index.html?e=69&leftOffset=0&topOffset=0&c=0hCT7IWvKz&t=1&renderingType=2(Line 362)
Message:
HAAAALOOOOOOOOO!
console-api info URL: https://fox4kc.com/wp-content/plugins/sailthru-widget/js/tag.js?ver=5.6.2(Line 2)
Message:
Sailthru onsite JS is loaded. Initializing Sailthru...

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56ae8e4ce5705cdbdd8721a8dbdf0343.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.lkqd.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.avads.net
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ch
adservice.google.com
adservices.brandcdn.com
ak.sail-horizon.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
assets.revcontent.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
blue.fox4kc.com
bob.dmpxs.com
c.amazon-adsystem.com
c1.adform.net
cc.adingo.jp
ccpa.psg.nexstardigital.net
cdn-gl.imrworldwide.com
cdn.blueconic.net
cdn.onesignal.com
cdn.revcontent.com
ce.lijit.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
code.createjs.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
cs.media.net
d15kdpgjg3unno.cloudfront.net
d1bvk193qme2fc.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dgcbxsxpz6nta.cloudfront.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
evbrhuvkwtis8r5qk6dfliicscirv1619732141.nuid.imrworldwide.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fox4kc.com
gcm.ctnsnet.com
geo.privacymanager.io
global.imrworldwide.com
google-sync.rutarget.ru
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
headerbidding.staqdata.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
includemodal.com
includemodal.global.ssl.fastly.net
insight.adsrvr.org
jadserve.postrelease.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
nep.advangelists.com
nexstar.blueconic.net
nxstrib.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
protected-by.clarium.io
r.scoota.co
r.turn.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s-jsonp.moatads.com
s.ad.smaato.net
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
scontent-frx5-1.xx.fbcdn.net
secure-dcr.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sm.rtb.mts.ru
sqs.us-east-1.amazonaws.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tag.brandcdn.com
tech.rtb.mts.ru
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking.m6r.eu
trends.revcontent.com
tru.am
u.openx.net
uipglob.semasio.net
um.simpli.fi
um.wbtrk.net
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
visitor.fiftyt.com
w3.cdn.anvato.net
weather.psg.nexstardigital.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
google2waycm.netmng.com
sync.adaptv.advertising.com
um.wbtrk.net
104.109.85.134
104.111.230.142
104.111.237.88
104.111.242.245
124.146.215.44
13.224.105.229
13.224.106.129
13.224.106.48
13.224.115.202
139.162.78.222
142.250.184.226
142.250.185.66
142.250.185.98
142.250.186.130
142.250.186.34
151.101.113.194
151.101.13.194
151.101.14.49
151.101.194.133
151.139.128.11
159.253.128.183
169.197.150.7
178.162.133.149
18.156.0.31
18.158.181.33
18.159.2.174
18.195.155.181
184.169.253.10
184.25.115.31
185.184.8.30
185.29.133.58
185.64.189.110
185.64.189.115
185.64.190.106
185.86.139.114
185.86.139.93
185.94.180.125
192.0.66.128
192.0.76.3
193.0.160.128
193.122.130.38
198.148.27.140
2.18.233.180
2.18.234.163
2.18.234.21
2.18.234.233
2.18.235.40
2.18.235.93
2001:678:cb4:bbbb::11
213.155.156.183
213.19.147.44
213.19.162.21
213.87.44.207
217.66.147.166
2600:1f18:612b:4264:7c39:f94b:b1fb:416c
2600:9000:2057:c000:d:77c3:2dc0:21
2600:9000:206f:7600:10:f35:4380:21
2600:9000:206f:800:11:b309:9100:21
2600:9000:20c8:1e00:2:42d9:3100:93a1
2600:9000:20c8:4800:1d:667e:2a40:93a1
2600:9000:20c8:e00:5:82fd:2500:21
2600:9000:20e8:2400:18:1fcd:34e:d2a1
2600:9000:20e8:400:7:e536:8b00:93a1
2600:9000:20e8:be00:0:70b1:7080:93a1
2600:9000:211e:3000:19:f03c:7200:21
2600:9000:211e:8600:15:4f24:a700:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:bd1
2606:4700:20::ac43:4af5
2606:4700::6812:d05
2606:4700::6812:e134
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:400c:c0a::9b
2a02:2638::1c
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::714
3.121.70.57
3.124.33.142
3.141.126.26
3.222.149.159
3.225.15.51
3.236.169.17
34.107.241.86
34.196.186.87
34.197.178.4
34.248.121.96
34.95.69.49
34.98.64.218
35.157.48.14
35.186.193.173
35.201.96.126
35.205.207.25
35.227.252.103
35.241.40.69
37.157.4.29
37.252.172.45
37.252.173.38
52.17.35.107
52.28.254.214
52.28.69.126
52.30.135.179
52.30.148.233
52.48.137.92
52.48.151.83
52.58.26.10
52.95.123.167
54.194.104.251
54.210.4.204
54.219.139.115
54.220.146.206
54.246.217.185
54.64.53.220
54.76.217.27
65.9.66.21
65.9.66.71
66.155.71.25
69.173.144.138
69.173.144.139
69.173.144.165
70.42.32.127
70.42.32.31
72.21.206.140
72.251.249.14
72.251.249.9
76.223.111.131
77.243.60.138
80.64.106.149
85.114.159.118
99.84.144.107
99.84.144.63
99.84.144.7
99.84.144.89
99.86.2.118
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
027ebb5662706704aa7661aaed3fa22cd075e3dd0691e5bb2583d3663ebf1d60
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03224f7605d6233bd87b1c435700ce4e07a9770f969f9d3ef1b15c6663292c63
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04706c70137f8b723abb6e39fe8cecc235bc0086061d7556a4eb17175ec2bf4d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e5450622ae6de63870c215e3858d451c7d2258493bd74b57d4f38fe5c6f33e
0792d5285778bb59de16512d07ace9d728a161c5006148717d9eea6223ebf84b
085601c2e3db9a3b89a922b774ee152280779647790f7b1c575ff76b8bb00d68
08e40106bad5ada2c81135c2dfd04bca6bfaae98072fe07fa513008b0940aeac
0a9662df7b184e695b7a3690b153e30acb42c1d2faf8d5f59b49a45a64aab925
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e2aa5242a32efc04cdbc92e34fec31555cc0f6a9666cca6ed287b030be06621
0e34feaf346530ba9bede942aa43bfc51f20183bf7c90157e4ef173c3350fafe
0eb34746be7e7b75adc7a6ec51bb47aa475abff8b4f535190c8c3149589d5278
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f9bb00d2da59e4b5a6bbdcdd35af029d9ff65db52a2dc55e15f3747d19dc180
10759b9f3fce53cb34a2f81b0184ff6eeeca4ac9be75568c5d13ec22b4a8d5f8
110a28da5e8bfc47e12c9149a2ac5c7d17db09e599a2725ec413b2a51c1a57f9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14abc3181b1130b7a64b8364ee7a954a468fa2e2d5addad559ae7ec006acf021
14c6a15b8e192ef6d1e48e6e836e3d7bdd2af9cdb2f7bbb0650ec8cc14e3f762
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
15c9ebdf33fd00cf70ff59fbba60a5a1215324165e27642d57b23f3dfe185a4c
15cd3978b3f866e18ad230ac3a154d67c736cdc8b67d090d957bec14668a372d
15dd736eff62a4c9e537fd9e1b7d1a8102157106917ee4b7fc0fafa8e89a696c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a60331c6fb3a2eef23e7c1e44f7ee6bf41f4f2f96b99757d8bc845b3a807b7d
1a62a50741963e587d42b905ce9f22c55a19453096d308c5cdbc5762ded77c27
1ad91658b329dd263a96b53c40da95f91f20d423f4141164602ca082cbba02e3
1ae1810e79aa302cb0cfe9a338dd7ced6366750a86ab18763771833fe6ee653a
1ae1aca6f917e2299da77c45f88e606f3493199e11488037f254be1cbab4c425
1b1f6d3ec2813e531c815407f24ddb9c07f9881864ff4fccdb38d17236aaf40b
1badd5b38347290909463a683c1dbc944663b5ef9df88b3a6ce85e8ef7a3a805
1c63ed7df3f35261fc0d6164b6aad82175c18a7a416d8d34e133cd4a0686b26d
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20b81e2bb707e9e06e3c44fbcc0d62d1b3252f610c3d70321027cb2e004fd551
2153bfd5d9e4c4a96b2e193d68e9a326dd0b568fe26df1b0805a7ca365e7a2f6
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
22b3989f5d05fabbc85f009a0f0d014f234faeaeecf602a898d55735e5b8b01f
230fe99dbab4624d33f25e7a237f9fb1fdd19b1859841dfa728821f6094a98a4
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
243d0318292081b26db69dad7403b07a4f8c302076bad5ff2f51ce135e19390e
24926bfadb9a475be70135a75f8edcb50c6c5182d57814b559893f7ca45ccf4f
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
266b1011af1c0508b80c9bbb695dfa109dbcafad2493c2bd69aeb28307cf75ed
26721869f484d392ce5c0a2e755637833e0ac2a21619b8b0e50f9576b3f2bca1
26e8db41813f87bb61da1529be0ca2d88fd523807d5125bf293025539754fce2
27d77784fbb94004e7db74a8f4f96379150ead7721f702bd4321ff832b6f8379
2830c3bb61f394aa2dc7e98a6e4d1009cf462a98636fbf984424f2c263899d2f
2878dd9653483a9c226b277ef71e2bd252941a69333582546d5901df4e2a1679
2984827421438cea8bef5d9feafe0ac3c700c6ca8d7250eb21f6c23dcdb25883
298bcc7b07bd4f13defc36ee0724126509b6b89dc4412d12606a91826d29afdb
299588ff6b2b8bf358ddea40fda087b1ef56600b51b0d02c2928dfc34eb847c5
2a13614ec0a3832a68aaf091dfd1c4f83d5a3bd536882cb63ebbdd56704b08e6
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2be26b2e7ea57676a49e6af3c8624a919d4e4967fbd709703c1e5c76ab7adc40
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f66e5ad637732d3dbedf0c168aad5a16950492e7ca00c9964471cdcb51989d6
31165cdf26e575522064c0bdf4a186e3670d30460356bfcde4d61cd4c4a31014
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34622ad81fd819e8ee476038e05c8e4ba1bf030ffb1627ee96553bc3601de6b9
35b0f879b37a1c0016ca2b1c56249d7068cea221e1d69ab45892be2fd9992d57
3bb267e7317a9758a4c8c89853cefe05481315b528872e95bbdc2ae5fd1b6d76
3c6ae1ea8832608a2315a84009b5613bc8c319adf6f285e93cf59fb9126f8037
3d564931f3fbbb99974231706405ce6fbff70eba61901b6d12bdca589db2fd60
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fccfd1e86b93a73276bb90aec22c777a09985779daf15cc5ced5605b310cb70
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403946f95407be0c1110d721b74d7d686ae2d4a47cc23a508dcc8b7335a3509f
40be25694f2534ba4f14b59084eaedc6c495e6046f7ba4108b8d8197fae8fd26
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
43b4a1b292181b36321c126814116537d577ff4b7d4ded01260b52cf407ced8a
44f79ca3c089de506e998688b5d6adea1d322f2c02d074e5dfcd2e5b9a6d6319
451278215d856b7f331d9d01f16bbda6d3808d75ae20b5dbf4e17f54ccd345e4
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
48689abf89f01811f11e6d139223b8caa377ab19c7ebe51db2a01dde2adfc641
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b3aa843b8f5bd03e01167c8136eea81acdd4913493ddfa274f729da332b8e8
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
499a1c295f5cc1df1ce8d9456430112e36d8e6f8660d5f834daf77d1b87020b0
4a617f772fda204bbb2924bc5e62110ae243221c619741a539c89312816c8840
4a7b348b3755859ad2b6bf03b1527e2ef4dee28747a95570c015a37ded45d321
4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7037d26080ccf2cfc3b0ae03977d64b887f91c0b95b01ccefe8bbc7dbbb54f
4df7e9a40a189f4c1c7111b00e9348166c2bdca33ee87ffe00b4aca94c36efe7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f
4f5e020060fbb3912268eb129e4af6c7c40511b58e049437c0103d990a95816e
50230a768774ba88bdeb31d5bf3cdcd95b90248334753ab4256aed572396d97b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50998fb44ffbcaa7a75aafff905bf0a969a0e310457d59950b9431cc2b883bcd
50bf87dcf89e67ab9afe28b6c7f363610e46e8dc563db11291df3a73415c74b0
5379c9126454ee970b6c397c73c5c1ac32e30134a8e282ad21ea19fd61476199
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
54330563bdf51900890dc5645cc018375c55ea6e770e4c2922be126b3f75fec4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55b5cf60454d0dee1d6dae37df022387de25b74e9270078056a5b9dab3d40a9f
55d0a127e211a6cb13f1edd40518fbe4f4e4e463c4b98bd59f38bd4622b15142
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5b81181f657e26566264abde5b06607758ecdcf86e061c7b7ab375b41194831e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f181f6ae4856bb3d55494dae5c4990bfeaa660238b0f2e0b699be008f98ff0c
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265
60ecdfb5bda329bcc807912edb3c4f5d519365b23d4b8b439501142e3ac9a4c0
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
652bff8a8422c643c28e85c881610c09ce8a4dd9c3715654105bb985bdb447cc
655db4b6b6f46e546611c7069cde62f78f909eddcd68345d3c7334fce944ff42
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
680bbbfb960a40a31a69f31e3db113890f5fe0d5f6b3084bce8f8e0710170ceb
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a7d91dc0162759eec1de6b57e6aca7209ba6eb8411deb91fe0937d379329d68
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6adeb26b6f842e201590ec645431bbac69d08717fa59447e58bd8ccd835fc39e
6dd91576d290a1d7459618ba41ae2546a796bb835a7b953bf45edfcffc916f5c
6eb572bc6895eb21783b802485b91b4f98ea649b18905a22e38f8524240a99e5
6f08294407bd8c1164457a3fe183bab69082405f0a333337664275d81b783ab2
6f74bb735ab06ee2932c30dba9091812c52a90d609edfceee0ef84d0600e6a5b
6fbfe18cc168ca5b585e397d47590a5327d5984746fda373e82dff22af82a429
6fd36ba1b2767476c229385dc9137ae473443c31e5da73d8eb7374db0a38544e
708e91c3bd12b3d0f7c1123157cb1ccd1f7f305812eddfb8a21c4d22b8854312
71a582b753019a679f1094cf50ba72eeb52466a2eb8c8734834ad616ff7f08ad
71ec4510fdfbc2b3fa54e4382eff7c4a335f028834201227585f33a5e2aa2359
72482e9eb90b811d2493bbad4a27aed71f46cbbbdd239e8a6f2f81cb88826dae
72635272a797b31b12f36c40e8ba642cb4763101ddfacf8fe1c055b6bdf09024
72b15e6150652eb5a5a8f7b2019584f0b5ed7c5095093902cd404ffa9197b9dc
72dc9d30f2ab602a2cf4d217bc63be6a3ebb2cbab40abcced67375a44dea5892
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74ba53e559aad4cd97d76d532878492efcee908cab0c2d1a6907f5cfd9ffea0e
75f7bf0ff2d3d8880e9006a2567b8d07183899dc678a5d396f5c5febd9006187
77de912445133674a26c1afbb37717e1141f26698e63227b457affe3dc854dc6
77e571c05527edc1ea1b3a422449600aeac91306fb22fddc8821e2f4f9cefc83
78b9dc5d0987b605b295bc7ba71ff897a49ead3969dd0319de83c2491d575f0f
7a2cf1afa1f950b603a5773a907314eb3312bbf6975a4ea20f608ad383a59e0d
7a77d6117fcffe139d9bcc81839acf2dcae7b3481b4500535042fe8b587f1dac
7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544
7e2f2738c6d4bb9c048feb9cb7a04eb24ad589b9b49efd1196f56c179a6896ce
8200d712fcf28a213e4cfcda850f2a25a7b738b63bdccde74d5acd629ab3bc11
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859a8079f8ffce29139148c1266e7cff7b54cf488f3dcd5093b27382ecb3cd32
85c7af28b9204d427f24d94550c0c27cae84eeac5748a3fc854200505a7b2036
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
8830b9be931919cbf203600cb3203e1de0b80f3ab6eef559f04a14288fa07a31
88d1dcbbc52b0b11c5ef41717cbe1745fefb0a10350664cf502eff9ede2f4aa6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bb84d5d7af69e26b9900a13820ac741ca423b60e88141c6c11ea075974e3a0d
8c7a99eb5c831752564cf752131ece2392055a1ff0fe0bb38656f029a9d944ee
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d84c52ee281bf0b0c32c9f1b93cb7cb02d6a5ef0fe119a05568eb2158f901ec
8dea6447b2b453cd9372c823d6d5a6e1912938d1bfa41279a6539e8c3e707e0e
8e65402234ea6d8f8b896f098baaa10ed4335fc0c0c1a09ed9627ea8171eb38a
8fe44a806e0223751e7115927c35dca0544586c39ccb6495b74325bf0dbeff8c
90358a3dee4bf9abbad2c8d32c2597b1478352a00a4dff5a90ee6beb0946009d
9101ac92634136631aba7d33d598442369f737d1aa75660f7e57017ebc87db8c
9115ade0703d42738c98e97cb9d34f3374fcb9d00af019477787b14edf8adbf5
92bd9eba900236160c6d8af35ec029de236deda4b00d4d1f47113826672315fa
93d9c3b17fac11e799dc3a146ecd6f0db572dac146f2605bfcd708c339157566
94c5899f341603c65a4fdb358c0765e6f22262191c8c89d9b929985c805faecd
9583dcc0c1f1dfd292a9e15192ce9e9949866d9ad829074700ca2d94019a822a
962896c3cd299c3e2aee3765b116aa2c79c77e3dfe5f82d19784148e4328b357
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9737000c048a0de2326225f04d6a22e3fdf4acc2bc18a2577b9d24131796d76a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99a356372fc0a684abb476dae06879c03c499a0012921926e17e6a8c629afc28
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac47c442d04fd0c9f68046963d0e366ece2f06b7755338845853100c710df21
9e2c0f9c8b7c348defe012c165f5ba4c0e1f6ca10db7763733095bec3b380df1
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1407b0c846c65977d7932af975a60934cde970ad97b72e01e9bc02afe29e7e4
a15d4957ae62313fc1cd5de9a9070151f2ec47aa0fe6a0ef9de51a89c16e67b5
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2d194239b9ec67d3a4a1e1862e0ce46d59a89f3b489060e3c5cc2abe25aeba3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5baf2b1d1e9d9747370302bac5830457761a948cb3d8a6e1a547714758381a7
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6c6d798abe06f6d7714ba4a4318007fdf9e095dd373160edf4134dbedcccdf3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad763d3dd8a3e0c2bb7dc318bb03194649040d268c08b26a761b1f9ee1c61aa7
ad99dfd1eac8b79dd02f51951dec76ac4da95c587101cd9f4e6fc98c810344fb
ae1c99073f37e47a4c63d0bf3fde834aa4f09eb11ed85c4905487cfd61666e6c
ae74bbec8d62a1971da17c1ba24ef94e3d59bfdc47040de9551040dc93719b13
aeffd5bbfaab5cfe1f4fc4782758d3842c46934570315d1a3db77cfa8f26444e
af2e5a36f3b2193e1b6225f2a25d25a7a1e473a2a5fec2f3d26d9899b4f54999
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646
b27e8c5823c90a3d22394ca95e0f70c935fc02b610f9f04447b87b3d4908c5b3
b4a91cf5d01095394d3f9eb031b1a2a0e18521f196600f3ad0bdb8b85e337253
b661d8659e5596afd3e2491d39e9e3f129216bc0072ca1d8721d91d754cc622e
b69d6c5b7612b7e463147a720f3bad9395f7e781026623a2020063931874f151
b778ef61e83c6d1b4e56a6cb0f423133cbe61a0f00839c76c948b6dc86ea1929
b8afcdffc5da6f960c4483164cc92efaa97cb8c410cb9ef18a39ab6ac80820d8
b8be7ba027c0a959ed94be985966c7d8ae6786993c9e3bf4e4f5c63e496c1d7b
b95faf33158f0ef2f83d09c161c984c92d0f709ff9bf258a286a1d03d46f186d
bb79e11bcd2d30ed056d61aa254455ae3d7d4146ac8d8c3dee64ffdb2b11d4ad
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bdbb3b88367e0dc7f2af34b3bb701fe2523c8653a48cdfd8aaf67c2d1e18b76d
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3daf62250531640c0fae05dc931be9c3237c332e28e9b4e193c4fabc219238b
c3f060e512b4453c571aed3e19e954aedf2dc1ec9d6f59103ff0c8180a35a16a
c4de6c1993bb6a96abd39db3347427c58ef4aa49c9967c3e9f314f1e859ce142
c581bf5f0cd960147b7f674dd9136cc0c28b4c5f0ac3b8c1856430467015a18e
c5fb9cfbe5372e32f4ced6cab733641978735b01ad155dfb078155696b16c709
c60d4d210e7b41fb6e98b170b5f8558c3814d45e1b7159dcecdaefc5f3c45a66
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c67bb8e7c7a04af3167d5a0253d6c0fad67db01c9077b0592d8eefdcd522d67c
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
c7c8f481bdb02c4eae0cc6876a7e2da7471d1509f0107963df87e46d082b23d3
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c84c4d9c2ffe6d4312a497e6efc96d8a88d11bc80a52b97d1f0828de23fc4b12
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c90937c91d398819585cf8f2dc0dcdfae3836f6149bff8891a2b24872d808a7b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cafd1a850a911a7f1c6cc393addd14b13a8345bd6c1ed0f804227ea963ae8770
cc0d2deadf94a1639b5b5bf192fe4eb53a0c3415925915b7424aef775f7c2405
cf1d0e4bdcf1da9956784b5d2582f6e9d9fd6fe02f42945c7a9fe60142d93cab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf84817b187b2c03e15b7b6008a81d25cc254709e694d6a05905423585430c77
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068
d0cdd936be8a5792b445242e226c21760b576a36b18f13c87027bd707464ea01
d1f11e52a5248d9e14c3c9a8c426e3a8936694a3fe2875825ffb2f32dfc97f5a
d2aaf6c71b7f19b4e983cfe52e41b2ce0ca0d0f1560cbc2d29022220cb10c6bc
d2c7c5dd5a210855e87667cf7cf52cde6b9d39c68408fcdbbaf3788a5fe2f90c
d44f70655319f88028db03bbf414e5c52cfead2ca8174f3d581e81eaeafbaaff
d5f5bd3fa1f7757b4176c7cca5175007242b4e21ffd1023faedb5ffaab0cad8e
d6f48f47568e437980809007ef4e63a45ad5311b42a4255fc640a2fdd62526ea
d82b8dfb84f2f542649a004a93c236acf675477fcc5fe0ba222b8cf840f0bb09
d8c9e41e6b5dacbfffd977d65a37e6ce0e3db4ec52e60302a3ddc502a76ade4f
dba62578a04ac540f31eca1596de6b98b0b0daf98df5e24365065f641d985832
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c
dd9597762d75385e34ccd2d9d95c6b98cb8d06538385ef2de0a3258a028216f3
de28b6628d26f508e5fd99f7f0c5361a8c719f6ae4a0e2332f1334ea820ac7cd
de5d4ee314c53ba3fa5c9af5b4749140d48f4a276431e269b3fd7a52130471b4
e0be45c3488ef17c8da28107e6717497646f12938e77a9db585bd7291e9d7122
e14b1d822239abcfd30b7718adb5b52d4b2dc67b5dddfc03cf9cc68c6b35ae2b
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4c3d2cf8ba374e5dbe4d7b2d5043efdf72a3260ce9b73b800c024212b201435
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59671fe86ef9ca4130a39dc3d5567ccb734b0fdbdd5969ccab03e37d05c964b
e62952db0f09c86d5ae7ad75d401f02d6f897ce6929c999c2a8c579072a2b1c9
e7efcd6d780141149d6cfa70470b4518d2e4cbb421bc21d76df611f6b2969587
e80f81e5b69695951f84911afdb73956189f169ddcd2f403c6b3c6435ae9f107
e89a550cdffc80d3ead84bce8934804d9dd8e7217ce0e82b5f80d6fc72f92159
e9ceb96b2aff7b757c9c2507a1e8a1d2b40ddea4fadcb17839cda3e5020bd7ab
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ee9f313b24e5afd487e1d748e36e50c8ed84c081d91e9ce6d2799dc0e61aa627
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60294f9020b92f80f6f98f5b63acfebd71f1e2319fc87325eea29a613135037
f8fd47fc05a83430564edb2459e2a344b2905a049994b7b32da4f6b81c9985d2
fa341f761780a356205e5a62c3e66c020d5aa425865c090153647e90d12a904f
fa5715638b8dcb68500482e6bcc6406012fd9a87d113d60d77fa8876050f20ed
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f
fddecf729fa7416bdf7c765f92e5740c0021078977f41487b9cda39584f96113
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ffcf0820dcb04ad7d58c2a1fe1fbd3b3ccd47acd73df0cf32aac887c6751323a
ffe8d407737eb90e9dcba6d5ecd4ae359e4dfea8d79254943c3d059258b9c1f2