oman.kfc.me Open in urlscan Pro
51.138.225.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.offers.oman.kfc.me/ls/click?upn=VzqYs8yXVOReS-2FAMzl4LIbQkjWJBHtWipe7RKG3SDen-2FcYpbycK8RWnlERAU0A9wbaUCILAv9PyTy2I...
Effective URL:
https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Submission: On August 28 via api (August 28th 2023, 11:44:30 am UTC) from OM — Scanned from DE

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 28 domains to perform 73 HTTP transactions. The main IP is 51.138.225.27, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is oman.kfc.me.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 9th 2022. Valid for: a year.

This is the only time oman.kfc.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID)
1 1	143.204.98.122 143.204.98.122	16509 (AMAZON-02) (AMAZON-02)
14	51.138.225.27 51.138.225.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:64:... 2a02:26f0:64::210:6bb9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
13	2a02:26f0:64:... 2a02:26f0:64::210:6bc1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 3	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.241.54.161 35.241.54.161	15169 (GOOGLE) (GOOGLE)
4 4	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 2	63.35.31.5 63.35.31.5	16509 (AMAZON-02) (AMAZON-02)
1	52.215.137.86 52.215.137.86	16509 (AMAZON-02) (AMAZON-02)
1	54.77.58.216 54.77.58.216	16509 (AMAZON-02) (AMAZON-02)
73	32

1 167.89.118.52 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net

link.offers.oman.kfc.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.122 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net

wizrocketmail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 51.138.225.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

oman.kfc.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6bb9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

kfcqablobstorage.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o455924.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

6566435.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

tracking.kfc.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:64::210:6bc1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

kfcprodnecmsimage.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.212.60 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.54.161 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 161.54.241.35.bc.googleusercontent.com

tag.adaraanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.31.5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-31-5.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.137.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-137-86.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.58.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-58-216.eu-west-1.compute.amazonaws.com

www.arabytracking.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	kfc.me 1 redirects link.offers.oman.kfc.me oman.kfc.me tracking.kfc.me	2 MB
14	azureedge.net kfcqablobstorage.azureedge.net kfcprodnecmsimage.azureedge.net	2 MB
9	doubleclick.net 5 redirects 6566435.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 ad.doubleclick.net — Cisco Umbrella Rank: 175	5 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3101 adservice.google.com — Cisco Umbrella Rank: 100 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	249 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	176 KB
3	yieldoptimizer.com 1 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4663	4 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6490	562 B
2	gstatic.com fonts.gstatic.com	67 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	181 KB
2	sentry.io o455924.ingest.sentry.io	441 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	2 KB
1	arabytracking.net www.arabytracking.net	121 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 648	338 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1357	415 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1259	634 B
1	ctnsnet.com 1 redirects i.ctnsnet.com — Cisco Umbrella Rank: 5478	403 B
1	adaraanalytics.com tag.adaraanalytics.com — Cisco Umbrella Rank: 23896	388 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 394	98 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 720	394 B
1	t.co t.co — Cisco Umbrella Rank: 556	379 B
1	permutive.com api.permutive.com — Cisco Umbrella Rank: 2226	214 B
1	adsrvr.org js.adsrvr.org Failed match.adsrvr.org — Cisco Umbrella Rank: 360	265 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 725	15 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
1	wizrocketmail.net 1 redirects wizrocketmail.net — Cisco Umbrella Rank: 98379	619 B
73	28

	Domain	Requested by
14	oman.kfc.me	oman.kfc.me kfcqablobstorage.azureedge.net
13	kfcprodnecmsimage.azureedge.net	oman.kfc.me
4	ad.doubleclick.net	4 redirects
4	www.facebook.com	oman.kfc.me 6566435.fls.doubleclick.net
4	connect.facebook.net	oman.kfc.me connect.facebook.net tag.yieldoptimizer.com
3	adservice.google.com	6566435.fls.doubleclick.net
3	tag.yieldoptimizer.com	1 redirects 6566435.fls.doubleclick.net
2	dpm.demdex.net	1 redirects 6566435.fls.doubleclick.net
2	ib.adnxs.com	2 redirects
2	www.google.de	oman.kfc.me
2	region1.analytics.google.com	www.googletagmanager.com
2	tracking.kfc.me	oman.kfc.me
2	6566435.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	oman.kfc.me www.googletagmanager.com
2	o455924.ingest.sentry.io	oman.kfc.me
2	fonts.googleapis.com	oman.kfc.me
1	www.arabytracking.net	6566435.fls.doubleclick.net
1	beacon.krxd.net	6566435.fls.doubleclick.net
1	d.turn.com	1 redirects
1	sp.analytics.yahoo.com	6566435.fls.doubleclick.net
1	i.ctnsnet.com	1 redirects
1	tag.adaraanalytics.com	6566435.fls.doubleclick.net
1	idsync.rlcdn.com	6566435.fls.doubleclick.net
1	match.adsrvr.org	6566435.fls.doubleclick.net
1	cm.g.doubleclick.net	6566435.fls.doubleclick.net
1	www.google.com	oman.kfc.me
1	analytics.twitter.com	oman.kfc.me
1	t.co	oman.kfc.me
1	api.permutive.com	6566435.fls.doubleclick.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.ads-twitter.com	oman.kfc.me
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	kfcqablobstorage.azureedge.net	oman.kfc.me
1	wizrocketmail.net	1 redirects
1	link.offers.oman.kfc.me	1 redirects
0	js.adsrvr.org Failed	www.googletagmanager.com
73	38

This site contains no links.

Subject Issuer	Validity	Valid
*.kfc.me Sectigo RSA Domain Validation Secure Server CA	`2022-09-09` - `2023-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-05-17` - `2024-05-11`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-06` - `2023-09-04`	3 months	crt.sh
tracking.kfc.me GTS CA 1D4	`2023-07-22` - `2023-10-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adaraanalytics.com Go Daddy Secure Certificate Authority - G2	`2023-06-25` - `2024-07-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
www.arabytracking.net Amazon RSA 2048 M02	`2023-02-09` - `2023-11-13`	9 months	crt.sh

This page contains 3 frames:

Primary Page: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Frame ID: F6D03EEC600E5E34820BFEF1C2EB9B80
Requests: 54 HTTP requests in this frame

Frame: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023
Frame ID: E2680336ED85E0176D78FD1CAB395DCD
Requests: 18 HTTP requests in this frame

Frame: https://www.arabytracking.net/aff_l?offer_id=4115
Frame ID: 77B6E8C022C6E176172C0CAB2DE2D22B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deals | Welcome to KFC OMN - Order your meal online now!

Page URL History Show full URLs

http://link.offers.oman.kfc.me/ls/click?upn=VzqYs8yXVOReS-2FAMzl4LIbQkjWJBHtWipe7RKG3SDen-2FcYpbycK8RWnlERA... HTTP 302
https://wizrocketmail.net/r?e=K2xrHB9nYwJ6bwV9DSZgfgIFBAwpJCw8KSQseQcABAFvJhILJD8hOFtfX2s0NT0gPj8SC04B... HTTP 302
https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSals... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

73
Requests

89 %
HTTPS

41 %
IPv6

28
Domains

38
Subdomains

32
IPs

5
Countries

4080 kB
Transfer

10258 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.offers.oman.kfc.me/ls/click?upn=VzqYs8yXVOReS-2FAMzl4LIbQkjWJBHtWipe7RKG3SDen-2FcYpbycK8RWnlERAU0A9wbaUCILAv9PyTy2IUyZmUE1GvY2SUi-2FcOZpF0Lyh78MIrLb53N-2FpEqwz0-2BLcjXV5PNMv9mliIi1v74vszJe5AnZt9ia5dtX88I8N-2B9wZ-2BnK1U8gJAeA-2Bdg1sQJhrwhtfBO4GQhjLd1z6b4PHR1dKC2qzjogNA4upevM8A9VZDh27IsD95FCLmqkQOHG0gica8teakq3inSliN-2BtRZqGr8pFHrVgaQhFkid4dTR61rSQQG-2BKG5GT64Fh8baMm9KghA8FbVlhb1UlyKUv7GceSzrhC4YvoQZKd43hpT3WVMAkZWskezEaNvTOE7Vr64aOmV9-2FFVa47rPZmjulwh8L9QOVnk7A6-2BdfUxZ5OsQ892d2lAzalojfKuPyHDIlNLLyY53RDqB2hIw1XEh9W-2F1Zjwl8mfqMF6pSjGT-2FiEYn6IbvY77n53eFvBKaW-2BIpJBHQcKq01YZ8HuwJ8OO7oKMsiyEg7JFF39GBZNjALUHZ-2BnjLteaTtYaHYKyU1IitwFDJTXebD-2BID9DlBJ6ImBzz8uvZg-3D-3DJxc9_ktyqnj2HhV1hy406-2BnlxEzbj4HyPpNPhwpWS0L-2FqVXC2A0qfUSHwN47uhkzsQzPOJhkSdLTUjdiYMW8pkGjctHsVglnI0wLFt-2FY0LNUiHsrG117bGz9oh9No2yayIqhiVj0tpwEJVQHGMQMmP5FyHaxelxSfLUMBAcp-2F7PZ7WI0Y-2Boi4cOua1c4I9s2-2BnhFunMFF1Z4AHV-2FIoiGBE6sMcvLdF3-2BTdz-2Ffsdv0vC3YioDYNwtI0xCiD-2FdlsSGtnjyQJecNQ31Zj2UpMm-2BrFjc1Gi3hwxHfaTYiqkuzr50UxTbnK4jkqViPfHQ8ReL0C1s6HSnLUB98IZ8aSK-2FTyljsUSU73ADSrK2bEjclonnA5oln7orrNVR6UjURPApNnm7AI0sDd9L7PC-2BQ9GlZa7ZjfmlGEbhFCDDytNfUzOP3UwU5vZgvRVyei444FjX3xIYwWGs8Pabc6sOgTj-2FXCgBpt3oeTb-2FufCOJ-2F9lX0rSy3u8-3D HTTP 302
https://wizrocketmail.net/r?e=K2xrHB9nYwJ6bwV9DSZgfgIFBAwpJCw8KSQseQcABAFvJhILJD8hOFtfX2s0NT0gPj8SC04BTVEhPzw%2FKxQ9P1tWWFc2LjskOXoRJ1tTWlEzJilpICAgIG1ZVRZteGN9bmpmfgMIBQ0IaGJ5ZGpleQUSHRYgICAgCCo7PV1EEw51LSg5PAU2LlRRRFgjeC8%3D&r=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&c=681483168&token=Bl1eBgtbDQYBBA%3D%3D&try=1&$follow_redirect=true HTTP 302
https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://6566435.fls.doubleclick.net/activityi;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023 HTTP 302
https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023

Request Chain 35

https://tag.yieldoptimizer.com/ps/ps?t=s&p=4739&kfclp=KFC%20Analytics%20Pixel HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=331474971&t=s&p=4739&kfclp=KFC%20Analytics%20Pixel

Request Chain 36

https://ib.adnxs.com/getuid?https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=$UID&e=offsiteUserJourney&p=%257B%2522url%2522%253A%2522KFC_ALWAYS-ON_PERFORMANCE%2522%252C%2522page_type%2522%253A%2522LandingPage%2522%257D&it=appnexus HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fapi.permutive.com%2Fv2.0%2Fpx%2Ftrack%3Fk%3D40da2992-202e-46c3-bd6d-d27455ebb9ca%26i%3D%24UID%26e%3DoffsiteUserJourney%26p%3D%25257B%252522url%252522%25253A%252522KFC_ALWAYS-ON_PERFORMANCE%252522%25252C%252522page_type%252522%25253A%252522LandingPage%252522%25257D%26it%3Dappnexus HTTP 302
https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=899288530533843769&e=offsiteUserJourney&p=%7B%22url%22%3A%22KFC_ALWAYS-ON_PERFORMANCE%22%2C%22page_type%22%3A%22LandingPage%22%7D&it=appnexus

Request Chain 59

https://ad.doubleclick.net/ddm/activity/src=8835375;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8835375;dc_pre=CMnEpLuj_4ADFWFIwQod6fADIg;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8835375;dc_pre=CMnEpLuj_4ADFWFIwQod6fADIg;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 60

https://i.ctnsnet.com/int/integration?pixel=66341905&nid=2142538&cont=i&gdpr_pd={GDPR_PD}&gdpr_consent={GDPR_CONSENT_85} HTTP 302
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10144893&ea=lp

Request Chain 61

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2633709908418648498

Request Chain 62

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3017479924182 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017479924182

Request Chain 65

https://ad.doubleclick.net/ddm/activity/src=9199067;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9199067;dc_pre=CO3Yp7uj_4ADFZWMywEd8-8Jmw;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9199067;dc_pre=CO3Yp7uj_4ADFZWMywEd8-8Jmw;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 56 Show response
oman.kfc.me/en/deals/
Redirect Chain

http://link.offers.oman.kfc.me/ls/click?upn=VzqYs8yXVOReS-2FAMzl4LIbQkjWJBHtWipe7RKG3SDen-2FcYpbycK8RWnlERAU0A9wbaUCILAv9PyTy2IUyZmUE1GvY2SUi-2FcOZpF0Lyh78MIrLb53N-2FpEqwz0-2BLcjXV5PNMv9mliIi1v74vs...
https://wizrocketmail.net/r?e=K2xrHB9nYwJ6bwV9DSZgfgIFBAwpJCw8KSQseQcABAFvJhILJD8hOFtfX2s0NT0gPj8SC04BTVEhPzw%2FKxQ9P1tWWFc2LjskOXoRJ1tTWlEzJilpICAgIG1ZVRZteGN9bmpmfgMIBQ0IaGJ5ZGpleQUSHRYgICAgCCo7P...
https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

4 KB
3 KB

203ms
73ms

Document
text/html

51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a3bfd880b813037d17e8a050a3856b855d3d96dfa569c5a8aca0ac5ac600cc52

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-md5: K+1ZH3NnOL8wGvJupdj2HQ==
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 11:44:24 GMT
etag: W/"0x8DB98036AF4B309"
last-modified: Tue, 08 Aug 2023 11:34:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ms-request-id: 35e6210a-901e-008e-54a4-d93cbe000000
x-ms-version: 2018-03-28
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Aug 2023 11:44:24 GMT
Expires: 0
Location: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Pragma: no-cache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NnHPGgak-jCsoPHFQ35nCvVlI26Y2sAI0AJw-o5avn1NwTBFjq62bA==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
X-Frame-Options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 143ms
55ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 11:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 10:05:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 11:44:24 GMT

GET
H2 200 index-dev.js Show response
kfcqablobstorage.azureedge.net/loyaltysdkjs/ 34 KB
13 KB 234ms
75ms Script
application/javascript 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kfcqablobstorage.azureedge.net/loyaltysdkjs/index-dev.js
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a49853e200cc9ca556d7b52f17a0f1b2e5f4edb423a3636be879f2ea76dc8922

Request headers

Referer: https://oman.kfc.me/
Origin: https://oman.kfc.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:24 GMT
content-encoding: gzip
content-md5: NMEFPIUuH8Jgf9zwfo0pcw==
content-length: 12734
x-ms-lease-status: unlocked
pragma: no-cache
last-modified: Wed, 19 Jul 2023 10:38:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DB88443F84C26E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 26e7a613-e01e-0044-53a4-d9983d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=0, no-cache
x-ms-version: 2009-09-19
expires: Mon, 28 Aug 2023 11:44:24 GMT

GET
H2 200 2.482f9930.chunk.css
oman.kfc.me/static/css/ 2 KB
1 KB 75ms
75ms Stylesheet
text/css 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://oman.kfc.me/static/css/2.482f9930.chunk.css

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d8f6637a67a62c23e50518929efe14cf5baf484e0aa87822ad1aebbedd86b413

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
last-modified: Tue, 08 Aug 2023 11:34:25 GMT
content-md5: nPC1zStKq0nkYzFYSJ/xyA==
content-encoding: gzip
etag: W/"0x8DB98036B41B6C9"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-ms-request-id: e08d74e7-d01e-0028-4ba4-d904a0000000
cache-control: max-age=86400, no-cache
x-ms-version: 2018-03-28
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2023 11:44:24 GMT

GET
H2 200 main.d718e2d3.chunk.css
oman.kfc.me/static/css/ 526 KB
112 KB 132ms
132ms Stylesheet
text/css 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://oman.kfc.me/static/css/main.d718e2d3.chunk.css

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

58ff8ae1526ebf2b418d2ff3decb4b80171dd6c7223726f219fda921c8920972

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
last-modified: Tue, 08 Aug 2023 11:34:26 GMT
content-md5: wfeMQukg3KXpi0pYb0Cj8Q==
content-encoding: gzip
etag: W/"0x8DB98036BB43E96"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-ms-request-id: 0eff67d5-401e-0026-64a4-d9e8ab000000
cache-control: max-age=86400, no-cache
x-ms-version: 2018-03-28
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2023 11:44:24 GMT

GET
H2 200 2.ea8a56fd.chunk.js Show response
oman.kfc.me/static/js/ 2 MB
717 KB 197ms
197ms Script
application/javascript 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

839cff6cee7ae351439f23c77c24f5b6b5c5448e91751a0ead2c64ad1fc3b57a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
last-modified: Tue, 08 Aug 2023 11:34:25 GMT
content-md5: BCAmVNFGXMhfx9WxhvdOwQ==
content-encoding: gzip
etag: W/"0x8DB98036B8F0891"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-ms-request-id: ecf57994-c01e-0051-48a4-d96dea000000
cache-control: max-age=86400, no-cache
x-ms-version: 2018-03-28
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2023 11:44:24 GMT

GET
H2 200 main.9b9e8294.chunk.js Show response
oman.kfc.me/static/js/ 2 MB
741 KB 198ms
197ms Script
application/javascript 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://oman.kfc.me/static/js/main.9b9e8294.chunk.js

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d12c7546f6e505cdb20fb9078b8ebf8193b02e54e2f4d720c08f3dc7a604f11b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
last-modified: Tue, 08 Aug 2023 11:34:26 GMT
content-md5: 558bNTW+8tvXlkfnUYR6FQ==
content-encoding: gzip
etag: W/"0x8DB98036BBE2841"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-ms-request-id: d1c871d4-e01e-0009-08a4-d96991000000
cache-control: max-age=86400, no-cache
x-ms-version: 2018-03-28
x-xss-protection: 1; mode=block
expires: Tue, 29 Aug 2023 11:44:24 GMT

GET
H2 200 loyalty-config-dev.js Show response
oman.kfc.me/en/deals/sdk/ 4 KB
3 KB 110ms
110ms Script
text/html 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://oman.kfc.me/en/deals/sdk/loyalty-config-dev.js

Requested by

Host: kfcqablobstorage.azureedge.net
URL: https://kfcqablobstorage.azureedge.net/loyaltysdkjs/index-dev.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a3bfd880b813037d17e8a050a3856b855d3d96dfa569c5a8aca0ac5ac600cc52

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Origin: https://oman.kfc.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
last-modified: Tue, 08 Aug 2023 11:34:24 GMT
content-md5: K+1ZH3NnOL8wGvJupdj2HQ==
content-encoding: gzip
etag: W/"0x8DB98036AF4B309"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
x-ms-request-id: 9aec67d2-901e-00a7-14a4-d94afc000000
cache-control: no-cache
x-ms-version: 2018-03-28
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
867 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/static/css/main.d718e2d3.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

274348f82cd9e820b1ffc412a2712f87b7c23506921b0eddebea11d10b6b28f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 11:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 10:05:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Aug 2023 11:44:24 GMT

POST
H2 200 / Show response
o455924.ingest.sentry.io/api/5448207/envelope/ 2 B
333 B 145ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o455924.ingest.sentry.io/api/5448207/envelope/?sentry_key=b23834c516c34761a23cbc5938af1354&sentry_version=7&sentry_client=sentry.javascript.react%2F7.52.1

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://oman.kfc.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 316 KB
100 KB 138ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8H8WZ3

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

784504b6e81f330884ebae055bb7e1a99f72f35deaa005a9c0942f8687674e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102274
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 11:44:25 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oman.kfc.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:17:45 GMT
x-content-type-options: nosniff
age: 246400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 15:17:45 GMT

POST
H2 200 guestLogin Show response
oman.kfc.me/api/ 505 B
1 KB 101ms
101ms XHR
application/json 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oman.kfc.me/api/guestLogin
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 3861141cd0b00acd228e8155645116e857c7a8c6444e94501ad9dae4e32231b6

Request headers

deviceid: WEB1693223065014
refreshtoken
Language: En
accept-language: de-DE,de;q=0.9
authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
country: OMN
baggage: sentry-environment=production,sentry-release=KFC%20UAE%400.1.0,sentry-public_key=b23834c516c34761a23cbc5938af1354,sentry-trace_id=e6c8c885534b499298becb3c10e45511,sentry-sample_rate=0.5
sentry-trace: e6c8c885534b499298becb3c10e45511-aaec7c50b7043915-1

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
etag: W/"1f9-GO4DUdCN7TgDBMfS+ug4RLrvlgY"
x-powered-by: Express
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
content-length: 505
x-request-id: 2f4d8032-cfb9-4063-b77f-6f56930d9ebe

GET
H2 200 getAppConfig Show response
oman.kfc.me/api/ 132 KB
14 KB 125ms
125ms XHR
application/json 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oman.kfc.me/api/getAppConfig
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 8a823312931fe90afb88446419249ad5b17857d06ee998d3bb5528d8553ac24e

Request headers

deviceid: WEB1693223065014
refreshtoken
Language: En
accept-language: de-DE,de;q=0.9
authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
country: OMN
baggage: sentry-environment=production,sentry-release=KFC%20UAE%400.1.0,sentry-public_key=b23834c516c34761a23cbc5938af1354,sentry-trace_id=e6c8c885534b499298becb3c10e45511,sentry-sample_rate=0.5
sentry-trace: e6c8c885534b499298becb3c10e45511-99abd9388662a6b0-1

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"20fce-zSh3XdJItFvQCxZREONdfqzpgS4"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
x-request-id: 94246acf-286c-44e1-855c-323403f05398

POST
H2 200 getStoreList Show response
oman.kfc.me/api/ 53 KB
6 KB 80ms
79ms XHR
application/json 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oman.kfc.me/api/getStoreList
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 0b37bd127168b284eeb14447666ce4697794774142337b01e0fdcf874362d2af

Request headers

deviceid: WEB1693223065014
refreshtoken
Language: En
accept-language: de-DE,de;q=0.9
authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
country: OMN
baggage: sentry-environment=production,sentry-release=KFC%20UAE%400.1.0,sentry-public_key=b23834c516c34761a23cbc5938af1354,sentry-trace_id=e6c8c885534b499298becb3c10e45511,sentry-sample_rate=0.5
sentry-trace: e6c8c885534b499298becb3c10e45511-a547bc7ac0d48c65-1

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"d3fd-on0QatNTVFxbBK2Ijbn8YL77UsI"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
x-request-id: ad8aa4a7-2090-4de6-93ef-033584db0ae0

POST
H2 200 getMenu Show response
oman.kfc.me/api/ 1 MB
61 KB 191ms
191ms XHR
application/json 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oman.kfc.me/api/getMenu
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 4b7d6c6b0162ab6d1bf57148bc7c483cb399896372f637629d5698c8026e11dc

Request headers

deviceid: WEB1693223065014
refreshtoken
Language: En
accept-language: de-DE,de;q=0.9
authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
country: OMN
baggage: sentry-environment=production,sentry-release=KFC%20UAE%400.1.0,sentry-public_key=b23834c516c34761a23cbc5938af1354,sentry-trace_id=e6c8c885534b499298becb3c10e45511,sentry-sample_rate=0.5
sentry-trace: e6c8c885534b499298becb3c10e45511-b36b0b2ad533bc39-1

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
content-encoding: gzip
x-powered-by: Express
etag: "0x8DBA53814ADE098"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
x-request-id: a8a2ca31-b1a8-4c80-8364-9eea5d8439aa

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8H8WZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 11:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 28 Aug 2023 13:44:23 GMT

GET
H2

200

activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref... Show response
6566435.fls.doubleclick.net/ Frame E268
Redirect Chain

https://6566435.fls.doubleclick.net/activityi;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or...
https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0...

2 KB
1 KB

159ms
158ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8H8WZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

e9837123d63cb678f1abb44e5cf5974f6071c698ae5e2574555e87f91aaed6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oman.kfc.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 768
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:44:25 GMT
expires: Mon, 28 Aug 2023 11:44:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 11:44:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859068391/ 3 KB
2 KB 183ms
82ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859068391/?random=1693223065259&cv=11&fst=1693223065259&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&label=mjGrCKP40tIYEOev0ZkD&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20KFC%20-%20Order%20your%20meal%20online%20now!&auid=702953740.1693223065&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8H8WZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2622961d9b4d1b4a5de21e91ecba203e829d3662dc1f0405976c26d1920188d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1442
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 135ms
42ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230080-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 129ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 11:44:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: CXS3q4BhbHJ0gifnBsuSEjVf0PNeQbFNGzxs1Vy7Hhntanxdf8+yyxcwDi9Av2bV65IeeYq2fZhNDM9OKYio1A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET up_loader.1.1.0.js
js.adsrvr.org/ 0
0

GET
H2 200 fbevents.js Show response
tracking.kfc.me/static/ 85 KB
27 KB 149ms
49ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.kfc.me/static/fbevents.js
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ccbe5ffbfdde80c952b90e32229db6a94019099ea9bb970c830d9b7d0e5315e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:37:48 GMT
content-encoding: gzip
server: Google Frontend
age: 397
etag: "hBc_7Q"
content-type: application/javascript
x-cloud-trace-context: f2c27daf1e1394cc87411ec0c6aa52a4
cache-control: public, max-age=600
content-length: 27305
expires: Mon, 28 Aug 2023 11:47:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P0QG6C0C55&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8H8WZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

100b9f35ee3537a91f839301ea94e3f748ac6e46a86c40d74d2ee4dc5669ae52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82770
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 11:44:25 GMT

GET
H2 200 icon_address_type_delivery_grey.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/ 7 KB
7 KB 203ms
39ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/icon_address_type_delivery_grey.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3d3c7417a4cf568c671edbf60ea6dd4bdf7c0c428d84ef7557e35c48418c8aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:25 GMT
last-modified: Wed, 09 Aug 2023 06:45:41 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: vq9PzRmtUJbaV+3JoIeGyQ==
etag: 0x8DB98A43FDE530F
content-type: image/png
x-ms-request-id: 1c7f12db-601e-000b-0b30-cb46f8000000
cache-control: max-age=63881
x-ms-version: 2009-09-19
content-length: 7339

GET
H2 200 icon_address_type_self_pickup_grey.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/ 6 KB
7 KB 207ms
43ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/icon_address_type_self_pickup_grey.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3c3822e7c6cfbabfb56107f89bab107ac13446f7f2947285625799138d9527c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:25 GMT
last-modified: Wed, 09 Aug 2023 06:47:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: JT3JZqKcY9ggfB7A9jJ5Qg==
etag: 0x8DB98A474E94315
content-type: image/png
x-ms-request-id: c4a128de-501e-0142-3eba-cafa1e000000
cache-control: max-age=33529
x-ms-version: 2009-09-19
content-length: 6559

GET
H2 200 icon_address_type_dine_in_grey.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/ 7 KB
7 KB 205ms
41ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/icon_address_type_dine_in_grey.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f897f27110e1824e4fe77e21a2051416b3f609ba7fee9077e5b9ae25deda10ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:25 GMT
last-modified: Wed, 09 Aug 2023 06:54:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: a/EUJw2ACsF55Q+YuYZ4LA==
etag: 0x8DB98A588ADAD41
content-type: image/png
x-ms-request-id: 9f19d457-c01e-0150-2436-cb81ce000000
cache-control: max-age=17795
x-ms-version: 2009-09-19
content-length: 6876

GET
H2 200 emptyCart.052e2617.svg
oman.kfc.me/static/media/ 18 KB
19 KB 91ms
85ms Image
image/svg+xml 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oman.kfc.me/static/media/emptyCart.052e2617.svg

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e8035c4ddf125d0255a2b714f26db8a3a36410cc8e0b64ee45335d5ef3c0f2a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
last-modified: Tue, 08 Aug 2023 11:34:25 GMT
content-md5: BS4mF55OCukipKn27c9tFw==
etag: "0x8DB98036B4E3824"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-ms-request-id: 37fb5ffc-801e-003b-0ca4-d93141000000
cache-control: no-cache
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 18563
x-xss-protection: 1; mode=block

GET
H2 200 iJWKBXyIfDnIV7nErXyi0A.woff2
fonts.gstatic.com/s/rubik/v28/ 32 KB
32 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nErXyi0A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc857679ff68c3bd3687b79772b031af4e4c645cbf61600974883f4ff0dc332d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oman.kfc.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:04:41 GMT
x-content-type-options: nosniff
age: 196784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32372
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:26:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 05:04:41 GMT

GET
H2 200 profile Show response
oman.kfc.me/api/ 173 B
387 B 105ms
105ms XHR
application/json 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oman.kfc.me/api/profile
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 26976b45e5adf428155770ea68fae024ee0ac38845e23f18e1605a67eee3c237

Request headers

deviceid: WEB1693223065014
refreshtoken
Language: En
accept-language: de-DE,de;q=0.9
authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
country: OMN
baggage: sentry-environment=production,sentry-release=KFC%20UAE%400.1.0,sentry-public_key=b23834c516c34761a23cbc5938af1354,sentry-trace_id=e6c8c885534b499298becb3c10e45511,sentry-sample_rate=0.5
sentry-trace: e6c8c885534b499298becb3c10e45511-8066fa953d0e3015-1

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
etag: W/"ad-s040Rvb9518bTU1x3b1qHECCiCk"
x-powered-by: Express
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
content-length: 173
x-request-id: 15e53561-92c5-4b3d-af57-6db2e62f7a21

GET
H2 200 icon_address_type_delivery_col.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/ 7 KB
7 KB 148ms
41ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/imagestemp/icon_address_type_delivery_col.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a9acc916cd4b253c949ec8a8a0c3fa443452d34a8ef26618f9ee108e7a279297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:25 GMT
last-modified: Wed, 09 Aug 2023 06:53:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: K+VnaZ/ROlCELlrkNjZ9DA==
etag: 0x8DB98A5653A0D7D
content-type: image/png
x-ms-request-id: 3fad2b1b-101e-0143-10bd-caa5c2000000
cache-control: max-age=13724
x-ms-version: 2009-09-19
content-length: 7142

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 143ms
50ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P0QG6C0C55&gtm=45je38n0&_p=1578840997&_gaz=1&cid=1866321616.1693223065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693223065&sct=1&seg=0&dl=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&dt=%7C%20Welcome%20to%20KFC%20OMN%20-%20Order%20your%20meal%20online%20now!&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0QG6C0C55&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oman.kfc.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 148ms
48ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P0QG6C0C55&cid=1866321616.1693223065&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0QG6C0C55&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oman.kfc.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 168ms
77ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P0QG6C0C55&cid=1866321616.1693223065&gtm=45je38n0&aip=1&z=1259976436

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fav.c346e369.png
oman.kfc.me/static/media/ 12 KB
12 KB 146ms
145ms Image
image/png 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oman.kfc.me/static/media/fav.c346e369.png

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ab518dfcb244f33a11da704d52f95ad1d232bee947d7f53899bcca1e486f6faf

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.noonpayments.com *.facebook.net *.googletagmanager.com wzrkt.com *.azureedge.net *.googleapis.com *.cloudfront.net *.google-analytics.com *.googleadservices.com *.googleoptimize.com *.tiktok.com *.ads-twitter.com *.google.com *.clevertap-prod.com tracking.kfc.me *.clarity.ms *.doubleclick.net; object-src 'self'
content-md5: w0bjaY+aIBsCAwghoDlk2g==
content-length: 11961
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Aug 2023 11:34:25 GMT
etag: "0x8DB98036B65665A"
x-frame-options: SAMEORIGIN
content-type: image/png
x-ms-request-id: f9c223ad-001e-00a2-38a4-d9be83000000
cache-control: max-age=86400, no-cache
x-ms-version: 2018-03-28
accept-ranges: bytes
expires: Tue, 29 Aug 2023 11:44:25 GMT

POST
H2 200 fetchCart Show response
oman.kfc.me/api/ 173 B
389 B 100ms
99ms XHR
application/json 51.138.225.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oman.kfc.me/api/fetchCart
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.138.225.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 9419aa937ea315186b752714155eab0cb972b32e07c2e53da4f04eeedbfbe66d

Request headers

deviceid: WEB1693223065014
refreshtoken
Language: En
accept-language: de-DE,de;q=0.9
authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
country: OMN
baggage: sentry-environment=production,sentry-release=KFC%20UAE%400.1.0,sentry-public_key=b23834c516c34761a23cbc5938af1354,sentry-trace_id=e6c8c885534b499298becb3c10e45511,sentry-sample_rate=0.5
sentry-trace: e6c8c885534b499298becb3c10e45511-a25886357bf5ec01-1

Response headers

date: Mon, 28 Aug 2023 11:44:26 GMT
etag: W/"ad-AXRtEaYUf4jFKOG0++EHy1uLh0w"
x-powered-by: Express
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
content-length: 173
x-request-id: 066802f0-8679-42b4-a53f-0d31d53509b2

GET
H2

200

ps Show response
tag.yieldoptimizer.com/ps/ Frame E268
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=4739&kfclp=KFC%20Analytics%20Pixel
https://tag.yieldoptimizer.com/ps/ps?tc=331474971&t=s&p=4739&kfclp=KFC%20Analytics%20Pixel

2 KB
3 KB

50ms
49ms

Script
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=331474971&t=s&p=4739&kfclp=KFC%20Analytics%20Pixel
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: H2
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 6ffb5b4822ee8fca95e0c20ad82b037dbcce5afcd39272ebc3802b47d2eee8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1858
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=331474971&t=s&p=4739&kfclp=KFC%20Analytics%20Pixel
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

201

track
api.permutive.com/v2.0/px/ Frame E268
Redirect Chain

https://ib.adnxs.com/getuid?https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=$UID&e=offsiteUserJourney&p=%257B%2522url%2522%253A%2522KFC_ALWAYS-ON_PERFORMANCE%2522%2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fapi.permutive.com%2Fv2.0%2Fpx%2Ftrack%3Fk%3D40da2992-202e-46c3-bd6d-d27455ebb9ca%26i%3D%24UID%26e%3DoffsiteUserJourney%26p%3D%25257B%252522url%...
https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=899288530533843769&e=offsiteUserJourney&p=%7B%22url%22%3A%22KFC_ALWAYS-ON_PERFORMANCE%22%2C%22page_type%22%3A%22Land...

35 B
214 B

164ms
54ms

Image
image/gif

34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=899288530533843769&e=offsiteUserJourney&p=%7B%22url%22%3A%22KFC_ALWAYS-ON_PERFORMANCE%22%2C%22page_type%22%3A%22LandingPage%22%7D&it=appnexus
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:26 GMT
via: 1.1 google
server: Permutive
vary: Origin
content-type: image/gif
cache-control: private, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
an-x-request-uuid: 161bc563-3242-4fd9-a64c-bd9ab767cab9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=899288530533843769&e=offsiteUserJourney&p=%7B%22url%22%3A%22KFC_ALWAYS-ON_PERFORMANCE%22%2C%22page_type%22%3A%22LandingPage%22%7D&it=appnexus
x-proxy-origin: 80.255.7.109; 80.255.7.109; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=*;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2F...
adservice.google.com/ddm/fls/z/ Frame E268 42 B
401 B 248ms
150ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=*;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023

Requested by

Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 421-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 261 KB
261 KB 46ms
45ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/421-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b75a385bf59bf586d1e0a682f3f4738b79b0a39db2f9606e4014554c3b175bc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: h6W6kqFa6SoqH4YsCn6Zuw==
etag: 0x8DBA25984E1BFB8
content-type: image/png
x-ms-request-id: 8a1a6843-d01e-0173-6bce-d41b0d000000
cache-control: max-age=67046
x-ms-version: 2009-09-19
content-length: 266928

GET
H2 200 418-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 175 KB
175 KB 137ms
136ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/418-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1aec27339dd00a04c6d9f607585b058ec0674efbf81bdda3f6e0aad2e768306a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: MUp7/bDEhi3Qt10zNtOqIg==
etag: 0x8DBA25984CD7736
content-type: image/png
x-ms-request-id: 6a9d4219-001e-00e9-40ce-d47bd9000000
cache-control: max-age=61337
x-ms-version: 2009-09-19
content-length: 179192

GET
H2 200 417-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 205 KB
206 KB 115ms
114ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/417-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 321823b43c6edf8d9202b72d8818c4480fded34e5d98db72d9c87174d972d5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: T6Jm9xzBnai0O1/v/+vWBQ==
etag: 0x8DBA25984B31507
content-type: image/png
x-ms-request-id: 61887c9b-401e-00c7-2373-d929ce000000
cache-control: max-age=61323
x-ms-version: 2009-09-19
content-length: 210303

GET
H2 200 414-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 218 KB
219 KB 106ms
105ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/414-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 71e1866ff19423393fed4892bd998700f2a215be198c0b4a3bb0f8137a005e13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: P3S5AjfYn04cfe7vRWcoaQ==
etag: 0x8DBA25984A0C80D
content-type: image/png
x-ms-request-id: 7ceea355-a01e-00e0-47e6-d83e0a000000
cache-control: max-age=82479
x-ms-version: 2009-09-19
content-length: 223376

GET
H2 200 411-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 203 KB
204 KB 56ms
56ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/411-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 52f425971f6a4fe172e8019a0cc8948fa50ce6253858b7b3edc6f3230c23599e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ufvcHY5ZnjQPjhu+EaaJ9w==
etag: 0x8DBA2598484DF72
content-type: image/png
x-ms-request-id: db94de21-b01e-0055-6f73-d9ad18000000
cache-control: max-age=61419
x-ms-version: 2009-09-19
content-length: 208094

GET
H2 200 408-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 200 KB
200 KB 98ms
97ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/408-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1bb179396ead081f3f597fb64a720fc5b6ce132e347f21515e2bf0de7d288777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: IGeJAzp6lp9ja5CufCI3dA==
etag: 0x8DBA25984730792
content-type: image/png
x-ms-request-id: 5d8219f1-f01e-0180-0cce-d4bc98000000
cache-control: max-age=61375
x-ms-version: 2009-09-19
content-length: 204607

GET
H2 200 405-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 207 KB
207 KB 181ms
180ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/405-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cc35450753977da619f1ed175cdd3bd03502c580f1456c83ea9b74890dc0e3e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 3ZynOZPGtC2ERZ01GJCUdw==
etag: 0x8DBA2598463C76D
content-type: image/png
x-ms-request-id: ab3dad31-c01e-011d-0373-d94e22000000
cache-control: max-age=61468
x-ms-version: 2009-09-19
content-length: 211508

GET
H2 200 402-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 204 KB
204 KB 88ms
88ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/402-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: df407efa812cf3735b82886d378d3d9f7c8c6b2990a1047928dec4db8485ee25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZDjSXNc/GNK46do4FIjYOw==
etag: 0x8DBA2598444D203
content-type: image/png
x-ms-request-id: 3495b06e-e01e-00f1-26ce-d4a4be000000
cache-control: max-age=67118
x-ms-version: 2009-09-19
content-length: 208866

GET
H2 200 397-Combo.png
kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/ 169 KB
169 KB 177ms
177ms Image
image/png 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kfcprodnecmsimage.azureedge.net/cmsimages/kfc/omn/desktop/imagestemp/397-Combo.png
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cab1e5ee0aae100868921e3daf06a49bafc7ae1cd2afa6a8617c71c17d9ab352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Aug 2023 11:44:26 GMT
last-modified: Fri, 11 Aug 2023 06:40:25 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: fawQKqw5yZw3NklsbWDONw==
etag: 0x8DB9A35D832A43B
content-type: image/png
x-ms-request-id: 8a5eb3c5-d01e-0098-1720-cc9df2000000
cache-control: max-age=61451
x-ms-version: 2009-09-19
content-length: 172962

GET
H2 200 adsct
t.co/i/ 43 B
379 B 325ms
225ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=7e1db0a5-12fb-4cbe-9bb2-2cba72d4021b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8e844db9-96bb-4cde-b0f8-adce142d00f2&tw_document_href=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1h3&type=javascript&version=2.3.29

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time: 179
date: Mon, 28 Aug 2023 11:44:26 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 093aae6f2923f0b5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 48bb002c1131b677d8d45bff749fb2493c076cc2f77e9df23c28339befa23f06
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 270ms
161ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7e1db0a5-12fb-4cbe-9bb2-2cba72d4021b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8e844db9-96bb-4cde-b0f8-adce142d00f2&tw_document_href=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1h3&type=javascript&version=2.3.29

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 28 Aug 2023 11:44:25 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e2c3ea4d0884d637
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: b4ee8c30aecaf0601a6d9885dba230344effeeb6fdec6c088d7d6e5deaf90906
content-length: 43

GET
H2 200 678351893330633 Show response
connect.facebook.net/signals/config/ 136 KB
35 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/678351893330633?v=2.9.125&r=stable&domain=oman.kfc.me

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19e310a464ea5a7808826a629dd4e512590cc6e1f26cee03176c883a093a2179

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 11:44:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35914
x-xss-protection: 0
pragma: public
x-fb-debug: 9TgKCt13BRZhEfd8FIHS0Atem32dNNd8ViQxbZeApNIy8THCG2WSB8UGXD7MwkFjooFOhqXqsCdNvkPguCmgKQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
tracking.kfc.me/tr/ 35 B
193 B 2485ms
2483ms Image
image/gif 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.kfc.me/tr/?id=678351893330633&ev=PageView&dl=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&rl=&if=false&ts=1693223066350&cd[external_id]=20230828&cd[em]=&cd[ph]=&cd[fn]=&cd[db]=&cd[ln]=&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=28&it=1693223066349&coo=false&eid=20230828134425.fb.1.1&rqm=GET
Requested by: Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:28 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 635dcba9412294558c31911f42a1d177
cache-control: no-cache, no-store, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/859068391/ 42 B
455 B 167ms
61ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859068391/?random=1693223065259&cv=11&fst=1693220400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&label=mjGrCKP40tIYEOev0ZkD&frm=0&tiba=Welcome%20to%20KFC%20-%20Order%20your%20meal%20online%20now!&fmt=3&is_vtc=1&random=895912875&rmt_tld=0&ipr=y

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/859068391/ 42 B
154 B 54ms
53ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/859068391/?random=1693223065259&cv=11&fst=1693220400000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&label=mjGrCKP40tIYEOev0ZkD&frm=0&tiba=Welcome%20to%20KFC%20-%20Order%20your%20meal%20online%20now!&fmt=3&is_vtc=1&random=895912875&rmt_tld=1&ipr=y

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 145ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=678351893330633&ev=PageView&dl=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&rl=&if=false&ts=1693223066391&cd[external_id]=20230828&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693223066377.2040061082&it=1693223066223&coo=false&eid=20230828134425.fb.1.1&rqm=GET

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 11:44:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame E268 193 KB
51 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tag.yieldoptimizer.com
URL: https://tag.yieldoptimizer.com/ps/ps?t=s&p=4739&kfclp=KFC%20Analytics%20Pixel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 11:44:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: eVolMHKmBCqTRZO/f0G+Vf6xqX021QBmz4+BnlEPsDwlN5uWre53q5futJ5SqZmt1J3yTUwVQ5hYoN7QMlUl2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E268 170 B
409 B 181ms
56ms Image
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MzAxNzQ3OTkyNDE4Mg&google_sc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E268 70 B
265 B 191ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 451 394499.gif
idsync.rlcdn.com/ Frame E268 0
98 B 161ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3017479924182
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:44:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 aasync
tag.adaraanalytics.com/ps/ Frame E268 0
388 B 160ms
49ms Image
text/plain 35.241.54.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.adaraanalytics.com/ps/aasync?ckid=MzAxNzQ3OTkyNDE4MnwxNjkzMjIzMDY2Mzgz
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.54.161 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 161.54.241.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

src=8835375;dc_pre=CMnEpLuj_4ADFWFIwQod6fADIg;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Frame E268
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8835375;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8835375;dc_pre=CMnEpLuj_4ADFWFIwQod6fADIg;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8835375;dc_pre=CMnEpLuj_4ADFWFIwQod6fADIg;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

145ms
144ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8835375;dc_pre=CMnEpLuj_4ADFWFIwQod6fADIg;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8835375;dc_pre=CMnEpLuj_4ADFWFIwQod6fADIg;type=invmedia;cat=kfcrt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spp.pl
sp.analytics.yahoo.com/ Frame E268
Redirect Chain

https://i.ctnsnet.com/int/integration?pixel=66341905&nid=2142538&cont=i&gdpr_pd={GDPR_PD}&gdpr_consent={GDPR_CONSENT_85}
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10144893&ea=lp

43 B
634 B

188ms
61ms

Image
image/gif

212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10144893&ea=lp

Requested by

Protocol

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 28 Aug 2023 11:44:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10144893&ea=lp
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame E268
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2633709908418648498

43 B
68 B

51ms
50ms

Image
image/gif

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2633709908418648498
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: H3
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=2633709908418648498
pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E268
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3017479924182
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017479924182

42 B
942 B

59ms
59ms

Image
image/gif

63.35.31.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017479924182

Requested by

Protocol

HTTP/1.1

Server

63.35.31.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-31-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0db816301.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: K2Nd0r7HQhw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-0bd09cf27.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /5iUXA08RI0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=3017479924182
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E268 0
338 B 197ms
56ms Image
text/plain 52.215.137.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=3017479924182
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.137.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-137-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: beacon-n011-dub-prod.krxd.net
date: Mon, 28 Aug 2023 11:44:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=94 t=1693223066
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 404
Not Found aff_l Show response
www.arabytracking.net/ Frame 77B6 0
121 B 257ms
55ms Document
text/plain 54.77.58.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.arabytracking.net/aff_l?offer_id=4115
Requested by: Host: 6566435.fls.doubleclick.net
URL: https://6566435.fls.doubleclick.net/activityi;dc_pre=CPH23bqj_4ADFbgZaAgdUb4PkA;src=6566435;type=oman_0;cat=kfc_o0;ord=3008818168178;auiddc=702953740.1693223065;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.58.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-58-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://6566435.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Aug 2023 11:44:26 GMT
Server: nginx

GET
H3

200

src=9199067;dc_pre=CO3Yp7uj_4ADFZWMywEd8-8Jmw;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843
adservice.google.com/ddm/fls/z/ Frame E268
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9199067;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843?
https://ad.doubleclick.net/ddm/activity/src=9199067;dc_pre=CO3Yp7uj_4ADFZWMywEd8-8Jmw;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843?
https://adservice.google.com/ddm/fls/z/src=9199067;dc_pre=CO3Yp7uj_4ADFZWMywEd8-8Jmw;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843

42 B
63 B

143ms
142ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9199067;dc_pre=CO3Yp7uj_4ADFZWMywEd8-8Jmw;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843

Requested by

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9199067;dc_pre=CO3Yp7uj_4ADFZWMywEd8-8Jmw;type=invmedia;cat=kfc20006;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1657154284283.3843
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2285025484888799 Show response
connect.facebook.net/signals/config/ Frame E268 148 KB
38 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2285025484888799?v=2.9.125&r=stable&domain=oman.kfc.me

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd3c94ea1bdd1bac40169c9c44580ae2ba57ea8ef3c7626de331478bb6b6ee21

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 11:44:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 38885
x-xss-protection: 0
pragma: public
x-fb-debug: G8GeWBgXKTDesqyY16va6hazF+Nsn0/EZRnf0+G4AxKaJOY6O3ol9i+v5opFPxy81r71+ntdzugLt+3mziIViw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame E268 0
31 B 40ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2285025484888799&ev=kv&dl=https%3A%2F%2F6566435.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPH23bqj_4ADFbgZaAgdUb4PkA%3Bsrc%3D6566435%3Btype%3Doman_0%3Bcat%3Dkfc_o0%3Bord%3D3008818168178%3Bauiddc%3D702953740.1693223065%3Bgtm%3D45He38n0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Foman.kfc.me%252Fen%252Fdeals%252F56%253Futm_source%253DEmail%2526utm_medium%253DCRM%2526utm_campaign%253DEmail_FireStormSalsa_10-07-2023%3F&rl=https%3A%2F%2Foman.kfc.me%2F&if=true&ts=1693223066655&cd[key33218]=NDdlZ25kY3pvcWVlMmk4&cd[ckid]=3017479924182&cd[group]=2&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&it=1693223066595&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 11:44:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
o455924.ingest.sentry.io/api/5448207/envelope/ 41 B
108 B 81ms
81ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o455924.ingest.sentry.io/api/5448207/envelope/?sentry_key=b23834c516c34761a23cbc5938af1354&sentry_version=7&sentry_client=sentry.javascript.react%2F7.52.1

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/static/js/2.ea8a56fd.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f568f579a4168fd60f25620a15d647351ce632d15b4e15a77b5421cd987c02f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://oman.kfc.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 11:44:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=678351893330633&ev=Microdata&dl=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&rl=&if=false&ts=1693223067895&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Deals%20%7C%20Welcome%20to%20KFC%20OMN%20-%20Order%20your%20meal%20online%20now!%22%2C%22meta%3Adescription%22%3A%22Order%20great%20tasting%20fried%20chicken%2C%20sandwiches%20%26%20family%20meals%20online%20with%20KFC%20Delivery.%20Attractive%20combos%20%26%20deals%20available%20from%20our%20menu%20for%20a%20%27so%20good%27%20feast!%22%2C%22meta%3Akeywords%22%3A%22Deals%2CKFC%20delivery%2CKentucky%20burger%2Cfried%20chicken%2Corder%20food%20online%20%2C%20Muscat%2CSohar%2Cfast%20food%20restaurant%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693223066377.2040061082&it=1693223066223&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 11:44:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ Frame E268 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2285025484888799&ev=Microdata&dl=https%3A%2F%2F6566435.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPH23bqj_4ADFbgZaAgdUb4PkA%3Bsrc%3D6566435%3Btype%3Doman_0%3Bcat%3Dkfc_o0%3Bord%3D3008818168178%3Bauiddc%3D702953740.1693223065%3Bgtm%3D45He38n0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Foman.kfc.me%252Fen%252Fdeals%252F56%253Futm_source%253DEmail%2526utm_medium%253DCRM%2526utm_campaign%253DEmail_FireStormSalsa_10-07-2023%3F&rl=https%3A%2F%2Foman.kfc.me%2F&if=true&ts=1693223068158&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&it=1693223066595&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: oman.kfc.me
URL: https://oman.kfc.me/en/deals/56?utm_source=Email&utm_medium=CRM&utm_campaign=Email_FireStormSalsa_10-07-2023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6566435.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 11:44:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P0QG6C0C55&gtm=45je38n0&_p=1578840997&cid=1866321616.1693223065&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dt=%2Fen%2Fdeals%2F56&dl=https%3A%2F%2Foman.kfc.me%2Fen%2Fdeals%2F56%3Futm_source%3DEmail%26utm_medium%3DCRM%26utm_campaign%3DEmail_FireStormSalsa_10-07-2023&sid=1693223065&sct=1&seg=1&en=page_view&ep.page_type=deals%2056&ep.user_type=guest&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0QG6C0C55&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oman.kfc.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 11:44:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oman.kfc.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oman.kfc.me/	1970-01-20 23:05:59	Name: _d Value: WEB1693223065014
oman.kfc.me/	1970-01-20 23:05:59	Name: t Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXZpY2VpZCI6IldFQjE2OTMyMjMwNjUwMTQiLCJkZXZpY2V0eXBlIjoiV0VCIiwidG9rZW5UeXBlIjoiR1VFU1RfQVVUSCIsImlzR3Vlc3QiOjEsImNvdW50cnkiOiJPTU4iLCJicmFuZCI6IktGQyIsImFwaVZlcnNpb24iOiJ2MyIsImlkIjoiNjRlYzg4OTk3YmE0OGYwMDFiMDZlY2JlIiwiYXBwYnVuZGxlIjoiY29tLmtmYy5tZSIsImV4cCI6MTY5MzIzMTcwNTA4NiwiaWF0IjoxNjkzMjIzMDY1fQ.aWuR1yigg8FSaDf_4CC-f8bRtzF0z4ufPT5cw2RgJuY
oman.kfc.me/	1970-01-20 23:05:59	Name: _t Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXZpY2VpZCI6IldFQjE2OTMyMjMwNjUwMTQiLCJkZXZpY2V0eXBlIjoiV0VCIiwidG9rZW5UeXBlIjoiUkVGUkVTSF9BVVRIIiwiaXNHdWVzdCI6MSwiY291bnRyeSI6Ik9NTiIsImJyYW5kIjoiS0ZDIiwiYXBpVmVyc2lvbiI6InYzIiwiaWQiOiI2NGVjODg5OTdiYTQ4ZjAwMWIwNmVjYmUiLCJhcHBidW5kbGUiOiJjb20ua2ZjLm1lIiwiaWF0IjoxNjkzMjIzMDY1fQ.EIDlL09r6YfAE0p6K_tOlgfuz2wnsnrWQno_f1ED9bE
oman.kfc.me/	1970-01-20 23:05:59	Name: country Value: OMN
.kfc.me/	1970-01-20 16:29:59	Name: _gcl_au Value: 1.1.702953740.1693223065
oman.kfc.me/	1969-12-31 23:59:59	Name: itpValue Value: False
.kfc.me/	1970-01-20 23:56:23	Name: _ga Value: GA1.1.1866321616.1693223065
.kfc.me/	1970-01-20 23:56:23	Name: _ga_P0QG6C0C55 Value: GS1.1.1693223065.1.1.1693223065.60.0.0
.doubleclick.net/	1970-01-20 23:41:59	Name: IDE Value: AHWqTUnwKGS8LLDyR7VfG1tgRs-gea6bjJMjSIlTsYXqXmovwJdrLsYlwKaXQQSNdb8
.oman.kfc.me/	1970-01-20 23:56:23	Name: _ga Value: GA1.3.1866321616.1693223065
.oman.kfc.me/	1970-01-20 14:21:49	Name: _gid Value: GA1.3.1933890544.1693223066
.yieldoptimizer.com/	1970-01-20 23:05:59	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 23:05:59	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 23:05:59	Name: cktst Value: 331474971
.adnxs.com/	1970-01-20 16:29:59	Name: uuid2 Value: 899288530533843769
.kfc.me/	1970-01-20 16:29:59	Name: _fbp Value: fb.1.1693223066377.2040061082
.yieldoptimizer.com/	1970-01-20 23:05:59	Name: ckid Value: 3017479924182
.yieldoptimizer.com/	1970-01-20 23:05:59	Name: ph Value: %7B%22p%22%3A%5B1025%2C1475%2C1203%2C39%2C1305%2C1385%2C1034%2C1084%2C1022%5D%2C%22t%22%3A%5B128459%2C128459%2C128459%2C128459%2C128459%2C128459%2C128459%2C128459%2C128459%5D%7D
.yieldoptimizer.com/	1970-01-20 23:05:59	Name: fbh0 Value: %7B%224739%22%3A%221693309466383%22%7D
.twitter.com/	1970-01-20 23:56:23	Name: personalization_id Value: "v1_fS3NRep9kdnmFbzdTsbkFQ=="
.t.co/	1970-01-20 23:56:23	Name: muc_ads Value: c6095da0-a435-4ff5-baff-d5c481dbf4ae
.adaraanalytics.com/	1970-01-20 23:05:59	Name: ckid Value: 3017479924182
.adaraanalytics.com/	1970-01-20 23:05:59	Name: aackid Value: 3017479924182
.ctnsnet.com/	1970-01-20 23:05:59	Name: cid_546af09a5b374d78a03ca08613b62851 Value: 1
.demdex.net/	1970-01-20 18:39:35	Name: demdex Value: 21751092829005597584419341476913407092
.dpm.demdex.net/	1970-01-20 18:39:35	Name: dpm Value: 21751092829005597584419341476913407092
.yahoo.com/	1970-01-20 23:06:20	Name: A3 Value: d=AQABBJqI7GQCELpkucASNW6r-anFOATDHGUFEgEBAQHa7WT2ZOAYyiMA_eMAAA&S=AQAAAuO4JqHF3GVZQm3r3Pt8lEI
.krxd.net/	1970-01-20 18:39:35	Name: _kuid_ Value: PwxbduJK
.turn.com/	1970-01-20 18:39:35	Name: uid Value: 2633709908418648498
.yieldoptimizer.com/	1970-01-20 23:05:59	Name: dph Value: %7B%22t%22%3A%5B128459%2C128459%5D%2C%22dp%22%3A%5B4739%2C4889%5D%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://oman.kfc.me/en/deals/sdk/loyalty-config-dev.js Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html". Strict MIME type checking is enforced for module scripts per HTML spec.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8H8WZ3(Line 77) Message: Refused to load the script 'https://js.adsrvr.org/up_loader.1.1.0.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://idsync.rlcdn.com/394499.gif?partner_uid=3017479924182 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.arabytracking.net/aff_l?offer_id=4115 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' .noonpayments.com .facebook.net .googletagmanager.com wzrkt.com .azureedge.net .googleapis.com .cloudfront.net .google-analytics.com .googleadservices.com .googleoptimize.com .tiktok.com .ads-twitter.com .google.com .clevertap-prod.com tracking.kfc.me .clarity.ms *.doubleclick.net; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6566435.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
analytics.twitter.com
api.permutive.com
beacon.krxd.net
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ctnsnet.com
ib.adnxs.com
idsync.rlcdn.com
js.adsrvr.org
kfcprodnecmsimage.azureedge.net
kfcqablobstorage.azureedge.net
link.offers.oman.kfc.me
match.adsrvr.org
o455924.ingest.sentry.io
oman.kfc.me
region1.analytics.google.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.adaraanalytics.com
tag.yieldoptimizer.com
tracking.kfc.me
wizrocketmail.net
www.arabytracking.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
js.adsrvr.org
104.244.42.197
104.244.42.3
142.250.185.198
143.204.98.122
146.75.116.157
167.89.118.52
172.217.23.102
172.217.23.98
185.89.210.153
2001:4860:4802:32::36
2001:4860:4802:38::15
212.82.100.181
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c0b::9c
2a02:26f0:64::210:6bb9
2a02:26f0:64::210:6bc1
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.33.220.150
34.107.254.252
34.120.195.249
35.186.193.173
35.186.212.60
35.241.54.161
35.244.174.68
46.228.164.13
51.138.225.27
52.215.137.86
54.77.58.216
63.35.31.5
0b37bd127168b284eeb14447666ce4697794774142337b01e0fdcf874362d2af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
100b9f35ee3537a91f839301ea94e3f748ac6e46a86c40d74d2ee4dc5669ae52
19e310a464ea5a7808826a629dd4e512590cc6e1f26cee03176c883a093a2179
1aec27339dd00a04c6d9f607585b058ec0674efbf81bdda3f6e0aad2e768306a
1bb179396ead081f3f597fb64a720fc5b6ce132e347f21515e2bf0de7d288777
2622961d9b4d1b4a5de21e91ecba203e829d3662dc1f0405976c26d1920188d7
26976b45e5adf428155770ea68fae024ee0ac38845e23f18e1605a67eee3c237
274348f82cd9e820b1ffc412a2712f87b7c23506921b0eddebea11d10b6b28f6
321823b43c6edf8d9202b72d8818c4480fded34e5d98db72d9c87174d972d5ed
3861141cd0b00acd228e8155645116e857c7a8c6444e94501ad9dae4e32231b6
3c3822e7c6cfbabfb56107f89bab107ac13446f7f2947285625799138d9527c4
3d3c7417a4cf568c671edbf60ea6dd4bdf7c0c428d84ef7557e35c48418c8aa6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4b7d6c6b0162ab6d1bf57148bc7c483cb399896372f637629d5698c8026e11dc
52f425971f6a4fe172e8019a0cc8948fa50ce6253858b7b3edc6f3230c23599e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58ff8ae1526ebf2b418d2ff3decb4b80171dd6c7223726f219fda921c8920972
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ffb5b4822ee8fca95e0c20ad82b037dbcce5afcd39272ebc3802b47d2eee8b1
71e1866ff19423393fed4892bd998700f2a215be198c0b4a3bb0f8137a005e13
784504b6e81f330884ebae055bb7e1a99f72f35deaa005a9c0942f8687674e5c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839cff6cee7ae351439f23c77c24f5b6b5c5448e91751a0ead2c64ad1fc3b57a
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8a823312931fe90afb88446419249ad5b17857d06ee998d3bb5528d8553ac24e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9419aa937ea315186b752714155eab0cb972b32e07c2e53da4f04eeedbfbe66d
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a3bfd880b813037d17e8a050a3856b855d3d96dfa569c5a8aca0ac5ac600cc52
a49853e200cc9ca556d7b52f17a0f1b2e5f4edb423a3636be879f2ea76dc8922
a9acc916cd4b253c949ec8a8a0c3fa443452d34a8ef26618f9ee108e7a279297
ab518dfcb244f33a11da704d52f95ad1d232bee947d7f53899bcca1e486f6faf
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b75a385bf59bf586d1e0a682f3f4738b79b0a39db2f9606e4014554c3b175bc5
bc857679ff68c3bd3687b79772b031af4e4c645cbf61600974883f4ff0dc332d
bd3c94ea1bdd1bac40169c9c44580ae2ba57ea8ef3c7626de331478bb6b6ee21
cab1e5ee0aae100868921e3daf06a49bafc7ae1cd2afa6a8617c71c17d9ab352
cc35450753977da619f1ed175cdd3bd03502c580f1456c83ea9b74890dc0e3e1
ccbe5ffbfdde80c952b90e32229db6a94019099ea9bb970c830d9b7d0e5315e7
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d12c7546f6e505cdb20fb9078b8ebf8193b02e54e2f4d720c08f3dc7a604f11b
d8f6637a67a62c23e50518929efe14cf5baf484e0aa87822ad1aebbedd86b413
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df407efa812cf3735b82886d378d3d9f7c8c6b2990a1047928dec4db8485ee25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8035c4ddf125d0255a2b714f26db8a3a36410cc8e0b64ee45335d5ef3c0f2a1
e9837123d63cb678f1abb44e5cf5974f6071c698ae5e2574555e87f91aaed6c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f568f579a4168fd60f25620a15d647351ce632d15b4e15a77b5421cd987c02f6
f897f27110e1824e4fe77e21a2051416b3f609ba7fee9077e5b9ae25deda10ba

oman.kfc.me Open in urlscan Pro 51.138.225.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

89 %HTTPS

41 %IPv6

28 Domains

38 Subdomains

32 IPs

5 Countries

4080 kBTransfer

10258 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

oman.kfc.me Open in urlscan Pro
51.138.225.27 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

89 %
HTTPS

41 %
IPv6

28
Domains

38
Subdomains

32
IPs

5
Countries

4080 kB
Transfer

10258 kB
Size

30
Cookies

73 HTTP transactions
0 data transactions