urlscan.io logo urlscan.io
SecurityTrails logo

community.chipotle.com Open in urlscan Pro
34.67.8.234  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://community.chipotle.com/
Effective URL: https://community.chipotle.com/
Submission: On October 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 69 HTTP transactions. The main IP is 34.67.8.234, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is community.chipotle.com.
TLS certificate: Issued by R3 on August 21st 2023. Valid for: 3 months.
This is the only time community.chipotle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

51    34.67.8.234 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.8.67.34.bc.googleusercontent.com
community.chipotle.com
1    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
4    2600:9000:2156:e800:12:1bf:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-prod.securiti.ai
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    15.197.226.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: aedf1f689f9b4287e.awsglobalaccelerator.com
app.securiti.ai
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
51 chipotle.com
community.chipotle.com
10 MB
5 securiti.ai
cdn-prod.securiti.ai — Cisco Umbrella Rank: 15102
app.securiti.ai — Cisco Umbrella Rank: 18913
216 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
666 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
400 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
88 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
151 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1649
575 B
0 google.de Failed
www.google.de Failed
69 10
Domain Requested by
51 community.chipotle.com 1 redirects community.chipotle.com
4 cdn-prod.securiti.ai community.chipotle.com
cdn-prod.securiti.ai
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net community.chipotle.com
connect.facebook.net
2 www.googletagmanager.com community.chipotle.com
www.google-analytics.com
1 www.google.com community.chipotle.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.facebook.com community.chipotle.com
1 app.securiti.ai cdn-prod.securiti.ai
1 polyfill.io community.chipotle.com
0 www.google.de Failed community.chipotle.com
69 12
Subject Issuer Validity Valid
community.chipotle.com
R3		 2023-08-21 -
2023-11-19		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-03 -
2023-11-02		 a month crt.sh
app.securiti.ai
Amazon RSA 2048 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://community.chipotle.com/
Frame ID: 774988DC615990E57F87BB34DD36A45D
Requests: 73 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chipotle Community Fundraising | Fundraising Ideas | School Fundraising

Page URL History Show full URLs

  1. http://community.chipotle.com/ HTTP 301
    https://community.chipotle.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

69
Requests

97 %
HTTPS

82 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

10887 kB
Transfer

13441 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://community.chipotle.com/ HTTP 301
    https://community.chipotle.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
community.chipotle.com/
Redirect Chain
  • http://community.chipotle.com/
  • https://community.chipotle.com/
59 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b2835ab167042d74585af5563ed23ef97eafb19617732d3f64395c73d4a2180a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000 max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://api.community.chipotle.com
cache-control
max-age=600, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 02:28:17 GMT
link
<https://community.chipotle.com/>; rel=shortlink
server
nginx
strict-transport-security
max-age=31536000 max-age=63072000
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-pingback
https://community.chipotle.com/xmlrpc.php

Redirect headers

Access-Control-Allow-Origin
https://api.community.chipotle.com
Connection
keep-alive
Content-Length
162
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Content-Type
text/html
Date
Wed, 18 Oct 2023 02:28:17 GMT
Keep-Alive
timeout=20
Location
https://community.chipotle.com/
Server
nginx
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
style.min.css
community.chipotle.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
nginx
etag
W/"64b7c573-19824"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
dashicons.min.css
community.chipotle.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-includes/css/dashicons.min.css?ver=6.3
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
frontend.min.css
community.chipotle.com/wp-content/plugins/post-views-counter/css/ 		215 B
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/plugins/post-views-counter/css/frontend.min.css?ver=1.3.12
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Tue, 20 Dec 2022 17:55:37 GMT
server
nginx
etag
W/"63a1f719-d7"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
styles.min.css
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		436 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c73ce2c1e22413583f3acda03e1c298ab4631a9b77b566a49e030dd6d4c14b36
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-6d1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
scraped.css
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/chipotlecom/css/ 		1 MB
374 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/chipotlecom/css/scraped.css?ver=1688058408
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
39b8a1d6e7c1dd94640b5a59d74955b5ec9ab581ed2da0c457d13f4681b1ffef
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-104ab1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
jquery.min.js
community.chipotle.com/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
nginx
etag
W/"6470990f-155ba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
jquery-migrate.min.js
community.chipotle.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
polyfill.min.js
polyfill.io/v3/ 		101 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=es2015%2CIntersectionObserver&ver=6.8.26
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 02:28:18 GMT
age
403658
detected-user-agent
Chrome Mobile/118.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/118.0.0
content-type
text/javascript; charset=UTF-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
site.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ad7ba3a3cc08d176d335162379ee8aa78106f513280dafd365ada5964bada7c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-d65"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
cookie-consent.css
cdn-prod.securiti.ai/consent/ 		45 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-prod.securiti.ai/consent/cookie-consent.css
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eebacb4467fcf863339daac6eb21e851dabb9ee73cd7c038e5cd7f5e9e375dc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Qy78OH_fyBaC4ZYJ6aCytxmwB5zbi57w
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding
gzip
date
Wed, 18 Oct 2023 01:29:29 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
age
3529
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 17 Oct 2023 01:28:58 GMT
server
AmazonS3
etag
W/"36b0f5e23b1b5d81ff8822d2c317bc2d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
imwCl6qnZWiw4lRlaT_r3VqYq5TcDyqIj2IWwfLnU1k_BYfV25qJaQ==
logo_round.png
community.chipotle.com/wp-content/uploads/2020/07/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/07/logo_round.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
61f466a3d99e45a0b524b11201c46125b8c3b72c268b48b4883eeebd6bb15a79
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-720d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
29197
arrow-white.png
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/ 		227 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/arrow-white.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
50f3a21ec60064b3bebe36f1d5f30c5cb41a6dc9be08ffa3d9701a8014eb806d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:56 GMT
server
nginx
etag
"640f7bd0-e3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
227
arrow-brown.svg
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/ 		202 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/arrow-brown.svg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3dbde63afe1178b5b5b9383059484c8b088f4ba43753bc87a346cdc957700f68
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 08 Jun 2023 18:20:31 GMT
server
nginx
etag
W/"64821bef-ca"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
organic-shape-top_m.svg
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/components/icon-columns-cta/ 		320 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/components/icon-columns-cta/organic-shape-top_m.svg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
670928076afb5189c69e7083ee5213a376b3bf8630056bde1eb6701b8b0d24a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 08 Jun 2023 18:20:32 GMT
server
nginx
etag
W/"64821bf0-140"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
organic-shape-bottom_m.svg
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/components/icon-columns-cta/ 		338 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/components/icon-columns-cta/organic-shape-bottom_m.svg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
360d6116434e082f5bd5b602ac60dc987cc30f05e28c1091f2b464c93560330b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 08 Jun 2023 18:20:32 GMT
server
nginx
etag
W/"64821bf0-152"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
organic-shape-desktop.png
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/components/icon-columns-cta/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/img/components/icon-columns-cta/organic-shape-desktop.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8640b5260e814488d2e71ffc3a99213b358e52345417eb27a095945d6d373727
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:56 GMT
server
nginx
etag
"640f7bd0-3539"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13625
social-facebook.png
community.chipotle.com/wp-content/uploads/2020/10/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/10/social-facebook.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e9f7ebaed4466ce0c6e9308b8b5d204d6cc6b290bb8eefc044e13864eb0962a0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 22 Oct 2020 16:34:28 GMT
server
nginx
etag
"5f91b494-41d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1053
social-twitter.png
community.chipotle.com/wp-content/uploads/2020/10/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/10/social-twitter.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2eca9210fb0834b06b9cbb17a70a1c6431fb0486634d3576c3da0835ea4d5fc4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 22 Oct 2020 16:34:29 GMT
server
nginx
etag
"5f91b495-5a2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1442
social-instagram.png
community.chipotle.com/wp-content/uploads/2020/10/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/10/social-instagram.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e1c23f8a168b6f2eb11e3b3b7854aab8d8cef1b46445773a76cdc0af7654c108
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 22 Oct 2020 16:34:29 GMT
server
nginx
etag
"5f91b495-557"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1367
apple-store.png
community.chipotle.com/wp-content/uploads/2020/10/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/10/apple-store.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5efa70e9f2831b833f7da064314f78f14568f2703bac5e38acd9ac4beb8a2c41
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 22 Oct 2020 16:36:00 GMT
server
nginx
etag
"5f91b4f0-5d9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1497
google-play.png
community.chipotle.com/wp-content/uploads/2020/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/10/google-play.png
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef748e0504a1b806522cc3517030edbd72000d968b9232e1e1d34f9fc94526f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 22 Oct 2020 16:36:01 GMT
server
nginx
etag
"5f91b4f1-7a2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1954
vendors~vendor.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendors~vendor.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99a8dc6707ce21020bec15de1dcb5eb9f9fd336b70f59c8348642707f7ba1d74
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-140ab"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
vendor.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		113 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendor.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
20d6000547ccef8110973e3f9d6e6d822f60790717bc52d2f776f7127ea2a9c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-71"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
site-header.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		502 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site-header.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
11d1076c2151037e6b55e9bcb6046c6bea2cc07abcf437657736ff45580aa277
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-1f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
vendors~animations~blog-breadcrumbs~blog-filters~category-cards.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendors~animations~blog-breadcrumbs~blog-filters~category-cards.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac5069b2943a24e109c5714cfe20e68d6d0c026ad38459859ee3786ac8179617
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-11d47"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
vendors~animations.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		327 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendors~animations.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
15b6f146f935f3f5466cec8c631bc3c8a77c30eb3786a7f8b771e72f954d3572
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-51bd5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
animations.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/animations.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4bfba96625a27f9e75574da0ed166318cf106cbf13c4e59f2a26a0d3c1fcd65
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-11c3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7JX4SG
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdbd6ed124d08043aeb3725c17fbc9f59971d6c5ef7cc676843f03ba5b5c9e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68960
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 02:28:18 GMT
cookie-consent-sdk.js
cdn-prod.securiti.ai/consent/ 		342 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
VjjHT6eelkwAnJooeokH6.hK08W9cPv.
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding
gzip
date
Wed, 18 Oct 2023 01:29:25 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
age
3534
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 17 Oct 2023 01:28:54 GMT
server
AmazonS3
etag
W/"07df42af6f2cbc0b53ad415ce030e2bf"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
1ohPfS2XpG6vbOiS58ezqm_76TQOTJI6SfvCnV1hPF61OfS-Uzwlwg==
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 02:28:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
x2WKSwhW7pu3TwBKMxR6GBfX1uV/1r4b/10WbkMfQSpS57K5zmEaaUgczc49eR47j3YJ6V+Rw2aQczicf5qY9A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
Gotham-Book.otf
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/Gotham-Book.otf
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5607c31583a387bc428a264f2c51f7c3e332ca288fc7d98247f604b556ac6fdd
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:56 GMT
server
nginx
etag
"640f7bd0-18424"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
99364
TradeGothicLTCom-BdCn20.woff
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/TradeGothicLTCom-BdCn20.woff
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5fe01f4687e56659d7b2caea3aae11a7eeaa97d4e720ccd0aefbaf53874fd8e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:56 GMT
server
nginx
etag
"640f7bd0-f4bc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
62652
Gotham-Bold.otf
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/Gotham-Bold.otf
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8049cffe5562f5d5de279ab34e40e0fc5a217283d06eafbcd79aee6d2659e9a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:56 GMT
server
nginx
etag
"640f7bd0-18344"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
99140
TradeGothicLTCom-Cn18.woff
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/TradeGothicLTCom-Cn18.woff
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b115b18462943e792ad178310c946d764faac525532d46b75f9f9fabced45fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:56 GMT
server
nginx
etag
"640f7bd0-12848"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
75848
Gotham-Light.otf
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/fonts/Gotham-Light.otf
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7f2f67c163f8e59117296a5e45570675d6cac67b139683ed3563f90e35edf88
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/styles.min.css?ver=1688058408
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:56 GMT
server
nginx
etag
"640f7bd0-18308"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
99080
truncated
/ 		140 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afce756fd76bdde823a9855a67428c7dabeb2d7cc1ea437d9e567aa1ea1116a8

Request headers

Referer
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/ 		94 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
395ac4c81079fac171fb751963c4e0311e066f66d2a19945e62dc861a57b83f9

Request headers

Referer
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
font/ttf
truncated
/ 		113 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6bdd0440e28c0bd08a9ef7c31dd9aa81d680db03278919804e2ba8ea2a8c465

Request headers

Referer
Origin
https://community.chipotle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
font/ttf
Chipotle-Racecar-poster.jpg
community.chipotle.com/wp-content/uploads/2020/08/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/Chipotle-Racecar-poster.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e230284f84fb0c8b707de00b6c2d166a5f5ac953d0ed06326e9bbfc257c67d0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-d69b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
54939
Fundraising_LP_Iphone-promo-code_522x676.gif
community.chipotle.com/wp-content/uploads/2020/10/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/10/Fundraising_LP_Iphone-promo-code_522x676.gif
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
90a576b1584b2c45af337fcf9f25a04a631bee5eb82a8da3e2c237f2f8279af3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 22 Oct 2020 16:28:59 GMT
server
nginx
etag
"5f91b34b-f7aa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
63402
arts-and-music.jpg
community.chipotle.com/wp-content/uploads/2022/02/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2022/02/arts-and-music.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2754e8bbe317c59d33854c690b5520eea8c8d397a8f619c159f5b4e2dda78a8e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Wed, 16 Feb 2022 19:52:18 GMT
server
nginx
etag
"620d55f2-de63"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
56931
clubs-and-teams_2.jpg
community.chipotle.com/wp-content/uploads/2022/02/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2022/02/clubs-and-teams_2.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
13c1dab16b1196496c183bddf08efeb05092912a148288f2bf3c60ee3031396f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Wed, 16 Feb 2022 19:52:47 GMT
server
nginx
etag
"620d560f-d945"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
55621
science-and-tech.jpg
community.chipotle.com/wp-content/uploads/2022/02/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2022/02/science-and-tech.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e37f60d9ec147e2b61c897a475513f4fde56fc5fb637c4fd905b6c456b7302e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Wed, 16 Feb 2022 19:53:11 GMT
server
nginx
etag
"620d5627-ea9a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
60058
sustainability.jpg
community.chipotle.com/wp-content/uploads/2022/02/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2022/02/sustainability.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f49a963ec9e37d1f0a8cc60235613161c04321cfa65bc92008435b68b1b13691
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Wed, 16 Feb 2022 19:53:38 GMT
server
nginx
etag
"620d5642-ca38"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
51768
community.jpg
community.chipotle.com/wp-content/uploads/2022/02/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2022/02/community.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
47d7b867550c5af863f6e1433ba022175e1bf081d95f3a075fc7322b031ce438
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Wed, 16 Feb 2022 19:53:50 GMT
server
nginx
etag
"620d564e-e126"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
57638
Chipotle-Racecar-poster.mp4
community.chipotle.com/wp-content/uploads/2020/08/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/Chipotle-Racecar-poster.mp4
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
010e10b6461b7f34c333c3d7ec3cd2ebe65ee27830f5223858aa0b1acb0c8252
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 28 Aug 2020 15:19:15 GMT
server
nginx
etag
"5f492073-3005d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
access-control-allow-origin
https://api.community.chipotle.com
Content-Range
bytes 0-3147220/3147221
cache-control
public, max-age=31536000
Content-Length
3147221
Chipotle-Band-poster.mp4
community.chipotle.com/wp-content/uploads/2020/08/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/Chipotle-Band-poster.mp4
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
95894bcb2dbb0248e6756ce4f5039d6906d53d1c02e427e45c0424ce65045936
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-2db789"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
access-control-allow-origin
https://api.community.chipotle.com
Content-Range
bytes 0-2996104/2996105
cache-control
public, max-age=31536000
Content-Length
2996105
Chipotle-Team-poster.mp4
community.chipotle.com/wp-content/uploads/2020/08/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/Chipotle-Team-poster.mp4
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d2e2b592d43c3e6e2491314300136960fa4d0f869ead656f7c8e94863fe88b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://community.chipotle.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-232a9f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
access-control-allow-origin
https://api.community.chipotle.com
Content-Range
bytes 0-2304670/2304671
cache-control
public, max-age=31536000
Content-Length
2304671
wp-emoji-release.min.js
community.chipotle.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
nginx
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
vendors~hero-video-image~quote-slider.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendors~hero-video-image~quote-slider.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a4c29242e38f0136ad79dd9f33bfddd4fad01670c1180a90bb4b0fe901dc04e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-a817"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
hero-video-image.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/hero-video-image.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b5b09478365e7466e334eff4d0d8568fdac16a55006c58a00888dc9439bfb6b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-473"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
quote-slider.min.js
community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/ 		461 B
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/quote-slider.min.js
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/site.min.js?ver=1688058408
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
934d029ffa98886eba03d9223a0c50cdbe73b09a7a72b0e43a4b93c5d4b77600
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
content-encoding
br
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Mon, 13 Mar 2023 19:38:55 GMT
server
nginx
etag
W/"640f7bcf-1cd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
en.json
cdn-prod.securiti.ai/consent/cookie_banner/4a4948ff-2213-4f51-b37a-2cc1f57a1112/e7485100-69de-4394-bfaa-37b61a5c4c60/ 		107 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-prod.securiti.ai/consent/cookie_banner/4a4948ff-2213-4f51-b37a-2cc1f57a1112/e7485100-69de-4394-bfaa-37b61a5c4c60/en.json
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eae24c0c7d960d928576134b0590ca9ac6445bcc65572f8fe814f1775dcb164e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:24:56 GMT
x-amz-version-id
5yQ78sOM5SzrrRXVRQok6fqYod8PAnje
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
age
57803
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 15 Aug 2023 01:03:11 GMT
server
AmazonS3
etag
W/"ce56fab1e3bece2f4e3a3e9a6a176a77"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=86400
x-frame-options
DENY
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
bXHMTpxNprhEUJVw_P5uCShneWQaLvO76o6X1vGwCxsazKMsxfnV6A==
location
app.securiti.ai/core/v1/utils/geo/ 		580 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.securiti.ai/core/v1/utils/geo/location
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.226.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aedf1f689f9b4287e.awsglobalaccelerator.com
Software
/
Resource Hash
9b25062d1343cc917ea0ef02f02375f98706eaf6665c49734ebca10a0d363e92
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=315360000
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://community.chipotle.com
access-control-allow-credentials
true
content-length
580
x-xss-protection
1; mode=block
744995952296110
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/744995952296110?v=2.9.134&r=stable&domain=community.chipotle.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d6ad8278ccba2aec3c8b60822a30864557bdd21d9045add707f2cd9b1668dbf
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 02:28:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
MEne6c9XmFNvCv09JsrcTLfDFUh5QfVlrpqG/8NTyIPd2IqcN0V2wbSDYq8cJpuIx8hSzjkxwcUxWXSP+xoh+Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7JX4SG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Oct 2023 01:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2317
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 18 Oct 2023 03:49:42 GMT
collect
www.google-analytics.com/j/ 		16 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1624337454&t=pageview&_s=1&dl=https%3A%2F%2Fcommunity.chipotle.com%2F&ul=en-us&de=UTF-8&dt=Chipotle%20Community%20Fundraising%20%7C%20Fundraising%20Ideas%20%7C%20School%20Fundraising&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1675110592&gjid=1115506818&cid=515381024.1697596099&tid=UA-5654566-71&_gid=1776947790.1697596099&_r=1&_slc=1&gtm=45He3ag0n81M7JX4SG&z=328412637
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
136901c93c4abd52fb476071e9297d61bf91dae24e7ac56fc6cb510a7024a008
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://community.chipotle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 02:28:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.chipotle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
Chipotle-Band-poster.jpg
community.chipotle.com/wp-content/uploads/2020/08/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/Chipotle-Band-poster.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ad00b53cc7eb01be9e3bd654f676b7387be80d1a20e6509d7b8b26e94d9335f1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-bd78"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
48504
Chipotle-Team-poster.jpg
community.chipotle.com/wp-content/uploads/2020/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/Chipotle-Team-poster.jpg
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
77f477c6b80537ee67db13c7ca0f7523cdf5663c04ac746d45403b04b12b41b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
strict-transport-security
max-age=31536000, max-age=63072000
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-6a5d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
https://api.community.chipotle.com
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27229
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=744995952296110&ev=PageView&dl=https%3A%2F%2Fcommunity.chipotle.com%2F&rl=&if=false&ts=1697596099144&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697596099143.317954548&ler=empty&it=1697596098971&coo=false&rqm=GET
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 02:28:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5654566-71&cid=515381024.1697596099&jid=1675110592&gjid=1115506818&_gid=1776947790.1697596099&_u=YGBACEAABAAAACAAI~&z=1861882526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://community.chipotle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 18 Oct 2023 02:28:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.chipotle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3SDL4HQ4N7&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b713f07a434ec2bf34c1b2b750283bc31ee8d515465fc9f5271c17965a3fb3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84932
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 02:28:19 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3SDL4HQ4N7&gtm=45je3ag0&_p=1624337454&_gaz=1&ul=en-us&sr=1600x1200&cid=515381024.1697596099&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcommunity.chipotle.com%2F&dt=Chipotle%20Community%20Fundraising%20%7C%20Fundraising%20Ideas%20%7C%20School%20Fundraising&sid=1697596099&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SDL4HQ4N7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 02:28:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.chipotle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3SDL4HQ4N7&cid=515381024.1697596099&gtm=45je3ag0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SDL4HQ4N7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 02:28:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://community.chipotle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5654566-71&cid=515381024.1697596099&jid=1675110592&_u=YGBACEAABAAAACAAI~&z=1499549931
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 02:28:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
de.json
cdn-prod.securiti.ai/consent/cookie_banner/4a4948ff-2213-4f51-b37a-2cc1f57a1112/e7485100-69de-4394-bfaa-37b61a5c4c60/ 		109 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-prod.securiti.ai/consent/cookie_banner/4a4948ff-2213-4f51-b37a-2cc1f57a1112/e7485100-69de-4394-bfaa-37b61a5c4c60/de.json
Requested by
Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b31ffde01b7f77ed77d580ce215847ee11bd7cac9c152fc8f5985f1e891093d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:15:49 GMT
x-amz-version-id
TUtMxJOdZfhBrraHmEJwlycEFSxdxP.5
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
age
47550
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 15 Aug 2023 01:03:10 GMT
server
AmazonS3
etag
W/"3e0cec7d73aa96383fbfef1c0be170b8"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=86400
x-frame-options
DENY
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
kBTjkORImupCdrbyMMEP3aGxyDGBsj-Q366VO2SvSzCjpokW2GVIuw==
animated-illustration_Apply.json
community.chipotle.com/wp-content/uploads/2020/08/ 		49 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/animated-illustration_Apply.json
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendors~animations.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
51a403946c682476093a907de3fa1f148bcd1f4f104f7448651a9af96e6583fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
x-cache-group
normal
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
x-cacheable
SHORT
strict-transport-security
max-age=31536000, max-age=63072000
x-cache
HIT: 2
content-length
49932
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-c30c"
vary
Accept-Encoding,Cookie
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://api.community.chipotle.com
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
animated-illustration_Promote.json
community.chipotle.com/wp-content/uploads/2020/08/ 		32 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/animated-illustration_Promote.json
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendors~animations.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
094a793bed8c863286b328daf4f12da00bebe3e835291eec6b29b3420c72c5a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
x-cache-group
normal
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
x-cacheable
SHORT
strict-transport-security
max-age=31536000, max-age=63072000
x-cache
HIT: 2
content-length
33032
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-8108"
vary
Accept-Encoding,Cookie
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://api.community.chipotle.com
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
animated-illustration_Earn.json
community.chipotle.com/wp-content/uploads/2020/08/ 		64 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://community.chipotle.com/wp-content/uploads/2020/08/animated-illustration_Earn.json
Requested by
Host: community.chipotle.com
URL: https://community.chipotle.com/wp-content/themes/chipotle-community-roots/assets/dist/vendors~animations.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.67.8.234 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.8.67.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f3fe400e88743c6fffbe4e82fef5f01bfe98fc3862e5346b42eda526689ec43c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://community.chipotle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:28:19 GMT
x-cache-group
normal
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
x-cacheable
SHORT
strict-transport-security
max-age=31536000, max-age=63072000
x-cache
HIT: 2
content-length
65274
last-modified
Fri, 28 Aug 2020 15:19:12 GMT
server
nginx
etag
"5f492070-fefa"
vary
Accept-Encoding,Cookie
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
https://api.community.chipotle.com
cache-control
max-age=600, must-revalidate
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3SDL4HQ4N7&cid=515381024.1697596099&gtm=45je3ag0&aip=1&z=927388617
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5654566-71&cid=515381024.1697596099&jid=1675110592&_u=YGBACEAABAAAACAAI~&z=1499549931

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| webpackJsonp object| dataLayer function| setConsentBannerID function| fbq function| _fbq object| TCFUtils function| ARIAtabs object| bannerConfigUtils object| bannerGenerator object| commonConstants object| commonUtils object| consentBannerUtils object| consentTuningUtils object| cookieconsent object| getterUtils object| GPPBannerGeneration object| GPPUtils function| setConsentBannerParams function| showConsentPreferencesPopup function| overrideThemeMatching function| initCmp object| preferenceCenterGeneration object| regeneratorRuntime object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp function| _ object| gsapVersions boolean| isUsNationalEnabled object| _gsap function| _scrollTop function| _scrollLeft

5 Cookies

Domain/Path Name / Value
.chipotle.com/ Name: _ga
Value: GA1.2.515381024.1697596099
.chipotle.com/ Name: _gid
Value: GA1.2.1776947790.1697596099
.chipotle.com/ Name: _gat_UA-5654566-71
Value: 1
.chipotle.com/ Name: _fbp
Value: fb.1.1697596099143.317954548
.chipotle.com/ Name: _ga_3SDL4HQ4N7
Value: GS1.2.1697596099.1.0.1697596099.60.0.0

3 Console Messages

Source Level URL
Text
security error URL: https://community.chipotle.com/(Line 34)
Message:
Refused to create a worker from 'blob:https://community.chipotle.com/a2276a73-0764-4e2d-aa3b-c4e35d2bd3cb' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://community.chipotle.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3SDL4HQ4N7&cid=515381024.1697596099&gtm=45je3ag0&aip=1&z=927388617' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://community.chipotle.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5654566-71&cid=515381024.1697596099&jid=1675110592&_u=YGBACEAABAAAACAAI~&z=1499549931' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.securiti.ai polyfill.io *.facebook.net *.facebook.com *.google.com *.googletagmanager.com *.google-analytics.com *.voltagead.com *.gstatic.com *.doubleclick.net *.chipotle.com;
Strict-Transport-Security max-age=31536000 max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.securiti.ai
cdn-prod.securiti.ai
community.chipotle.com
connect.facebook.net
polyfill.io
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.google.de
15.197.226.17
2001:4860:4802:34::36
2600:9000:2156:e800:12:1bf:30c0:93a1
2a00:1450:4001:812::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::282
34.67.8.234
010e10b6461b7f34c333c3d7ec3cd2ebe65ee27830f5223858aa0b1acb0c8252
094a793bed8c863286b328daf4f12da00bebe3e835291eec6b29b3420c72c5a9
0d6ad8278ccba2aec3c8b60822a30864557bdd21d9045add707f2cd9b1668dbf
11d1076c2151037e6b55e9bcb6046c6bea2cc07abcf437657736ff45580aa277
136901c93c4abd52fb476071e9297d61bf91dae24e7ac56fc6cb510a7024a008
13c1dab16b1196496c183bddf08efeb05092912a148288f2bf3c60ee3031396f
15b6f146f935f3f5466cec8c631bc3c8a77c30eb3786a7f8b771e72f954d3572
20d6000547ccef8110973e3f9d6e6d822f60790717bc52d2f776f7127ea2a9c7
2754e8bbe317c59d33854c690b5520eea8c8d397a8f619c159f5b4e2dda78a8e
2eca9210fb0834b06b9cbb17a70a1c6431fb0486634d3576c3da0835ea4d5fc4
360d6116434e082f5bd5b602ac60dc987cc30f05e28c1091f2b464c93560330b
395ac4c81079fac171fb751963c4e0311e066f66d2a19945e62dc861a57b83f9
39b8a1d6e7c1dd94640b5a59d74955b5ec9ab581ed2da0c457d13f4681b1ffef
3dbde63afe1178b5b5b9383059484c8b088f4ba43753bc87a346cdc957700f68
47d7b867550c5af863f6e1433ba022175e1bf081d95f3a075fc7322b031ce438
4d2e2b592d43c3e6e2491314300136960fa4d0f869ead656f7c8e94863fe88b3
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50f3a21ec60064b3bebe36f1d5f30c5cb41a6dc9be08ffa3d9701a8014eb806d
51a403946c682476093a907de3fa1f148bcd1f4f104f7448651a9af96e6583fe
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5607c31583a387bc428a264f2c51f7c3e332ca288fc7d98247f604b556ac6fdd
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207
5a4c29242e38f0136ad79dd9f33bfddd4fad01670c1180a90bb4b0fe901dc04e
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5efa70e9f2831b833f7da064314f78f14568f2703bac5e38acd9ac4beb8a2c41
5fe01f4687e56659d7b2caea3aae11a7eeaa97d4e720ccd0aefbaf53874fd8e1
61f466a3d99e45a0b524b11201c46125b8c3b72c268b48b4883eeebd6bb15a79
670928076afb5189c69e7083ee5213a376b3bf8630056bde1eb6701b8b0d24a9
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6ad7ba3a3cc08d176d335162379ee8aa78106f513280dafd365ada5964bada7c
6b115b18462943e792ad178310c946d764faac525532d46b75f9f9fabced45fb
6eebacb4467fcf863339daac6eb21e851dabb9ee73cd7c038e5cd7f5e9e375dc
77f477c6b80537ee67db13c7ca0f7523cdf5663c04ac746d45403b04b12b41b8
8049cffe5562f5d5de279ab34e40e0fc5a217283d06eafbcd79aee6d2659e9a4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8640b5260e814488d2e71ffc3a99213b358e52345417eb27a095945d6d373727
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
90a576b1584b2c45af337fcf9f25a04a631bee5eb82a8da3e2c237f2f8279af3
934d029ffa98886eba03d9223a0c50cdbe73b09a7a72b0e43a4b93c5d4b77600
95894bcb2dbb0248e6756ce4f5039d6906d53d1c02e427e45c0424ce65045936
99a8dc6707ce21020bec15de1dcb5eb9f9fd336b70f59c8348642707f7ba1d74
9b25062d1343cc917ea0ef02f02375f98706eaf6665c49734ebca10a0d363e92
9b31ffde01b7f77ed77d580ce215847ee11bd7cac9c152fc8f5985f1e891093d
9b713f07a434ec2bf34c1b2b750283bc31ee8d515465fc9f5271c17965a3fb3e
ac5069b2943a24e109c5714cfe20e68d6d0c026ad38459859ee3786ac8179617
ad00b53cc7eb01be9e3bd654f676b7387be80d1a20e6509d7b8b26e94d9335f1
afce756fd76bdde823a9855a67428c7dabeb2d7cc1ea437d9e567aa1ea1116a8
b2835ab167042d74585af5563ed23ef97eafb19617732d3f64395c73d4a2180a
b5b09478365e7466e334eff4d0d8568fdac16a55006c58a00888dc9439bfb6b4
b7f2f67c163f8e59117296a5e45570675d6cac67b139683ed3563f90e35edf88
bdbd6ed124d08043aeb3725c17fbc9f59971d6c5ef7cc676843f03ba5b5c9e52
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4bfba96625a27f9e75574da0ed166318cf106cbf13c4e59f2a26a0d3c1fcd65
c73ce2c1e22413583f3acda03e1c298ab4631a9b77b566a49e030dd6d4c14b36
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c23f8a168b6f2eb11e3b3b7854aab8d8cef1b46445773a76cdc0af7654c108
e230284f84fb0c8b707de00b6c2d166a5f5ac953d0ed06326e9bbfc257c67d0b
e37f60d9ec147e2b61c897a475513f4fde56fc5fb637c4fd905b6c456b7302e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bdd0440e28c0bd08a9ef7c31dd9aa81d680db03278919804e2ba8ea2a8c465
e9f7ebaed4466ce0c6e9308b8b5d204d6cc6b290bb8eefc044e13864eb0962a0
eae24c0c7d960d928576134b0590ca9ac6445bcc65572f8fe814f1775dcb164e
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef748e0504a1b806522cc3517030edbd72000d968b9232e1e1d34f9fc94526f3
f3fe400e88743c6fffbe4e82fef5f01bfe98fc3862e5346b42eda526689ec43c
f49a963ec9e37d1f0a8cc60235613161c04321cfa65bc92008435b68b1b13691