www.metrotimes.com Open in urlscan Pro
209.104.5.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Submission: On May 17 via manual (May 17th 2021, 7:12:02 am UTC) from US

Summary HTTP 218 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 33 domains to perform 218 HTTP transactions. The main IP is 209.104.5.202, located in Tucson, United States and belongs to LOGIN, US. The main domain is www.metrotimes.com.
TLS certificate: Issued by R3 on May 1st 2021. Valid for: 3 months.

This is the only time www.metrotimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	209.104.5.202 209.104.5.202	22772 (LOGIN) (LOGIN)
5	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
7	209.104.5.204 209.104.5.204	22772 (LOGIN) (LOGIN)
9	209.104.5.203 209.104.5.203	22772 (LOGIN) (LOGIN)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:ea00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4771	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:3c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
3	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
8	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
4	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700:20:... 2606:4700:20::681a:178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
3	2600:9000:219... 2600:9000:2190:7c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:20:... 2606:4700:20::ac43:48fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	52.207.46.124 52.207.46.124	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	35.170.115.227 35.170.115.227	14618 (AMAZON-AES) (AMAZON-AES)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
3	2600:1901:0:a... 2600:1901:0:a175::	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:2c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.217.170.17 52.217.170.17	16509 (AMAZON-02) (AMAZON-02)
1	52.217.106.246 52.217.106.246	16509 (AMAZON-02) (AMAZON-02)
1	52.30.148.233 52.30.148.233	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4	37.252.167.215 37.252.167.215	29990 (ASN-APPNEX) (ASN-APPNEX)
4	3.125.100.70 3.125.100.70	16509 (AMAZON-02) (AMAZON-02)
2	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2	54.195.94.143 54.195.94.143	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
8	52.57.141.238 52.57.141.238	16509 (AMAZON-02) (AMAZON-02)
2	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
218	55

27 209.104.5.202 (Tucson, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

www.metrotimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.104.5.204 (Tucson, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media1.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 209.104.5.203 (Tucson, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media2.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:ea00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4771 (United States)

ASN13335 (CLOUDFLARENET, US)

us.commitchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:3c0 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gadget.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:4e42:1b::622 (United States)

ASN54113 (FASTLY, US)

e.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
reader3.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
layers.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:178 (United States)

ASN13335 (CLOUDFLARENET, US)

photos.metrotimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2190:7c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:20::ac43:48fb (United States)

ASN13335 (CLOUDFLARENET, US)

gadget.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.46.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-46-124.compute-1.amazonaws.com

issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.115.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-115-227.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:a175:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

pingback.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:2c0 (United States)

ASN13335 (CLOUDFLARENET, US)

api.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.217.170.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

development-cms-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.106.246 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.148.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.167.215 (Bethnal Green, United Kingdom)

ASN29990 (ASN-APPNEX, US)

rb.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.125.100.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-100-70.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-94-143.eu-west-1.compute.amazonaws.com

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.57.141.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	pico.tools widget.pico.tools gadget.pico.tools api.pico.tools images.pico.tools	3 MB
35	metrotimes.com www.metrotimes.com photos.metrotimes.com	668 KB
16	fdncms.com media1.fdncms.com media2.fdncms.com	1 MB
14	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	221 KB
9	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	399 KB
8	issuu.com e.issuu.com issuu.com pingback.issuu.com	403 KB
7	facebook.com www.facebook.com	148 KB
7	google.com apis.google.com www.google.com accounts.google.com adservice.google.com	57 KB
6	adnxs-simple.com acdn.adnxs-simple.com rb.adnxs-simple.com	88 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com ams1-ib.adnxs.com	46 KB
6	amazonaws.com development-cms-assets.s3.amazonaws.com s3.amazonaws.com	173 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
6	gstatic.com fonts.gstatic.com ssl.gstatic.com csi.gstatic.com	100 KB
5	isu.pub reader3.isu.pub assets.isu.pub layers.isu.pub image.isu.pub	567 KB
5	moatads.com z.moatads.com px.moatads.com	89 KB
4	advertising.com ads.adaptv.advertising.com	3 KB
4	quantserve.com secure.quantserve.com pixel.quantserve.com	27 KB
4	facebook.net connect.facebook.net	161 KB
3	quantcount.com rules.quantcount.com	3 KB
3	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	49 KB
3	google-analytics.com www.google-analytics.com	38 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	129 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	unpkg.com unpkg.com	41 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	6 KB
2	addthis.com s7.addthis.com	190 KB
2	commitchange.com us.commitchange.com	4 KB
2	consensu.org quantcast.mgr.consensu.org	66 KB
1	trackcmp.net trackcmp.net	271 B
1	google.de www.google.de	107 B
1	addthisedge.com v1.addthisedge.com	609 B
1	2mdn.net s0.2mdn.net	17 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
218	33

	Domain	Requested by
28	gadget.pico.tools	widget.pico.tools gadget.pico.tools
27	www.metrotimes.com	www.metrotimes.com
9	media2.fdncms.com	www.metrotimes.com
8	trk.vidible.tv
8	photos.metrotimes.com	www.metrotimes.com photos.metrotimes.com
7	www.facebook.com	connect.facebook.net www.metrotimes.com www.facebook.com
7	media1.fdncms.com	www.metrotimes.com
6	api.pico.tools	gadget.pico.tools
5	development-cms-assets.s3.amazonaws.com	gadget.pico.tools development-cms-assets.s3.amazonaws.com
5	fonts.googleapis.com	www.metrotimes.com gadget.pico.tools
4	cdn-ssl.vidible.tv	acds.prod.vidible.tv cdn-ssl.vidible.tv
4	ads.adaptv.advertising.com	acdn.adnxs-simple.com cdn-ssl.vidible.tv
4	rb.adnxs-simple.com	acdn.adnxs-simple.com
4	platform.twitter.com	www.metrotimes.com platform.twitter.com
4	connect.facebook.net	www.metrotimes.com connect.facebook.net
3	pingback.issuu.com	e.issuu.com
3	rules.quantcount.com	secure.quantserve.com
3	z.moatads.com	s7.addthis.com cdn-ssl.vidible.tv
3	secure.quantserve.com	quantcast.mgr.consensu.org www.metrotimes.com e.issuu.com
3	e.issuu.com	www.metrotimes.com e.issuu.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.metrotimes.com www.google-analytics.com e.issuu.com
2	ams1-ib.adnxs.com
2	px.moatads.com
2	acds.prod.vidible.tv	acdn.adnxs-simple.com
2	acdn.adnxs.com	acdn.adnxs-simple.com
2	acdn.adnxs-simple.com	tpc.googlesyndication.com
2	tpc.googlesyndication.com	imasdk.googleapis.com
2	csi.gstatic.com	imasdk.googleapis.com
2	ib.adnxs.com	imasdk.googleapis.com
2	adservice.google.com	imasdk.googleapis.com
2	images.pico.tools	www.metrotimes.com gadget.pico.tools
2	syndication.twitter.com	platform.twitter.com www.metrotimes.com
2	layers.isu.pub	e.issuu.com
2	issuu.com	e.issuu.com
2	ajax.googleapis.com	photos.metrotimes.com
2	unpkg.com	e.issuu.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	s7.addthis.com	www.metrotimes.com s7.addthis.com
2	apis.google.com	www.metrotimes.com apis.google.com
2	us.commitchange.com	www.metrotimes.com us.commitchange.com
2	securepubads.g.doubleclick.net	www.metrotimes.com securepubads.g.doubleclick.net
2	quantcast.mgr.consensu.org	www.metrotimes.com quantcast.mgr.consensu.org
2	imasdk.googleapis.com	www.metrotimes.com imasdk.googleapis.com
1	insight.adsrvr.org	js.adsrvr.org
1	s3.amazonaws.com	gadget.pico.tools
1	pixel.quantserve.com	www.metrotimes.com
1	image.isu.pub	www.metrotimes.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	assets.isu.pub	e.issuu.com
1	ssl.gstatic.com	accounts.google.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	reader3.isu.pub	e.issuu.com
1	js.adsrvr.org	www.googletagmanager.com
1	www.google.de	www.metrotimes.com
1	www.google.com	www.metrotimes.com
1	v1.addthisedge.com	s7.addthis.com
1	diffuser-cdn.app-us1.com	www.metrotimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pagead2.googlesyndication.com	srcdoc
1	s0.2mdn.net	imasdk.googleapis.com
1	www.googletagmanager.com	www.metrotimes.com
1	widget.pico.tools	www.metrotimes.com
218	63

This site contains links to these domains. Also see Links.

Domain
m.metrotimes.com
photos.metrotimes.com
www.facebook.com
www.twitter.com
instagram.com
posting.metrotimes.com
www.addthis.com
the-official-website.com
media1.fdncms.com
media2.fdncms.com
trypico.com
issuu.com
www.ruxton.com
metrotimes.com
www.clevescene.com
www.citybeat.com
www.cltampa.com
www.orlandoweekly.com
www.riverfronttimes.com
www.sacurrent.com
outinsa.com
outinstl.com
www.publishwithfoundation.com

Subject Issuer	Validity	Valid
metrotimes.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
media.fdncms.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
commitchange.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
pico.tools Cloudflare Inc ECC CA-3	`2021-03-27` - `2022-03-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.issuu.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.isu.pub GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
issuu.com Amazon	`2020-09-16` - `2021-10-18`	a year	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
pingback.issuu.com R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.adnxs-simple.com GeoTrust RSA CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-12-19` - `2021-06-15`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Frame ID: 2613DDA4C9F9A0E219EBD1D26BE0409C
Requests: 91 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html
Frame ID: 6F203A65FD88AFAB38A26CE615F9EB7F
Requests: 7 HTTP requests in this frame

Frame: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
Frame ID: BC18547785623C30AF7AB56836598CB1
Requests: 24 HTTP requests in this frame

Frame: https://photos.metrotimes.com/thumbnail-scroller-square/
Frame ID: BEA821E9BF3C3FFE57ED5FB832E222B0
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 04D5663320F69155B1ABE7C01CEF84C8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.metrotimes.com
Frame ID: 94C720ACF8FD6D24F8729FF4CD589FA9
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 082CD2152810514FAB8926E2C77684D5
Requests: 3 HTTP requests in this frame

Frame: https://gadget.pico.tools/arbiter/index.1621035525778.html
Frame ID: 101BF1D42CE0E54D02C499F379347B95
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 4D52141C79BDBD9AE773EF2BBFD1BFCC
Requests: 2 HTTP requests in this frame

Frame: https://gadget.pico.tools/launcher/index.1621035525778.html
Frame ID: 587636CF3D8DE451960E2E7FCAD6062E
Requests: 8 HTTP requests in this frame

Frame: https://gadget.pico.tools/menu/index.1621035525778.html
Frame ID: 3F5C19E6C5006DC37BD1B64A132B73E6
Requests: 7 HTTP requests in this frame

Frame: https://gadget.pico.tools/prompt/index.1621035525778.html
Frame ID: 523839FBE5C65B3E5F8E6209D1B99704
Requests: 11 HTTP requests in this frame

Frame: https://gadget.pico.tools/header/index.1621035525778.html
Frame ID: 2575B5BCC86ACE822060BA3A43DBFFFF
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35e7ccb2d142fc%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff3488561f7f43f8%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: 33818EC50ECA69F11A9AA4AFC656F290
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&upid=6zt9zkh&upv=1.1.0
Frame ID: 8B66E24973114E8D09DE5F00A65A2985
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Frame ID: B32EA3F807784EB5E1586DE4EE352ED1
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7D4D586C8FBCE135C1E7A0FFBBAB63D0
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=04330fd0-58db-4feb-9537-44d78d62ea90&pblob=
Frame ID: 74E8DCAFC2224402FF2EB58FBFC05267
Requests: 8 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 8642F9D22641A5953CCF812EF1E6EF9E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Frame ID: 0C2FCAE89002189F5FCC05D518C5A91C
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0C7B051B75B42C66F8AFB5E16EF7B74F
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=25632ce2-7665-47b3-88bf-8cf9944d3cbc&pblob=
Frame ID: 949F3D2A6D4E006E91BA9640BC5E6120
Requests: 8 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: F1F4CED32D071E64C2238B9B55AD598C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

218
Requests

98 %
HTTPS

61 %
IPv6

33
Domains

63
Subdomains

55
IPs

7
Countries

8528 kB
Transfer

29036 kB
Size

0
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://m.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Title: mobile version

Search URL Search Domain Scan URL

URL: http://photos.metrotimes.com/
Title: Slideshows

Search URL Search Domain Scan URL

URL: https://www.facebook.com/metrotimes
Title: Metro Times Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/metrotimes
Title: Metro Times Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/metrotimes
Title: Metro Times Instagram

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/Tools/EmailFriend?oid=27115479
Title: Email

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?v=300&pubid=ra-51f9437a2abb7e86
Title: AddThisShare

Search URL Search Domain Scan URL

URL: http://the-official-website.com/okinawa-flat-belly-tonic
Title: Okinawa Flat Belly Tonic reviews

Search URL Search Domain Scan URL

URL: https://media1.fdncms.com/metrotimes/imager/u/original/27115690/image1.png
Title:

Search URL Search Domain Scan URL

URL: https://media2.fdncms.com/metrotimes/imager/u/original/27115758/image2.png
Title:

Search URL Search Domain Scan URL

URL: https://trypico.com/metrotimes?short_code=yrm758d6
Title: Join the Metro Times Press Club for as little as $5 a month.

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/Search
Title: All

Search URL Search Domain Scan URL

URL: https://issuu.com/euclidmediagroup/docs/mt_usersguide2021

Search URL Search Domain Scan URL

URL: https://photos.metrotimes.com/25-detroit-area-restaurants-with-igloos-tents-and-heated-outdoor-seating/?utm_source=widget&utm_medium=articleblog&utm_campaign=rightrail&utm_content=SpecialIssues
Title: Outdoor dining

Search URL Search Domain Scan URL

URL: http://www.ruxton.com/
Title: National Advertising

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/MyProfile
Title: View Profile

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/Profile/MySettings
Title: Edit Profile

Search URL Search Domain Scan URL

URL: http://metrotimes.com/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/metrotimes
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/metrotimes
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.clevescene.com/
Title: Cleveland Scene

Search URL Search Domain Scan URL

URL: https://www.citybeat.com/
Title: Cincinnati CityBeat

Search URL Search Domain Scan URL

URL: https://www.cltampa.com/
Title: Creative Loafing Tampa

Search URL Search Domain Scan URL

URL: https://www.orlandoweekly.com/
Title: Orlando Weekly

Search URL Search Domain Scan URL

URL: https://www.riverfronttimes.com/
Title: St. Louis Riverfront Times

Search URL Search Domain Scan URL

URL: https://www.sacurrent.com/
Title: San Antonio Current

Search URL Search Domain Scan URL

URL: https://outinsa.com/
Title: Out in SA

Search URL Search Domain Scan URL

URL: https://outinstl.com/
Title: Out in STL

Search URL Search Domain Scan URL

URL: https://www.publishwithfoundation.com/
Title: Foundation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

218 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Content Show response
www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/ 192 KB
40 KB 529ms
151ms Document
text/html 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 55afabf270d5f7a31977c503affd9e54b3985e388bb9ab0e78c5e2523c8ddb22

Request headers

Host: www.metrotimes.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:25 GMT
Server: Apache
Last-Modified: Mon, 17 May 2021 01:37:38 GMT
X-DN-Cache-Control: max-age=93600
Cache-Control: max-age=600, s-maxage=1800
X-DN-GyrobaseID: metrotimes-Content-27115479-sponsored
X-Gyrobase-Publication: metrotimes
Vary: Host,Accept-Encoding
Content-Encoding: gzip
Age: 12828
Content-Length: 40726
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK reset.css
www.metrotimes.com/foundation/styles/ 1015 B
918 B 389ms
145ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/styles/reset.css?cb=1c0a84915055149ef4b70c3c58c47aec
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: d53796fa295c1a584c75c03e30c1497fcaaeb3ab78244add2d8b6bd377e406d4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Aug 2014 23:09:22 GMT
Server: Apache
Age: 12866
ETag: "3f7-4ff997aca4c80"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 571
Expires: Thu, 20 May 2021 03:36:59 GMT

GET
H/1.1 200
OK defaults.css
www.metrotimes.com/styles/ 124 KB
24 KB 445ms
148ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 2f786e9379d7e8f9e59c1c85b8e238252d881a58c54142493f710f0aa0c85558

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jan 2021 20:10:12 GMT
Server: Apache
Age: 12942
ETag: "1efad-5b9324f361100"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 24691
Expires: Thu, 20 May 2021 03:35:43 GMT

GET
H/1.1 200
OK components.css
www.metrotimes.com/styles/ 107 KB
37 KB 445ms
149ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/components.css?cb=1c0a84915055149ef4b70c3c58c47aec
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 44414085ed386f969ca7756aa87092dad7128dbd17df5b1de8af2b080d957875

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Nov 2020 15:23:14 GMT
Server: Apache
Age: 12866
ETag: "1ac19-5b3ae240bfc80"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 37475
Expires: Thu, 20 May 2021 03:36:59 GMT

GET
H/1.1 200
OK publication.css
www.metrotimes.com/styles/ 53 KB
16 KB 453ms
157ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/publication.css?cb=1c0a84915055149ef4b70c3c58c47aec
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 6644f530646a94a44f175707fb76af875cdbdc199ed89565508f440427a943a9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 00:34:23 GMT
Server: Apache
Age: 12866
ETag: "d2c7-5a5689ffea1c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 16196
Expires: Thu, 20 May 2021 03:36:59 GMT

GET
H/1.1 200
OK iapetus-10-zone.css
www.metrotimes.com/foundation/grids/ 2 KB
967 B 446ms
149ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/grids/iapetus-10-zone.css
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8a36bd6ed9dcbb6fc741e7e5833901d1f5c39a4d4ee8a4c5886d0d925cd6e61e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Aug 2014 23:09:25 GMT
Server: Apache
Age: 12967
ETag: "6e0-4ff997af81340"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 620
Expires: Thu, 20 May 2021 03:35:18 GMT

GET
H/1.1 200
OK common.js Show response
www.metrotimes.com/foundation/scripts/ 215 KB
71 KB 533ms
146ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/scripts/common.js?cb=76a75c82ddafe12535eb5793d52b7930
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 23:26:43 GMT
Server: Apache
Age: 12932
ETag: "35a67-5b971678892c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 72297
Expires: Thu, 20 May 2021 03:35:53 GMT

GET
H/1.1 200
OK desktop-bundle.js Show response
www.metrotimes.com/foundation/scripts/ 268 KB
66 KB 593ms
147ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=76a75c82ddafe12535eb5793d52b7930
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: e92b2de70cc9b8a5613929428f90f57e24bc18364522b9b4c73ccdb91e516283

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 23:26:43 GMT
Server: Apache
Age: 12932
ETag: "42fca-5b971678892c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 66920
Expires: Thu, 20 May 2021 03:35:53 GMT

GET
H/1.1 200
OK jquery.fancybox-1.3.4.css
www.metrotimes.com/foundation/styles/fancybox/ 9 KB
2 KB 442ms
150ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/styles/fancybox/jquery.fancybox-1.3.4.css
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Aug 2014 23:09:22 GMT
Server: Apache
Age: 12942
ETag: "2294-4ff997aca4c80"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1814
Expires: Thu, 20 May 2021 03:35:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
847 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4e5713d7c16b8aeb4dcb33dff0c3f12c952a47d72bc6c7d495e8ebe77542603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 07:11:25 GMT
server: ESF
date: Mon, 17 May 2021 07:11:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 07:11:25 GMT

GET
H/1.1 200
OK image1.png
media1.fdncms.com/metrotimes/imager/u/blog/27115690/ 52 KB
53 KB 503ms
168ms Image
image/png 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/blog/27115690/image1.png?cb=1620922871

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

2e75b04c6bdc12720ad8d15b410e0587d006c7a862f753bfa15923341f2db267

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Thu, 13 May 2021 16:21:11 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 134997
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 53591
Expires: Sat, 12 Jun 2021 17:41:31 GMT

GET
H/1.1 200
OK print.css
www.metrotimes.com/styles/ 2 KB
1 KB 153ms
150ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/print.css
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 57ba81b65998bca856d531df13c24697e3dfdb6c22dca26e0d278b7723dabacc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 12867
ETag: "8f7-50f643e4e0500"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 983
Expires: Thu, 20 May 2021 03:37:00 GMT

GET
H/1.1 200
OK image2.png
media2.fdncms.com/metrotimes/imager/u/blog/27115758/ 189 KB
190 KB 499ms
163ms Image
image/png 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/blog/27115758/image2.png?cb=1620922871

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

7c56cf8d1ba8c8e01c97814b519bf30a888e475ebc2b94fa75a446bbf8173e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Thu, 13 May 2021 16:21:11 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 134997
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 193835
Expires: Sat, 12 Jun 2021 17:41:31 GMT

GET
H/1.1 200
OK desktop.css
www.metrotimes.com/fdn-system/assets/pub/styles/ 518 KB
70 KB 147ms
146ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 134e71676ed35a1ec4ebcf22d1f6445670b3556afa7f7399866da8301331556f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 May 2021 02:57:56 GMT
Server: Apache
Age: 12866
ETag: "81702-5c25586f89500"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 71530
Expires: Thu, 20 May 2021 03:36:59 GMT

GET
H/1.1 200
OK uikit.min.js Show response
www.metrotimes.com/fdn-system/assets/pub/scripts/ 131 KB
41 KB 150ms
149ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/fdn-system/assets/pub/scripts/uikit.min.js?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: bfbf3d9abff305b811e7799fc9d088efc092005fbdfa746abbe2517ecd543e0d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 May 2021 02:57:56 GMT
Server: Apache
Age: 12957
ETag: "20c6a-5c25586f89500"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 41813
Expires: Thu, 20 May 2021 03:35:29 GMT

GET
H/1.1 200
OK uikit-icons-fdn.min.js Show response
www.metrotimes.com/fdn-system/assets/pub/scripts/ 221 KB
88 KB 170ms
146ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/fdn-system/assets/pub/scripts/uikit-icons-fdn.min.js?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 1a707ebe79188b2e52b8ae9858b9866035b75aa5732efaa09967a4ed573cf3bd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 May 2021 02:57:56 GMT
Server: Apache
Age: 12866
ETag: "37212-5c25586f89500"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 89348
Expires: Thu, 20 May 2021 03:37:00 GMT

GET
H/1.1 200
OK tmwhistoryprintcolor-copy.jpg
media2.fdncms.com/metrotimes/imager/u/16x9-m/27105399/ 159 KB
160 KB 498ms
163ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/16x9-m/27105399/tmwhistoryprintcolor-copy.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

7ab33dbe73a851b4dbd05266132f975668589b51e7eb61547b3c52f74cbb97c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Tue, 11 May 2021 13:39:59 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 86184
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 163003
Expires: Sun, 13 Jun 2021 07:15:05 GMT

GET
H/1.1 200
OK dsc_9499_1_.jpeg
media2.fdncms.com/metrotimes/imager/u/16x9-m/27105058/ 172 KB
172 KB 501ms
166ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/16x9-m/27105058/dsc_9499_1_.jpeg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

6d464449930c5ed285ea1e04cc8ff8d57f56d7eafaf2f7f59c8dcd97c9e53763

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Tue, 11 May 2021 20:43:11 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 86183
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 175929
Expires: Sun, 13 Jun 2021 07:15:05 GMT

GET
H/1.1 200
OK map-teaser-vax.jpg
media2.fdncms.com/metrotimes/imager/u/16x9-m/27105788/ 47 KB
48 KB 496ms
161ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/16x9-m/27105788/map-teaser-vax.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

50bbdd75feb39a907ce7350e24590604cb45b461c4eb9daa83b2d800c0601ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Wed, 12 May 2021 13:07:20 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 57382
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 48246
Expires: Sun, 13 Jun 2021 15:15:06 GMT

GET
H/1.1 200
OK 051221_savage_dramatus_personae_wide.jpg
media2.fdncms.com/metrotimes/imager/u/16x9-m/27105379/ 190 KB
191 KB 497ms
159ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/16x9-m/27105379/051221_savage_dramatus_personae_wide.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

f80fb33354da86dd7620554f30c087032a4914e2ea66a3d6bbec1c983ab13fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Tue, 11 May 2021 13:05:26 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 86160
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 195041
Expires: Sun, 13 Jun 2021 07:15:28 GMT

GET
H/1.1 200
OK horoscope-_1_.jpg
media1.fdncms.com/metrotimes/imager/u/16x9-m/27105390/ 140 KB
141 KB 503ms
169ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/16x9-m/27105390/horoscope-_1_.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

638f713fbe796ffaa95ef7bafc2b90e1151088c138167316b93300566fd53565

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Tue, 11 May 2021 13:30:23 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 86160
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 143811
Expires: Sun, 13 Jun 2021 07:15:28 GMT

GET
H/1.1 200
OK MT_Redbkgd.png
www.metrotimes.com/imager/b/tiny/808579/8e1e/ 647 B
992 B 182ms
148ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/imager/b/tiny/808579/8e1e/MT_Redbkgd.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8c4343145dc98656a76ffdd570f8e2fc13009f3acf9fbb520d6d8c39ebc5eae0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Mon, 17 May 2021 03:30:15 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 12886
Vary: Host
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 647
Expires: Mon, 14 Jun 2021 03:36:43 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 91ms
14ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117163
x-xss-protection: 0
expires: Mon, 17 May 2021 07:11:26 GMT

GET
H/1.1 200
OK image1.jpg
media1.fdncms.com/metrotimes/imager/u/bigsquare/27122391/ 16 KB
16 KB 526ms
154ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/27122391/image1.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

9aa55e588451cd522a4ae7075965040394ca46dafd33bec8d0439b0cf9943e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Thu, 13 May 2021 17:30:25 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 169659
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 15896
Expires: Sat, 12 Jun 2021 08:03:49 GMT

GET
H/1.1 200
OK image1.png
media2.fdncms.com/metrotimes/imager/u/bigsquare/27122682/ 37 KB
37 KB 447ms
153ms Image
image/png 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/bigsquare/27122682/image1.png

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

6c1b12801dbd0748278dea3ccfe96bd07b77497076d49dffb9f18b2ef59521a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Thu, 13 May 2021 17:30:03 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 78962
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 37960
Expires: Sun, 13 Jun 2021 09:15:27 GMT

GET
H/1.1 200
OK image1.png
media1.fdncms.com/metrotimes/imager/u/bigsquare/27116174/ 31 KB
31 KB 492ms
189ms Image
image/png 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/27116174/image1.png

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

b20e39f373406f8ea0c460faf858320750891c38303ef2a5eeb79aa3dbf1360b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Thu, 13 May 2021 16:16:26 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 136582
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 31308
Expires: Sat, 12 Jun 2021 17:15:07 GMT

GET
H/1.1 200
OK image1.png
media2.fdncms.com/metrotimes/imager/u/bigsquare/27116179/ 47 KB
47 KB 203ms
147ms Image
image/png 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/bigsquare/27116179/image1.png

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

66700ee0ff56e09fcf30d5327143852d8bc9225c9ab70514b0f0f2bb9df18a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Thu, 13 May 2021 16:22:42 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 136458
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 48142
Expires: Sat, 12 Jun 2021 17:17:11 GMT

GET
H/1.1 200
OK 30-01-COVER-2.jpg
www.metrotimes.com/imager/b/cover/27105057/0f86/ 11 KB
12 KB 150ms
148ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/imager/b/cover/27105057/0f86/30-01-COVER-2.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: adadbc88bf4daaebd9858f8fd1626265948c1fd247397b2561df37d8db24619b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Thu, 13 May 2021 14:19:01 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 12942
Vary: Host
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 11576
Expires: Mon, 14 Jun 2021 03:35:47 GMT

GET
H/1.1 200
OK MT_Donate_150x150.jpg
www.metrotimes.com/binary/f24f/ 13 KB
13 KB 164ms
155ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/binary/f24f/MT_Donate_150x150.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: f4290d1b95415c63c669966c50246854e7cbe8375cec496639bb0555bb6e4119

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Fri, 19 Mar 2021 18:13:04 GMT
Server: Apache
Age: 12903
Vary: Host
X-DN-Cache-Control: max-age=2419202
Content-Type: image/jpeg
Content-Length: 13000
Expires: Mon, 14 Jun 2021 03:36:26 GMT

GET
H/1.1 200
OK UsersGuide_150x150__1_.jpg
www.metrotimes.com/binary/2041/ 18 KB
18 KB 187ms
148ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/binary/2041/UsersGuide_150x150__1_.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8b73cf59c6bef434696cec05f55ac95e2f0e464d74ce0b2bd02e6f11f7558f97

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Fri, 19 Mar 2021 18:13:04 GMT
Server: Apache
Age: 12901
Vary: Host
X-DN-Cache-Control: max-age=2419202
Content-Type: image/jpeg
Content-Length: 18320
Expires: Mon, 14 Jun 2021 03:36:28 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/ 5 KB
2 KB 28ms
6ms Script
application/javascript 2600:9000:211e:ea00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/choice.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ea00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e40856d91053685f1a0064622843157bb5d0fe60f5dd8a59f1bb53d5d1678dae

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:14 GMT
content-encoding: br
etag: W/"2cdc40037aa077b7afb723f91a80b50b"
last-modified: Wed, 10 Feb 2021 18:02:23 GMT
server: AmazonS3
age: 18
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: -ZlLWSvp_sIT_dbwY6zXoM-zxzklikAkIeCPCEvQLPMiZaOIKxg7Cg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 79ms
20ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

4a50fbdd6f9e85373e2b7a39749dc8bd5a324608f1e74a4c203479d4f30e7db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 513 of 1000 / last-modified: 1621030215"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21450
x-xss-protection: 0
expires: Mon, 17 May 2021 07:11:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6091
date: Mon, 17 May 2021 05:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 07:29:56 GMT

GET
H2 200 donate-button.v2.js Show response
us.commitchange.com/js/ 6 KB
3 KB 99ms
17ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/js/donate-button.v2.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf113495892c5e90e509edd9ae2711bec6fa2348772aa231e44f2c696d28148

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:27 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 45464
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1ac36cb700002bf668895000000001
x-content-digest: 99d3b9be278424579442c5d507659f8384b45f84
last-modified: Fri, 14 May 2021 19:31:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PUl%2BgX0erSi3QkKvWUjjjtHqVlNsKlQOgrxWtAFvsgWS%2B5NAUmFekuuECLoGpNGXEcTQqElU0TjifAduFQ%2BcFIJXsAgvG7kRnKZRbfJQPPF1xpDjmHdBinFt4qtBAC%2FT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 650b08278b882bf6-FRA
x-rack-cache: fresh

GET
H2 200 wrapper.min.js Show response
widget.pico.tools/ 4 KB
2 KB 347ms
278ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.pico.tools/wrapper.min.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278d81f885ab79e32863fac9141dc46f77a97166f1c5d2d275b654a18d7d2df7

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VVQ3Z4CFKJDQ4VPH
cf-ray: 650b08278fda2bf2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: l/uoV+yNGPJU+3ioYucgdebxpD5gOaSb9KsBek8DYLqA6/gZE+IlGjVt4OqSSi7rjijBoNzXCIw=
last-modified: Fri, 14 May 2021 23:40:25 GMT
server: cloudflare
etag: W/"f1813c22132c459382a1ef2d8410f1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r2X%2FOEjEWoJYZSBfguHc%2F%2BS5T%2FGn1CqRZT5IW2C3kTBKqZBU63wpqI5QsprnfdknLTReUmmyo%2FFXyHDsFbmN4WkFTQS9VyQ4b7hkJQaqSV5Smn5QVlRELECzyL5YAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: H8RBSb_aiVXIZ9PYATbLMuLBn4sZY1et
cache-control: no-cache
cf-request-id: 0a1ac36cb700002bf2260f5000000001
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
34 KB 29ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHZV5V

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

382878e5bac754f996fc60aa8d95fcff5a9fe331ec5772c9278ae40bdf6b8fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34721
x-xss-protection: 0
last-modified: Mon, 17 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 May 2021 07:11:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 34ms
15ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=76a75c82ddafe12535eb5793d52b7930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

762a3c72f55d39376f8db4b0caa50d8d1b0ac26758a326f4588e3fb66469f877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p9ByU4qxu+5jFbfYSJDmVg==
cross-origin-resource-policy: cross-origin
expires: Mon, 17 May 2021 07:25:43 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: FT1JwCG9/momb6XTBJ/QOKzADK8/qLyxp7De07Sp9qvh4NHlHY0rjNHZVkyL/TLRNiJtXO9dPRXMzvmWkXDv/A==
x-fb-trip-id: 686109401
x-fb-content-md5: 54ab4e3f0a2fedc67f8b577f1bd0c1df
date: Mon, 17 May 2021 07:11:27 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b61411909d935298b8a5ce113ef300e9"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 40ms
23ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=76a75c82ddafe12535eb5793d52b7930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6598e71167cec2f5afb33005aca2185944a3a9def8be956dac43bf65b56b40ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-siIDxCf2w/qsUsmqWEdm0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "ca7c2d1aae642024d440b5bda933a9b5"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-siIDxCf2w/qsUsmqWEdm0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 17 May 2021 07:11:27 GMT

GET
H/1.1 200
OK mt_logo_2019.jpg
www.metrotimes.com/images/logos/ 49 KB
50 KB 158ms
147ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/logos/mt_logo_2019.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/publication.css?cb=1c0a84915055149ef4b70c3c58c47aec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 2b83c2bd6fddd39afe7a082916b2c6a1b9e11cd18157192740d4140a68d23d3e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/styles/publication.css?cb=1c0a84915055149ef4b70c3c58c47aec
Connection: keep-alive
Referer: https://www.metrotimes.com/styles/publication.css?cb=1c0a84915055149ef4b70c3c58c47aec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Wed, 23 Jan 2019 18:02:49 GMT
Server: Apache
Age: 12923
ETag: "c59b-58023e6dce440"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 50587
Expires: Mon, 14 Jun 2021 03:36:05 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.metrotimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 22:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 464834
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Wed, 11 May 2022 22:04:12 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.metrotimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 314839
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 13 May 2022 15:44:07 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 14ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=76a75c82ddafe12535eb5793d52b7930
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67D4)
Age: 646
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 90ms
30ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=76a75c82ddafe12535eb5793d52b7930

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Mon, 17 May 2021 07:11:27 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK fdn-lato-regular.woff2
www.metrotimes.com/foundation/fonts/ 24 KB
24 KB 149ms
148ms Font
application/octet-stream 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/fonts/fdn-lato-regular.woff2
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: eee26a79a3555d648250b1054d10cf6ff3ce0610b6b3e0f99f38ea08a1420d21

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.metrotimes.com
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Connection: keep-alive
Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Tue, 18 Feb 2020 18:49:21 GMT
Server: Apache
Age: 12865
ETag: "602c-59ede213b0e40"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 24620

GET
H/1.1 200
OK email.gif
www.metrotimes.com/images/icons/article_tools/ 377 B
679 B 150ms
148ms Image
image/gif 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/icons/article_tools/email.gif
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 48b0ee0e27c6f0858a216f72019329ef84eaf6c16b5088187da73c0067b497e6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
Connection: keep-alive
Referer: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 12865
ETag: "179-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 377
Expires: Mon, 14 Jun 2021 03:37:04 GMT

GET
H/1.1 200
OK print.gif
www.metrotimes.com/images/icons/article_tools/ 256 B
558 B 151ms
150ms Image
image/gif 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/icons/article_tools/print.gif
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 15bd44ded791bf9220dcd55602b962123be80784c7d3f7e40bdcaad56bbd4188

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
Connection: keep-alive
Referer: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 12967
ETag: "100-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 256
Expires: Mon, 14 Jun 2021 03:35:22 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.metrotimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 04:11:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 97197
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 16 May 2022 04:11:30 GMT

GET
H/1.1 200
OK MT_Redbkgd.png
www.metrotimes.com/binary/8e1e/ 2 KB
3 KB 157ms
155ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/binary/8e1e/MT_Redbkgd.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 09c0e7ca6a3b802c1833253354fe3fcc34bdb147a3c2928bd052946f923dcb51

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Connection: keep-alive
Referer: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:28 GMT
Last-Modified: Mon, 17 May 2021 03:37:02 GMT
Server: Apache
Age: 12866
Vary: Host
X-DN-Cache-Control: max-age=2419202
Content-Type: image/png
Content-Length: 2296
Expires: Mon, 14 Jun 2021 03:37:04 GMT

GET
H/1.1 200
OK fdn-lato-bold.woff2
www.metrotimes.com/foundation/fonts/ 25 KB
25 KB 158ms
157ms Font
application/octet-stream 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/fonts/fdn-lato-bold.woff2
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 9a58bbe9a737679707bdcbf60ab3239d554f6e06bd9bf613b509d9badfd88ed6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.metrotimes.com
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Connection: keep-alive
Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:27 GMT
Last-Modified: Tue, 18 Feb 2020 18:49:21 GMT
Server: Apache
Age: 12942
ETag: "6244-59ede213b0e40"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 25156

GET
H/1.1 200
OK fdn-lato-black.woff2
www.metrotimes.com/foundation/fonts/ 24 KB
24 KB 156ms
156ms Font
application/octet-stream 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/fonts/fdn-lato-black.woff2
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 279e9aed3ee45e5c46cd06e98a998e2157d46dc91621e9d786f85e1bc7779e2d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.metrotimes.com
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
Connection: keep-alive
Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=1f2b0a8f9c9e7d0577b3479984ff8efc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:28 GMT
Last-Modified: Tue, 18 Feb 2020 18:49:21 GMT
Server: Apache
Age: 12864
ETag: "5ee8-59ede213b0e40"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 24296

GET
H2 200 bridge3.458.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6F20 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

081fe081ca1a1c7857c829ef147d17156961a29cbe66e56b31bb6fbefee16310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.458.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191944
date: Wed, 12 May 2021 01:40:52 GMT
expires: Thu, 12 May 2022 01:40:52 GMT
last-modified: Wed, 12 May 2021 01:31:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 451836
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 17 May 2021 07:11:28 GMT

GET
H/1.1 200
OK gray_45degLineFull.png
www.metrotimes.com/images/backgrounds/ 1 KB
1 KB 152ms
148ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/backgrounds/gray_45degLineFull.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/components.css?cb=1c0a84915055149ef4b70c3c58c47aec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 166ffb156fe893d301169ee0023b387cf7e22535c89aa8112b0ed07e87d46928

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/styles/components.css?cb=1c0a84915055149ef4b70c3c58c47aec
Connection: keep-alive
Referer: https://www.metrotimes.com/styles/components.css?cb=1c0a84915055149ef4b70c3c58c47aec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:28 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 12967
ETag: "456-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1110
Expires: Mon, 14 Jun 2021 03:35:22 GMT

GET
H2 200 embed.html Show response
e.issuu.com/ Frame BC18 5 KB
2 KB 74ms
0ms Document
text/html 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 607f2853fbe18fada45c2ce972c8f543b233cccbf6eee7e97d86d43438d59c8d

Request headers

:method: GET
:authority: e.issuu.com
:scheme: https
:path: /embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

x-amz-id-2: uxnRb0iK6EuVvv2Ddg8L6Av26ApGIDIe4n+3lwXuIFV7TwshRCst9rNmBBxUiuzw7i5XRbs5AGQ=
x-amz-request-id: 7N5R2PFX0A93TX63
last-modified: Tue, 11 May 2021 11:29:10 GMT
etag: "d12775d92a22110059978c30e799c4a6"
cache-control: public, max-age=300
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Mon, 17 May 2021 07:11:28 GMT
via: 1.1 varnish
age: 241
x-served-by: cache-hhn4051-HHN
x-cache: HIT
x-cache-hits: 43
x-timer: S1621235488.479909,VS0,VE0
vary: Accept-Encoding
content-length: 2002

GET
H/1.1 200
OK mag20px.png
www.metrotimes.com/images/icons/ 2 KB
2 KB 171ms
150ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/icons/mag20px.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/components.css?cb=1c0a84915055149ef4b70c3c58c47aec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8656a625a0d02ad7c895a5e8ceaeb3c0b6faf432f4ef2493a77854db114d7a0c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/styles/components.css?cb=1c0a84915055149ef4b70c3c58c47aec
Connection: keep-alive
Referer: https://www.metrotimes.com/styles/components.css?cb=1c0a84915055149ef4b70c3c58c47aec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:28 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 12942
ETag: "63d-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1597
Expires: Mon, 14 Jun 2021 03:35:47 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 181ms
20ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:28 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 24 May 2021 07:11:28 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 234 KB
64 KB 70ms
0ms Script
text/javascript 2600:9000:211e:ea00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.metrotimes.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ea00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 17 May 2021 07:10:30 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 19:03:54 GMT
server: AmazonS3
age: 58
etag: W/"2848b39634e3b71d7b4f01531f83807a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762f.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: uBRkC4JOy5Q_-r1ow_tfmYllTEI04NmLibNjBHznh-ysNsIlqfXXKQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
19ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=598124169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&ul=en-us&de=UTF-8&dt=Okinawa%20Flat%20Belly%20Tonic%20Reviews%3A%20Afraid%20It%20Won%27t%20Work%3F%20%7C%20Paid%20Content%20%7C%20Detroit%20%7C%20Detroit%20Metro%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1803437419&gjid=702002626&cid=373684968.1621235489&tid=UA-643668-1&_gid=1900937526.1621235489&_r=1&_slc=1&cd1=sponsored&z=1397760078

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metrotimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
photos.metrotimes.com/thumbnail-scroller-square/ Frame BEA8 8 KB
3 KB 586ms
447ms Document
text/html 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: c171a152377fd02bed4a0ce92ead78d9ea1f13d0413086dfa4e048352f1265ec

Request headers

:method: GET
:authority: photos.metrotimes.com
:scheme: https
:path: /thumbnail-scroller-square/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ga=GA1.2.373684968.1621235489; _gid=GA1.2.1900937526.1621235489; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Mon, 17 May 2021 07:11:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
cf-edge-cache: cache,platform=wordpress
link: <https://photos.metrotimes.com/wp-json/>; rel="https://api.w.org/" <https://photos.metrotimes.com/wp-json/wp/v2/pages/14379>; rel="alternate"; type="application/json" <https://photos.metrotimes.com/?p=14379>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac370e600004dc4801e1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bc0FjDSTxmKpGC%2BV%2FgtZ%2BeHtag64Gi7ZTk6Vm4i1DW2Noo6Zbhdt3MRCSyTaNcIImSsLQ0YPdzeeDI4PaKxZaxoA1bh3tHPR8NOd6Jkf25J6cVFxqll8gbIQ2OyPHWZdDXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b082e3fca4dc4-FRA
content-encoding: br

GET
H/1.1 200
OK vaccinecovid.jpg
media2.fdncms.com/metrotimes/imager/u/original/26324943/ 11 KB
11 KB 148ms
145ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/original/26324943/vaccinecovid.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

6e069a03fc94f1093687bd1dc24f5532070ca41b7c53ceb0137e1cfbcf9b4797

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:29 GMT
Last-Modified: Wed, 27 Jan 2021 14:32:38 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 122167
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 11361
Expires: Sat, 12 Jun 2021 21:15:23 GMT

GET
H/1.1 200
OK 420-issue-link.jpg
media1.fdncms.com/metrotimes/imager/u/original/26899295/ 25 KB
25 KB 196ms
191ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/original/26899295/420-issue-link.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

ffabe386b82cc6fd612afb72104a4a52fb4953bd44d904da6dbd133279941ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:29 GMT
Last-Modified: Wed, 14 Apr 2021 14:43:27 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 129381
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 25423
Expires: Sat, 12 Jun 2021 19:15:09 GMT

GET
H/1.1 200
OK musictowatch.jpg
media1.fdncms.com/metrotimes/imager/u/original/26324678/ 17 KB
18 KB 192ms
189ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/original/26324678/musictowatch.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

132d57a4a149305b69addae71121eede5194c86d26beec45d4395058bbafff63

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:29 GMT
Last-Modified: Wed, 14 Apr 2021 14:45:52 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 129383
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 17868
Expires: Sat, 12 Jun 2021 19:15:07 GMT

GET
H/1.1 200
OK igloos.jpg
media1.fdncms.com/metrotimes/imager/u/original/26324944/ 16 KB
17 KB 203ms
200ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/original/26324944/igloos.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

e0ee9666e7a26d0e0b170585ea46784a25a8c9f31ee99ba6f1c9b375a00ff396

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:29 GMT
Last-Modified: Wed, 27 Jan 2021 14:44:59 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 122167
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 16534
Expires: Sat, 12 Jun 2021 21:15:23 GMT

GET
H/1.1 200
OK best_of_2020.jpg
media2.fdncms.com/metrotimes/imager/u/original/25454369/ 20 KB
20 KB 206ms
203ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/original/25454369/best_of_2020.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

8c0d81307b185313dd128991d64e74fd9708f4730e236c3545e2da332c3b127a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:29 GMT
Last-Modified: Wed, 30 Sep 2020 17:58:40 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 129383
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 20211
Expires: Sat, 12 Jun 2021 19:15:07 GMT

GET
H3-29 200 pubads_impl_2021051301.js Show response
securepubads.g.doubleclick.net/gpt/ 306 KB
108 KB 83ms
82ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 08:39:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110161
x-xss-protection: 0
expires: Mon, 17 May 2021 07:11:29 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 213 KB
63 KB 81ms
25ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a5b619d2a316822b74a98ffdfb91332c&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9d123692086fc6d57acd0d0e07198ff9fa171ddd33f5da6871e6b4e098e1d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yEaryjo2nKkuECyzEipbAA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64606
x-fb-rlafr: 0
x-fb-debug: FyjlwcVRQ5Ny+ICcC+aMqbqlN9fAyYYw2xoptyHjK25JjnZ+m2WKwM4y2z722hhc5EbFdkOkWzU1FvkftqWtcw==
x-fb-content-md5: 3d3b7ef7c78bea46ef3f4231213fa8a8
x-frame-options: DENY
date: Mon, 17 May 2021 07:11:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4c67d98cb0c8f288df289753eafab517"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 17 May 2022 04:08:13 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/ 103 KB
34 KB 98ms
35ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f97c4a1e81f37dff31489b1920a0517aa63fb260f5d1f6fc4353a84b45eb585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 19:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 22:19:55 GMT
server: sffe
age: 472957
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34956
x-xss-protection: 0
expires: Wed, 11 May 2022 19:48:52 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 04D5 36 KB
12 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 06:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3391
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 17 May 2021 07:14:58 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 77ms
26ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:29 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=45554
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK rss-small.gif
www.metrotimes.com/images/ 558 B
860 B 147ms
146ms Image
image/gif 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/rss-small.gif
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 4c0f8cf23d4d87f037b07b227f64f35eefb1d51556c66250811ea732137bbb5c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.metrotimes.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
Cookie: _ga=GA1.2.373684968.1621235489; _gid=GA1.2.1900937526.1621235489; _gat=1
Connection: keep-alive
Referer: https://www.metrotimes.com/styles/defaults.css?cb=1c0a84915055149ef4b70c3c58c47aec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:30 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 12865
ETag: "22e-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 558
Expires: Mon, 14 Jun 2021 03:37:06 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-643668-1&cid=373684968.1621235489&jid=1803437419&gjid=702002626&_gid=1900937526.1621235489&_u=YEBAAAAAAAAAAC~&z=971151862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 07:11:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.metrotimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
23 KB 35ms
18ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: pU+3GXFIvrHRMXj2rQaAaXEmfxuAFSSftrHTtvriFuWguOjqGSHTgcnkzvN4lSPj7+3652R1fPfS+wHJbJGV2A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 May 2021 07:11:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-ECpz7gxYXdCG2.js Show response
rules.quantcount.com/ 2 KB
1 KB 62ms
28ms Script
application/x-javascript 2600:9000:2190:7c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ECpz7gxYXdCG2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38b12f1aa28e1ad8fb546894c0c412e2294d8e3ae7045c1af3c6b88de1665c5c

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 06:23:17 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 21:42:07 GMT
server: AmazonS3
age: 2895
etag: W/"28dcc805b9f121ac8bbd8c592e5fd8cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: MA8ugSLRbnCOb758Tk7v4SxaTLtaIu0mq6Kj-A-UN-qaSR4G1VfFZg==

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 51ms
26ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 15
x-cache: Hit from cloudfront
cf-request-id: 0a1ac379ae0000dfc3a8114000000001
last-modified: Mon, 22 Feb 2021 18:41:52 GMT
server: cloudflare
etag: W/"1e16152334c325a4abb81f1a8ee52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 95c9d51ed7176777d7ac8ca8cb233697.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: VIE50-C2
cf-ray: 650b083c4accdfc3-FRA
x-amz-cf-id: xw7uoISyHdF1tjzcvvt7rOztpwCypfdaa5iBJiZNDwFLN_6DG34EoQ==

GET
H2 200 build.js Show response
gadget.pico.tools/load/ 411 B
1 KB 297ms
263ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/load/build.js
Requested by: Host: widget.pico.tools
URL: https://widget.pico.tools/wrapper.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d89e20ce224aa9a95129f0043edad569ccb8b8e24ae9667174ec39fc4009fbc

Request headers

Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BK8P1QZRA4MWRDDT
cf-polished: origSize=499
cf-ray: 650b083c6a3b2c36-FRA
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZaStqZK5CcC2zUfJU/rzKzrOAR7Vqf56VtY0ZC2JcZUzlIijFLZK35bwnM8SvmEeCy4JBaOZr60=
last-modified: Fri, 14 May 2021 23:40:25 GMT
server: cloudflare
etag: W/"ebe45bfc6be59a64bfd49dac642a6509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HqXm6rPQq6wA8wL%2Fjb80vUNdQ2eTuvfpJlBUsY1rpDRcq%2BZn90IYen7PR7Wzs5NJgKL4FG2EkndT%2FBfp9zxoOdFKVSqkE6EVcCaiGnYXa9gtoC9Un8mAp3pyoxVdBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: ZbrFuDTNSgGQpst84AhZYtAdqdDCnr8z
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: no-cache
cf-request-id: 0a1ac379c300002c3621230000000001
content-type: application/javascript
cf-bgj: minify

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 94C7 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.metrotimes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.metrotimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 265147
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 17 May 2021 07:11:31 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H3-29 200 donate-button.v2.css
us.commitchange.com/css/ 3 KB
1 KB 46ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/css/donate-button.v2.css

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/js/donate-button.v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f6f6f6d18be8bf6359ce49cf949cd1f9e51d74f85550e5325e20517726a85d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 28700
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1ac37a3b00001752e72e1000000001
x-content-digest: e4002f2d949670d5cd4ceab8f24ad1bf497c40b3
last-modified: Fri, 14 May 2021 19:31:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J2jJMnFY4j999mRsYK7xwnTvFLoWroloHU1NkYgdNjWEJ4vNy7mQPEVL1YHTiLxpTkbfnMGqk9I94S2AgnSXViosrgntaNQRzdXQG9QSEHAieu629vvvK6VVxFbgUQZO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 650b083d2a011752-FRA
x-rack-cache: fresh

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-51f9437a2abb7e86/ 1 KB
609 B 50ms
39ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-51f9437a2abb7e86/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e27725e64d6d9f8b0ffbf3f35f8fd0c986304e2a2102f52e123097d03b4f565

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
content-encoding: gzip
etag: 1132884162--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=20, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 433

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 23ms
22ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-643668-1&cid=373684968.1621235489&jid=1803437419&_u=YEBAAAAAAAAAAC~&z=952362321

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 22ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-643668-1&cid=373684968.1621235489&jid=1803437419&_u=YEBAAAAAAAAAAC~&z=952362321

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 082C 513 B
910 B 68ms
17ms Document
text/html 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bSaSBnJo3mU.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOlScUDCc6laSimwcYo4nXUQAS-sQ/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28a0c25b90c0da5df6383c38c3b614c9082f52da460f121a5638b8c1355de6d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zqBcs+Wn/Af0MO47ZQFNSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=215=eFxj3p1p_XpB4VI8PY89R4lVG06WHC9LigpQ-p1_5LLTIee8KyNsnitp3XcKyxcnbDjZyDqiQEMcKh2mHsChsMX52KE7K_g4Qc062WKItKZ3-6xCV94MoVZWsLFKr_rt9JfXN3kbQ4W7Rj_cQMRu8NkebXo4TFB3hMz2fW3MPmI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 17 May 2021 07:11:31 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-zqBcs+Wn/Af0MO47ZQFNSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 react.production.min.js Show response
unpkg.com/react@16.14.0/umd/ Frame BC18 12 KB
5 KB 70ms
18ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.14.0/umd/react.production.min.js

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4788947
vary: Accept-Encoding
cf-request-id: 0a1ac37c6900002bd203186000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 037001727ddbe308a1224f75c0e817ff
cache-control: public, max-age=31536000
cf-ray: 650b0840a95c2bd2-FRA

GET
H2 200 react-dom.production.min.js Show response
unpkg.com/react-dom@16.14.0/umd/ Frame BC18 116 KB
36 KB 78ms
32ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4788946
vary: Accept-Encoding
cf-request-id: 0a1ac37c6900002bd27aadf000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 50984341323288420ed713de41130725
cache-control: public, max-age=31536000
cf-ray: 650b0840a95f2bd2-FRA

GET
H2 200 iframe-embed.js Show response
e.issuu.com/issuu-reader3-embed-files/249/ Frame BC18 1 MB
322 KB 18ms
16ms Script
application/javascript 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f04074f496778ce45a42859d0c8f07551697c32369e8ef73597ca8959fdaf464

Request headers

Referer: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
content-encoding: gzip
age: 502938
via: 1.1 varnish
x-cache: HIT
content-length: 329469
x-amz-id-2: 0dnqsN1FmyRyfRHVEaWVgXV1ZPOPg4s+iYBoxR+7no4MUPP1aK0TqUioJv2oWMk86wPRMu4NTtY=
x-served-by: cache-hhn4051-HHN
last-modified: Tue, 11 May 2021 11:29:12 GMT
server: AmazonS3
x-timer: S1621235492.946957,VS0,VE0
etag: "fd16ba487cfc98f603684cb3eef68ed5"
vary: Accept-Encoding
x-amz-request-id: WJG74PC8K9EJ1754
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 874

GET
H2 200 iframe-embed.css
e.issuu.com/issuu-reader3-embed-files/249/ Frame BC18 172 KB
78 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.css
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1713285a99457e4cff3dbfe3d6e2e581155a2bd46261d121f6c55e42c4fec79

Request headers

Referer: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:31 GMT
content-encoding: gzip
age: 502937
via: 1.1 varnish
x-cache: HIT
content-length: 79072
x-amz-id-2: 1/W1pbHvdds5tb7zrV+H/4dAt6TaZvaoVWsjSQpuS7k9icehUXrdEwqguZ6FKLXzE91V6s9WbmI=
x-served-by: cache-hhn4051-HHN
last-modified: Tue, 11 May 2021 11:29:12 GMT
server: AmazonS3
x-timer: S1621235492.901561,VS0,VE0
etag: "4255819cb81ed0122f2fb7eead857a41"
vary: Accept-Encoding
x-amz-request-id: 4QGNRWKQSZTNJZTX
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 28893

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame BC18 48 KB
19 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6095
date: Mon, 17 May 2021 05:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 07:29:56 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 23 KB
9 KB 18ms
17ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:32 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 24 May 2021 07:11:32 GMT

GET
H2 200 rules-p-a4LDpi_DEopn-.js Show response
rules.quantcount.com/ 147 B
594 B 27ms
27ms Script
application/javascript 2600:9000:2190:7c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a4LDpi_DEopn-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:32 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 147
last-modified: Wed, 26 Jun 2019 16:40:34 GMT
server: AmazonS3
etag: "64852ad0768d254e4052f94f8b97011c"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4barDi-fIj0lqPOYLjnshYLd5ZHkQZHckPtWeY5r4MmlNFDmwoVAow==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 58ms
22ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHZV5V
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 16 May 2021 15:28:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 56563
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: KaZT8mdqC9ySBMmlc16SVdHOq0lcWT_8eg_5J9NMW44OhtXgDiTN3w==

GET
H3-29 200 212979636044164 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 94ms
92ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212979636044164?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc63200ad20acf855f0fd9b1db61beaca4d616b46e3e0cd7a0bb7daf19d52c2e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Y3KyTf1JDV2ePc6x4/DNhXQz8efRunx9pfLJt+c9oxqPW3PXKPAYu0hUPLnqgA4RasN23KsDyJVPf0Wf83fMzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 May 2021 07:11:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 54ms
47ms Fetch
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=310950202407744&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a5b619d2a316822b74a98ffdfb91332c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: cH+E0YqbUlY2k4OXAtDN99J+/i+Xivbfs8aC72rmME7qF32QZ7/6NDo2D51bb6+7CTdzud6lLtSkwGQe/dq2SA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 May 2021 07:11:32 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotimes.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ Frame BEA8 82 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://photos.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219634
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 18:10:58 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ Frame BEA8 235 KB
63 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://photos.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 07:02:34 GMT

GET
H2 200 jquery.thumbnailScroller.js Show response
photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/js/ Frame BEA8 6 KB
2 KB 33ms
23ms Script
application/javascript 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/js/jquery.thumbnailScroller.js
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf01eca5e7392e4b6438d6d55f859532d9466c70c22e6dbae67dec7cbd9e5a4

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1004156
cf-polished: origSize=7954
cf-bgj: minify
cf-request-id: 0a1ac37ed500004dc45685b000000001
last-modified: Fri, 23 Sep 2016 16:37:10 GMT
server: cloudflare
etag: W/"1f12-53d2f63c27980-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SXNN3RT%2FHTk2p7LbjM5gTSZWlwtXp%2Bdt72w5x9jhf3r7ikM7VBttAFaBxqufyToYk%2F%2BSebZDDO8wPYqvOzt18yZj%2BPdJOw3qcF1wxNzrvYA9IZMzyxP7YjL%2FcuzBzYlPWrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 650b08448afa4dc4-FRA
expires: Fri, 04 Jun 2021 16:15:36 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 39ms
33ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 17 May 2021 07:11:32 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js Show response
gadget.pico.tools/ 218 KB
64 KB 75ms
57ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/load/build.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c43fdcd1f0656591e4edb70747f2b561d53dfdc2833f19ffe5b0e53dbfbd75

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199859
cf-polished: origSize=223580
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7MB45FVZANDPEVN5
x-amz-id-2: vNErwZhOHh2CDctlVhX2kmSw/Phv3dSs5D98imo963okNUqnOjxG9daTSSCtmFtZ/5FJydMLPb8=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"ddb4c30f42d07ab511a51fe55f20d3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RysC3%2FnF6OnxmTQ3MyWQLoWP%2BVdE0jSS21d1P%2BT22Chd7KUV%2FaPf8N%2FeQoXnxBeAv5F%2FSOrNcqyYniytWNqoIf0dpJTHBKkmwCWUHd3ZQlA2M9rpXPepVu1WpBDfUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: LauUSwIp1d.hlvugPLrnd.GWQ1srQ2WR
cf-request-id: 0a1ac37f3800000610449d2000000001
cf-ray: 650b08452c8f0610-FRA
cf-bgj: minify

GET
H3-29 200 wrapper.3fcc2702f9936eaaadda.js Show response
gadget.pico.tools/ 50 KB
12 KB 44ms
27ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/wrapper.3fcc2702f9936eaaadda.js
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/load/build.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d3e0ca13057c9653da51f691e6c9bae0e4b0b78170812c9728d298cc22c4e4

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199859
cf-polished: origSize=50965
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7MB4VG3GN54PTYJG
x-amz-id-2: DgbbUVGc93OOJG4YjFAF3DJQUxhbYqrbSC4dbcJBwTNEw9ZdYB6UcWi0MBm87CVpKiO4WzoNyUI=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"f6ed2e5015b348c7b07fc6c030da6062"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZKAd%2BsEZpbkbHaqobn40Q%2FQsQ5zq4fatBcstRgxseZ8REDLcP%2BBo4O6ew94LCBy2JLuptK%2FMYZME9oPBACaFI%2FilxCv3%2BifgA7013PW4mtXxrAmAXRdehfIhgkffRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: eZjUdHMeC_hCARXDFmdLAbbekQmoMl0X
cf-request-id: 0a1ac37f3800000610292e1000000001
cf-ray: 650b08452c8d0610-FRA
cf-bgj: minify

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame BC18 23 KB
9 KB 16ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:32 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 24 May 2021 07:11:32 GMT

GET
H2 200 reader3_4.json Show response
reader3.isu.pub/euclidmediagroup/mt_051221/ Frame BC18 7 KB
922 B 53ms
7ms XHR
application/json 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://reader3.isu.pub/euclidmediagroup/mt_051221/reader3_4.json
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cad71d73849a4865163a40dad4461e741aaa49c1bfdc7dca24b82a1e9792d933

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
content-encoding: gzip
age: 403559
via: 1.1 varnish
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
content-length: 517
x-amz-id-2: VdDuSpHYVWFpLsaiYZU+PgLaQnjm5/6rjSmID5bygSW5g29Dk4x5dNvCFmuAVG3xUgQOLYYj3xc=
x-served-by: cache-hhn4043-HHN
last-modified: Tue, 11 May 2021 23:10:16 GMT
server: AmazonS3
x-timer: S1621235493.143222,VS0,VE1
etag: "4788786eebee21b4efde97bad5a1896f"
x-amz-request-id: 1Z2XRVC8X463T08E
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H2 200 mt_051221 Show response
issuu.com/call/backend-reader3/dynamic/euclidmediagroup/ Frame BC18 586 B
575 B 336ms
128ms XHR
application/json 52.207.46.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://issuu.com/call/backend-reader3/dynamic/euclidmediagroup/mt_051221

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.46.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-46-124.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

3376b034e123cac4401ae336b8e1e0ec4e264ef65107cba78b9f7871413bf304

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Cowboy
content-type: application/json
access-control-allow-origin: https://e.issuu.com
accept-ch: UA-Arch,UA-Full-Version,UA-Mobile,UA-Model,UA-Platform-Version,UA-Platform,UA,ECT,DPR,Downlink,Save-Data,Width,Viewport-Width
content-length: 308

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
415 B 177ms
166ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=26668640&u=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: e1939c9847d6c1dc6cb88ce61cbe9be273d982b40015824aeda5864c183ef723

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 650b08484b40dfc3-FRA
cf-request-id: 0a1ac381290000dfc3862cf000000001

GET
H2 200 2267922346-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 082C 111 KB
39 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2267922346-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3de90a9266115ffeaea8148d0604ae89e3eeab3105a52bf9e3a90268319ec629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 11:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 00:36:36 GMT
server: sffe
age: 71343
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39141
x-xss-protection: 0
expires: Mon, 16 May 2022 11:22:30 GMT

GET
H2 200 prevArrow.png
photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/ Frame BEA8 140 B
596 B 17ms
16ms Image
image/png 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/prevArrow.png
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2f1e7e082d75ba1a052dabfe84dc16b855c1a1afe0a67857b91261cbf4099f

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1004157
cf-polished: origSize=287, status=vary_header_present
content-length: 140
cf-request-id: 0a1ac3817e00004dc423030000000001
last-modified: Fri, 23 Sep 2016 16:37:10 GMT
server: cloudflare
etag: "11f-53d2f63c27980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OyghKBNlANKsncWr8F5qg5KwdSNVm6niiComHxJ%2BnXUNdBMoktzZqU6%2FjqUGbZhy%2BBSMjBfMlOhY6rWz8l3DXJrvqJ4aO2NXNuNo9ObGfmFE4xUaHWihG4yC7fEHkjps1mE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 05 May 2022 16:15:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 650b0848ce914dc4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 nextArrow.png
photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/ Frame BEA8 144 B
488 B 16ms
16ms Image
image/png 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/nextArrow.png
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992851e6a109ef096e17ece547dd681abfb670a12691cd141b329d4fc54935f0

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1004157
cf-polished: origSize=280, status=vary_header_present
content-length: 144
cf-request-id: 0a1ac3818100004dc48083c000000001
last-modified: Fri, 23 Sep 2016 16:37:10 GMT
server: cloudflare
etag: "118-53d2f63c27980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iTVU1TWyHYLlAdDAFigvGLgCAdIr0XBvRnONurfXF%2Fgo1SlWIXWoQDDs%2B1ZlZOCdNC2MdHdaiBVQriL3Y891s8sOeuzfta5BvmjekduZuU9OlsEObkxtz%2FNsogACJ9RoqTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 05 May 2022 16:15:36 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 650b0848ce984dc4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 20900738_1556601964404456_6023060731807393443_o-150x150.jpg
photos.metrotimes.com/wp-content/uploads/2020/02/ Frame BEA8 7 KB
8 KB 23ms
19ms Image
image/jpeg 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2020/02/20900738_1556601964404456_6023060731807393443_o-150x150.jpg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bb33abf49e1fbff6ef77d7f7244884f00ac4c529ca084a099d01ed6c63f5531

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 239226
cf-polished: origSize=8064, status=vary_header_present
content-length: 7417
cf-request-id: 0a1ac3819100004dc44ba25000000001
last-modified: Fri, 14 May 2021 12:08:50 GMT
server: cloudflare
etag: "1f80-5c2491b5a36e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9cNyVNq5%2BIHxg7FkneNHUKOSVsjC4YozGRU%2F5KugkqPBxScYLKDDyrjVK7rHYOINi6Wsrvez5LdQJRPn0UlFTp99HA5TWAZeG%2BuwrLyU6mvsO3jHK5KmogYKolGIEWOC84w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 14 May 2022 12:44:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 650b0848eed54dc4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Palmer-Woods-Detroit-1922-Mansion24-150x150.jpg
photos.metrotimes.com/wp-content/uploads/2021/05/ Frame BEA8 7 KB
8 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2021/05/Palmer-Woods-Detroit-1922-Mansion24-150x150.jpg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6691ce99ac86921c537c41121571eb4fb35180268c5cf8a68b5009a7edcb2773

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 299480
cf-polished: origSize=8044, status=vary_header_present
content-length: 7450
cf-request-id: 0a1ac3819700004dc485838000000001
last-modified: Thu, 13 May 2021 17:45:00 GMT
server: cloudflare
etag: "1f6c-5c239afb20cee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L46jlhAUiGaS4fiTAkZp%2FNi%2BbG2ujGqRm3tQZfESp0pV0yTZ9YULvhe8VWN1rHq8cWFgM9v2SNVm9g4Z6UnVAAlv02FJyAkddJYoERCAPZ%2Fd2EyXO%2B050VyvqbvksWJIzB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Fri, 13 May 2022 20:00:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 650b0848eee34dc4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Dino-Garden-150x150.jpg
photos.metrotimes.com/wp-content/uploads/2021/05/ Frame BEA8 9 KB
9 KB 17ms
16ms Image
image/jpeg 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2021/05/Dino-Garden-150x150.jpg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca93fa43c9e5fd9ce2d17221dd6580679784879961e4ab6578d67bcf30434221

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 302377
cf-polished: origSize=9936, status=vary_header_present
content-length: 8971
cf-request-id: 0a1ac3819500004dc442a19000000001
last-modified: Tue, 11 May 2021 18:49:30 GMT
server: cloudflare
etag: "26d0-5c2125ab9bf10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MT7yF5Y3P5Yr2ZPC4KUlreoA6M2VoUsTSsKjfone9z0bgZppZHZUo7SIfariU9m3Tz5nABx7bmsVnG4XpdqcDdcNnpD5oRg9iLxVA9r18cg9KmZdVkAL8o7v5Wgx4VgXU9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Fri, 13 May 2022 19:11:56 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 650b0848eee94dc4-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 2-SCHOOLCRAFT-RD-@-TELEGRAPH-RD-Redford-Twp-150x150.jpg
photos.metrotimes.com/wp-content/uploads/2021/05/ Frame BEA8 5 KB
5 KB 25ms
24ms Image
image/jpeg 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2021/05/2-SCHOOLCRAFT-RD-@-TELEGRAPH-RD-Redford-Twp-150x150.jpg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01364176bc68881806e67bfb4477a7ef67f4afe64c2694d65f991cfc39291115

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 479968
cf-polished: origSize=5114, status=vary_header_present
content-length: 4657
cf-request-id: 0a1ac381a300004dc436265000000001
last-modified: Tue, 11 May 2021 17:46:07 GMT
server: cloudflare
etag: "13fa-5c2117805f417"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MeD36O%2FMbEdSJagffokdFHrKqLGWfeIM2MfJMWro1j%2FrmC%2BEqzbrxBYf2O%2BBc214uIGHYRaJwb6jKrXJxwKpivLl5IEhStra0SZv2Eygg8AHE7HBeK%2FhLqtGFvtMRlNEyqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Wed, 11 May 2022 17:52:05 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 650b08490f184dc4-FRA
cf-bgj: imgq:100,h2pri

GET
BLOB 200
OK e9b0b282-cff7-4841-b86e-5f214a615512
https://e.issuu.com/ Frame BC18 397 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://e.issuu.com/e9b0b282-cff7-4841-b86e-5f214a615512
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=mt_051221&hideIssuuLogo=true&u=euclidmediagroup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a547934f2bbf06d860e17a6e71cb1181669caf01f26fd67c1e55d0102ef077a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 397

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 16ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212979636044164&ev=PageView&dl=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&rl=&if=false&ts=1621235493418&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1621235493406.1820134727&it=1621235492335&coo=false&exp=l1&rqm=GET

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 17 May 2021 07:11:33 GMT

GET
H2 200 mt_051221 Show response
issuu.com/call/reader/api/links/euclidmediagroup/ Frame BC18 2 B
348 B 156ms
156ms XHR
application/json 52.207.46.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://issuu.com/call/reader/api/links/euclidmediagroup/mt_051221

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.46.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-46-124.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Cowboy
content-type: application/json
access-control-allow-origin: https://e.issuu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ch: UA-Arch,UA-Full-Version,UA-Mobile,UA-Model,UA-Platform-Version,UA-Platform,UA,ECT,DPR,Downlink,Save-Data,Width,Viewport-Width

GET
H2 200 smartzoom.bin Show response
assets.isu.pub/smartzoom/210511230841-db1b7f1c8585555e4cd66198ca76500e/v1/ Frame BC18 9 KB
5 KB 10ms
6ms Fetch
application/octet-stream 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.isu.pub/smartzoom/210511230841-db1b7f1c8585555e4cd66198ca76500e/v1/smartzoom.bin
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d718dfc7056debc5338756abe31599d7ab9315e7b654f049c43f9774706d8e18

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
content-encoding: gzip
age: 408007
x-cache: HIT, HIT
content-length: 5029
x-amz-id-2: 6OnJN1odR68Zxsq5U2y3lcqrp1UhqvnAoQcRigJqKiUUtCQKjjOxgojgg5HbT2Z/POacu6sfuyo=
x-served-by: cache-bwi5147-BWI, cache-hhn4043-HHN
access-control-allow-origin: *
last-modified: Tue, 11 May 2021 23:09:07 GMT
server: AmazonS3
x-timer: S1621235493.449591,VS0,VE1
etag: "85f2b0fe61d4e6958ab86c10c25c1f90"
x-amz-request-id: BR0M1W48W0HT2KY7
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ Frame BC18 122 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d14518724e7fc0ba99c1dc3d79d1e48dc8ca2ed08c83d967a17852bdbaf3703

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 page_3.bin Show response
layers.isu.pub/db1b7f1c8585555e4cd66198ca76500e/210511230841/v2/ Frame BC18 235 KB
234 KB 36ms
31ms XHR
application/octet-stream 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://layers.isu.pub/db1b7f1c8585555e4cd66198ca76500e/210511230841/v2/page_3.bin
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d12ff1cea7ea6fd7aa549213933dd12e51012a938df670d1b3a20e2a74d085f

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
via: 1.1 varnish, 1.1 varnish
age: 407355
x-cache: MISS, HIT
content-encoding: gzip
content-length: 239254
x-amz-id-2: enfV9u/XY9Z3nn8rfoox31Rby3nhcQ/BjHp2yKck6qveT1cz0xOtVgzlBQXChOKD3Y/5B6QqiXI=
x-served-by: cache-bwi5136-BWI, cache-hhn4043-HHN
last-modified: Tue, 11 May 2021 23:09:08 GMT
server: AmazonS3
x-timer: S1621235494.723368,VS0,VE1
etag: "ac3a5329460f2dfb77063c0148374ef5"
x-amz-request-id: TPG1SK2G1X10C7CJ
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 0, 1

GET
H2 200 page_2.bin Show response
layers.isu.pub/db1b7f1c8585555e4cd66198ca76500e/210511230841/v2/ Frame BC18 142 KB
115 KB 23ms
18ms XHR
application/octet-stream 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://layers.isu.pub/db1b7f1c8585555e4cd66198ca76500e/210511230841/v2/page_2.bin
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b40d864cf7bcc3d61fd6c019360541cff590f5d5be6643c53b5f5b8335c17dbc

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
via: 1.1 varnish, 1.1 varnish
age: 407355
x-cache: MISS, HIT
content-encoding: gzip
content-length: 117598
x-amz-id-2: KJ9wz1gn5UpplF45NApDVDgsBwUy2l3fBf5lNfi+WECETdnnQ14/g2xBiw88GzutP6Q0SwlGG+c=
x-served-by: cache-bwi5124-BWI, cache-hhn4043-HHN
last-modified: Tue, 11 May 2021 23:09:08 GMT
server: AmazonS3
x-timer: S1621235494.723308,VS0,VE0
etag: "d4faf2dfb73f264f733b43ed663a2db7"
x-amz-request-id: TPG309XAYPYF1PDV
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 0, 525

GET
H3-29 200 index.1621035525778.html Show response
gadget.pico.tools/arbiter/ Frame 101B 500 B
904 B 381ms
381ms Document
text/html 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/arbiter/index.1621035525778.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 556789672b29b47ea4ae8c84596418d10c609ec479712c401de6f5ed5dcc4ec2

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /arbiter/index.1621035525778.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Mon, 17 May 2021 07:11:34 GMT
content-type: text/html
x-amz-id-2: Kt4X720LqK6GCQYaHLX2+khT5BD5bFT9ouwvPy9UrpzRuJKQzkUHbJndc5BSJNBBmntn8yz4aEo=
x-amz-request-id: 75XJZSFY3TMYQ5F6
cache-control: max-age=2592000
last-modified: Fri, 14 May 2021 23:40:23 GMT
x-amz-version-id: sSn_AgbpFVZtZsaNjzDOP7cNNCM68TEi
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac3846400000610b5093000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BuH%2BL24duTRaVZW%2BWQCJr%2BLLFtfiJiZqsojzg9qF60PrK%2FVwDOn5WVf1pLCr5rN4h%2BWs%2BEeaHia7ETs%2FuBF0XgDODTyb%2Fjphr1fa5IHrvIkhIvv88kEjrm4lK%2FZyzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b084d69e20610-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 17ms
16ms Ping
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfDHkKNmpc6ZVz7X9

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 17 May 2021 07:11:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.metrotimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
271 B 307ms
104ms Script
text/javascript 35.170.115.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=26668640&prismid=bb2fe0e7-72f2-4b5b-ab93-25f813e0d7cd&url=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.115.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-115-227.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:34 GMT
server: Apache/2.4.46 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 page_1.jpg
image.isu.pub/210511230841-db1b7f1c8585555e4cd66198ca76500e/jpg/ Frame BC18 212 KB
212 KB 12ms
9ms Image
image/jpeg 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.isu.pub/210511230841-db1b7f1c8585555e4cd66198ca76500e/jpg/page_1.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf57d7eef926d5c966829e1f95545683641cb862383eb629e3783f42648b3845

Request headers

Origin: https://e.issuu.com
Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:34 GMT
via: 1.1 varnish, 1.1 varnish
age: 447091
x-cache: HIT, HIT
content-length: 216861
x-amz-id-2: HhHcVY/tTBlhRPDtdRrHHfHa6wEUGGT/PKxCdI1b7wrs1Lq8/ADUz56hpFUL/fAOFk8vn3GrN2s=
x-served-by: cache-bwi5148-BWI, cache-hhn4043-HHN
last-modified: Tue, 11 May 2021 23:09:11 GMT
server: AmazonS3
x-timer: S1621235494.301885,VS0,VE1
etag: "c488a6d2a06347dbb837f8543a6021cf"
x-amz-request-id: SG32YFZ05M44V712
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 23, 1

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 94C7 256 B
258 B 129ms
126ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9fae4fcd6f0a0c7f09fb07a7a05f5683a9f1804e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.metrotimes.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:33 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 07:11:34 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 0bdf1dec47d4e296d904207d3aea6da70beb0e97df59c6a61ec933d540639fa2
content-length: 176

GET
DATA 200
OK truncated
/ Frame BC18 952 B
952 B Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d592e98f964ab619fe5670fb32e07de0b2834242d9b1bf6abeaec56554fa43e

Request headers

Origin: https://e.issuu.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BC18 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bff9fb711196829be806e4a3a6b3ee05f1fcfbf12c96ac73a544b9993f0f781

Request headers

Origin: https://e.issuu.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame BC18 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9254c2714cf69f8a35f437848aa8060d1d81cc1345a2af47f96dab96e25b580

Request headers

Origin: https://e.issuu.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 082C 14 B
58 B 54ms
33ms XHR
application/json 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.metrotimes.com&client_id=368071155345-fr5a01rd2lpbd03le6ivqgfnbb1jmfak.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/2267922346-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Mon, 17 May 2021 07:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 17 May 2021 08:11:34 GMT

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js Show response
gadget.pico.tools/ Frame 101B 218 KB
64 KB 42ms
42ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/arbiter/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c43fdcd1f0656591e4edb70747f2b561d53dfdc2833f19ffe5b0e53dbfbd75

Request headers

Referer: https://gadget.pico.tools/arbiter/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199860
cf-polished: origSize=223580
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYSJKQ9QFD0VW74
x-amz-id-2: lfxAIDHU7J15K4tVadU+eUIU7BWB/AIA2aWDDE5bmwBmEb6RmNFrznLB05CH7BkcdFfN0ckEIU8=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"ddb4c30f42d07ab511a51fe55f20d3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FPacDf%2Fn45mDT%2FrFSGqaV37U9Z8GXLuswCDqCdf9MZTkilS5Qe6yM1mybZGQq%2FNixn%2BPg0gm1N2nHkLjmXhxo2cDmDUqKHB6uu%2FrN4CWCJqCH9j8l1lTCOUtbzkR8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: LauUSwIp1d.hlvugPLrnd.GWQ1srQ2WR
cf-request-id: 0a1ac387d100000610e8a84000000001
cf-ray: 650b0852ef450610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js Show response
gadget.pico.tools/ Frame 101B 978 KB
207 KB 44ms
44ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/arbiter/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566c00ed3593be3a951d5599a5f19e798678b33811b6b7de91ef2d44da15a248

Request headers

Referer: https://gadget.pico.tools/arbiter/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199860
cf-polished: origSize=1001986
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYMQ7Z150XRDNJB
x-amz-id-2: KOtpJEqwCwtuLJGCBOL5pzd4giq3FgiBzzQ1cAMfBG7X5LrYm6qZ2ynmmW63VNIpLN9hmuPFbW4=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"4f941e59e470402fde7058050b348964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fc2F84jDSNK1G6eZqzaRCXk9xOGuRJcF3yok5AXvXFanMXGh9v1PEWQ3kCCbszJLMh8OFNtaifD0x5tmXPcEsMGXYLg2FvY1urVcihSHQaMa5MDRHFIjG0XbG9sm8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: hOpyuJB0fhVYk519FokHwECFE9wxnM9F
cf-request-id: 0a1ac387d100000610b43ee000000001
cf-ray: 650b0852ef480610-FRA
cf-bgj: minify

GET
H3-29 200 arbiter.d65520502bc5ccf6cd3b.js Show response
gadget.pico.tools/ Frame 101B 126 KB
25 KB 70ms
67ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/arbiter.d65520502bc5ccf6cd3b.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/arbiter/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7391ac265bb41d1e999ba454d7a3fb385bd47c37bf81ef451bf004a09e32a97a

Request headers

Referer: https://gadget.pico.tools/arbiter/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199860
cf-polished: origSize=128916
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYJ12022ZXBM5NJ
x-amz-id-2: mVaGsTaIkFqOfbvUc3nc1v5MYzTby5CIYx6bfU6mJ45AtFkvgn0RsC/tmLPB0CTgj9X/4ZSE4Pw=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"e556f0131a22f8f1f19f8d9a456a473d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hyVkU5HplMGJZ%2Bu2z7RCdfzFRe%2B1kx6EAGACAt90110wQLiHLzwBGyZ2w2xQlEnCRYvlM0OTTBk20S58%2FGg0YIZaf5lgljt9OrRg9iVQfNuo2lxkjbGzXz6xYqcG9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 2IlTXAlLz1JhjbKGv9mrCiJkJr09mjjz
cf-request-id: 0a1ac387d600000610bb243000000001
cf-ray: 650b0852ef590610-FRA
cf-bgj: minify

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 8ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67D4)
Age: 291838
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame 4D52 32 KB
12 KB 12ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.metrotimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 291838
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 17 May 2021 07:11:35 GMT
Etag: "a87932e0f094e1fb4cced05f7d97ab94+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D4)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12228

GET
H3-29 200 index.1621035525778.html Show response
gadget.pico.tools/launcher/ Frame 5876 1 KB
1 KB 264ms
263ms Document
text/html 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/launcher/index.1621035525778.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f450b51cc06a04cd5c8441e602247fa13137cff22d9f2941fc807c2ddc3758

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /launcher/index.1621035525778.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-type: text/html
x-amz-id-2: PC76r7Pn3z/Ci4q8IMMUxaw4KItKuYsjXj7AxdrV+FQE4kj+WbyGh929esQhj8GbMrgJul2q0wE=
x-amz-request-id: DNFX2ERT76W5NPJD
cache-control: max-age=2592000
last-modified: Fri, 14 May 2021 23:40:24 GMT
x-amz-version-id: 8z3CyNCvpntQx6JXEscw5ORx2VFip71o
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac3915e000006103fb13000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bGO%2F%2FcYq4olZO3Iqtv3Ff16zQXgd9bzglhWjnhwJD4%2Fitsp8t%2BnkB%2Fx5%2B4%2B90Mse3XtIUh35mBitn1pmGBXM7xx%2FqT8EUDXLqC3%2BpnTEhby4srQT1hROtRpx%2F9VCAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b08622f250610-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 index.1621035525778.html Show response
gadget.pico.tools/menu/ Frame 3F5C 1 KB
1 KB 258ms
257ms Document
text/html 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/menu/index.1621035525778.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 286664089c507d51df7b381998005bd2545122d1a782338a8fbc9f33767958c2

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /menu/index.1621035525778.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-type: text/html
x-amz-id-2: AplUMCbqAD4wevDZNuHpxi4kio0Sj+nrHS1+s0r75XC9ANqmPKGScrIvfBtXJv175aBbKbKxXEo=
x-amz-request-id: DNFSP419Y1RY012F
cache-control: max-age=2592000
last-modified: Fri, 14 May 2021 23:40:24 GMT
x-amz-version-id: tsC1v2jbiY.SwbjXX5mJJPA0gD1nl32D
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac39161000006101e26d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gOJ%2BelJBPmQ8Oj1tqBkqi9hu2nLvyeBKi679Im7dUFwNHrUYbtOhwDGk7npvQWC%2BZsCfNX7QJm%2By%2B59UXWBm3Gb8eePDA%2BD7vGIPMQK6W4mp9mElwFF1COzGzJo1Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b08623f2c0610-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 index.1621035525778.html Show response
gadget.pico.tools/prompt/ Frame 5238 1 KB
1 KB 286ms
286ms Document
text/html 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd9f724ce2c535eb36d10a55b65357a2c09e63d387bde29c8f262e02428787b

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /prompt/index.1621035525778.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-type: text/html
x-amz-id-2: YiIsitIrjG/F2FGz/7Mfymb3NbKCMuzxAEhDOcdjKa7Off4gGSxXSDWJMuFeLq1OjSb5UhqhkNg=
x-amz-request-id: DNFG49WRN1ZWFSGR
cache-control: max-age=2592000
last-modified: Fri, 14 May 2021 23:40:24 GMT
x-amz-version-id: RNNA_1WaEFlJfPqQh_ZqqcrE4NQErsBO
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac3917100000610db1e0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KF8f5jDU7mPPMfp2Oa5gN%2B2zwCO47e23bLFj7XTl1Be%2FaVMxe9XTVnz2NWGHaI8HXLv1kqfagsRQ1HvpXneCuBBCCR2gJ6K2S%2FaBrjq4PXwUwRSS1G7aoypDSwGxtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b08624f680610-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 index.1621035525778.html Show response
gadget.pico.tools/header/ Frame 2575 1 KB
1 KB 245ms
244ms Document
text/html 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/header/index.1621035525778.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4feabc3a89294410dec165c69950610b2148dc2273dbeaf491f5d7bb259901

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /header/index.1621035525778.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-type: text/html
x-amz-id-2: 00hnCMtg/p1WWXKCMtQ7qrlk6CxQm9UUolS9dkTjal6Ms/iCXFyM/6Z2vfmFBKzEqYLaYdxk/xg=
x-amz-request-id: DNFWE0857DNESJA4
cache-control: max-age=2592000
last-modified: Fri, 14 May 2021 23:40:24 GMT
x-amz-version-id: KFTV74n7F2OqrS3cfcsy_wfrkk9TCxWZ
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac3918800000610290af000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bYPQytMWc5hgfRcEgpakpAcMGmr1T9jOR0mlOSAm3JMgeqqhQSi%2BSMhZuf7nRSHySbfNPlFqRmqX12NlTV9e5IJtqmMrN3mPi1H4zmDlVJJxqlsG%2FXYq9KIghVFVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b08627faf0610-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 ping Show response
pingback.issuu.com/ Frame BC18 0
187 B 1450ms
98ms XHR
text/plain 2600:1901:0:a175::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pingback.issuu.com/ping
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a175:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-max-age: 86400
access-control-allow-methods: POST
access-control-allow-origin: https://e.issuu.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 ping Show response
pingback.issuu.com/ Frame BC18 0
43 B 1448ms
98ms XHR
text/plain 2600:1901:0:a175::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pingback.issuu.com/ping
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a175:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-max-age: 86400
access-control-allow-methods: POST
access-control-allow-origin: https://e.issuu.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
DATA 200
OK truncated
/ Frame 4D52 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 guest Show response
api.pico.tools/loader/ Frame 101B 6 KB
3 KB 814ms
512ms XHR
application/json 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a29b9c11264781fbfa468e9ed44d4100204b99ff74ff9a21ea385071c638380

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

adBlockling: false
Session-ID: 9d022272-0c3e-4c7c-8fe0-ebe45fab800b
current-page: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
from-domain: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json
prev-page
Referer: https://gadget.pico.tools/
publisherId: 4d564b43-6ec3-41fc-848b-40716e6a5bfd

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1ac38fbb00002c36f521d000000001
server: cloudflare
date: Mon, 17 May 2021 07:11:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WdNCBmkSYjmU4b2tiwF325OPyK9MscRg7FNuB6XxI%2FZ0UTaidZvluyxBFQObeGoeb9CSdWxaucPh%2BM1LE5JIFZL4WUlrQztQ8wIFEJnykNwze95L8CEU5Ln7ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gadget.pico.tools
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
session-id: 9d022272-0c3e-4c7c-8fe0-ebe45fab800b
cf-ray: 650b085f98e72c36-FRA
version: 3.0.1

GET
H2 200 rules-p-5cvC4NOeGmtNA.js Show response
rules.quantcount.com/ Frame BC18 2 KB
1 KB 13ms
12ms Script
application/javascript 2600:9000:2190:7c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-5cvC4NOeGmtNA.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1f188cc2029e3681b0fca2423b30cc81d88883200558e5024be6154a0c6329

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 06:36:56 GMT
content-encoding: gzip
age: 2081
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 30 Mar 2017 18:55:25 GMT
server: AmazonS3
etag: W/"de9ad2472a0105d59ab5d8792a1a1f40"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: AreWoVE8TTSa7ox5RP5BHhtkES9wgr_PtmnR7z8Meo0H52Phd95hZg==

GET
H2 200 pixel;r=2090503963;rf=3;a=p-5cvC4NOeGmtNA;url=https%3A%2F%2Fe.issuu.com%2Fembed.html%3Fd%3Dmt_051221%26hideIssuuLogo%3Dtrue%26u%3Deuclidmediagroup;ref=https%3A%2F%2Fwww.metrotimes.com%2F;uht=2;fpan...
pixel.quantserve.com/ Frame BC18 35 B
371 B 12ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2090503963;rf=3;a=p-5cvC4NOeGmtNA;url=https%3A%2F%2Fe.issuu.com%2Fembed.html%3Fd%3Dmt_051221%26hideIssuuLogo%3Dtrue%26u%3Deuclidmediagroup;ref=https%3A%2F%2Fwww.metrotimes.com%2F;uht=2;fpan=1;fpa=P0-156218722-1621235496169;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=e.issuu.com;je=0;sr=1600x1200x24;dst=1;et=1621235496169;tzo=-120;ogl=

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
165 B 145ms
143ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3Anull%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1621235496245%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 17 May 2021 07:11:36 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0bdf1dec47d4e296d904207d3aea6da70beb0e97df59c6a61ec933d540639fa2
x-transaction: 55414d07cbf1a5f9
expires: Tue, 31 Mar 1981 05:00:00 GMT

OPTIONS
H2 204 guest
api.pico.tools/loader/ Frame 0
0 455ms
444ms Preflight 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Protocol

Server

2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
Origin: https://gadget.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 07:11:36 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://gadget.pico.tools
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac38cd000002c3616bcb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JSV1pEcCSqTBJiNJyowHeKMHinP5tRYx4Mpv0stXHtjIsZGJkrzdIgChJtYtuVfhUvLorMKVaar71KRzXoXscNr1LZ4oM0FC%2FmbS80v6LM4KLCILsuUyQ39%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b085aee672c36-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3-29 204 guest
api.pico.tools/article/1f5aaf61-c167-45da-9bc6-cf70e4435d2a/read/ Frame 0
0 483ms
483ms Preflight 2606:4700:20::681a:2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/article/1f5aaf61-c167-45da-9bc6-cf70e4435d2a/read/guest

Protocol

H3-29

Server

2606:4700:20::681a:2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: adblockling,authorization,content-type,current-page,from-domain,prev-page,publisherid,session-id
Origin: https://gadget.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://gadget.pico.tools
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: adblockling,authorization,content-type,current-page,from-domain,prev-page,publisherid,session-id
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac3921c00001f2522ab8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v7JRE7VlrwYI0kvAQun7YLT%2B%2F2QI1w6VhO%2BirD7gq0tPivb1OpRMtv1vVRU8ytiA2ieGDqvbI%2FTVc2NVxjfW%2FYU%2FsTmJl654yAPKYFE3jMc776uWYFZh89a9VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b086358561f25-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 200 guest Show response
api.pico.tools/article/1f5aaf61-c167-45da-9bc6-cf70e4435d2a/read/ Frame 101B 2 KB
2 KB 492ms
484ms XHR
application/json 2606:4700:20::681a:2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/article/1f5aaf61-c167-45da-9bc6-cf70e4435d2a/read/guest

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5eadfdc128dc2142d3c042e1510fa82ef4c47624677a7ed165219345ca3c9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

adBlockling: false
Session-ID: 9d022272-0c3e-4c7c-8fe0-ebe45fab800b
current-page: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
from-domain: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb3VudGVycyI6eyJwYWdlX3ZpZXdfZmFlYTU3ZmMtY2Y1Zi00YjU3LWExNWUtMjE3ODk4MDkxZWFhIjp7ImNvdW50IjoxLCJyZXNldCI6InNlc3Npb24ifSwicGFnZV92aWV3X2VkZDQ3MDQwLWM4OGEtNDEzZS1hNjU2LTQyZmRjMzU3YmM1MSI6eyJjb3VudCI6MSwicmVzZXQiOiJtb250aCJ9LCJwb3B1cF9jb3VudGVyX2ZhZWE1N2ZjLWNmNWYtNGI1Ny1hMTVlLTIxNzg5ODA5MWVhYSI6eyJjb3VudCI6MSwicmVzZXQiOiJtb250aCJ9fSwiYWxsX2FydGljbGVzIjpbXSwibG9ja2VkX2FydGljbGVzIjpbXSwic2NvcGUiOiJndWVzdCIsImF6cCI6IjRkNTY0YjQzLTZlYzMtNDFmYy04NDhiLTQwNzE2ZTZhNWJmZCIsInZlcnNpb24iOjIsInVzZXJfaWQiOiIyM2UwZDkzOC0xNTRlLTRjZGEtOWZhZS1hNmQzMjBmYWY3OTYiLCJpYXQiOjE2MjEyMzU0OTcsImV4cCI6MTY1Mjc5MzA5NywiYXVkIjpbIm1ldHJvdGltZXMuY29tIiwibS5tZXRyb3RpbWVzLmNvbSIsIm1ldHJvdGltZXMuY29tIl0sImlzcyI6Imh0dHBzOi8vYXBpLnBpY28udG9vbHMiLCJqdGkiOiIyMmE5ZTQ5ZC00OTE2LTRhOTctODYxOS0yODE2ZTQwMDhlNTAifQ.n5X-Y3BItFtOtkH2eoXhwtUPkFpB93HzdWvxL6L-5cyticSYRA-aB8zS0NW6IcdIiVPvegJFtXgYG4unrBbFm0kqfKreOSchEYoBifG6Kid9tZwXsIN15kFravaYa7BCXlJkpdD3aT4Tw4GwlHnt9c6_wvzWPeAj8XkGAQoUGtI1ZMPj5ja-y0qU6-IQgI8kLisBjBxUNYRO9gGXP87RPsmrAx0odVskD8xeE7HqbFNbFD9MB-VfMSCS8BX5NH2Zqi21AhJKg5g0wqDn7qxWHBCfRViVlsHUO103TlYC6HKWNCyHdBpPZUmdkVlxmtwRlZSGpsBOjc1ZvpBLuKNFwUojZvwTLvdAB2TVYJN080uzTHVyxr2HsH587SopfIL0CbykZTeFcV899FzZQ3ONmctjMm4PTvCMINOeA7-uMoOgmdBbjEI1TwFtJa44sQ7TGREYR3-gXi6UMStZ72Zs6_Wy7wTYqmcgwfCbnJfVzsH23lXj1h5LNs44Y1yTX-pcqsD1QWwXedPKPHdFpKxpsmrwMa7fpjYFRvdCLlcZnWwwQIly4HWf1ctjOZYB_kIOPnvqt5rJVtR1JEdK9Pm7KOsJihpRc4Kvgu9rNqcZ9YgGEpGZ2WTdhp_kF966NmnapMILIEB-3ppmei3vAaNeBh8QTXF6YPnfQxrEtvLzfM8
Content-Type: application/json
Accept: application/json
prev-page
Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
publisherId: 4d564b43-6ec3-41fc-848b-40716e6a5bfd

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1ac3940b00001f253eb8a000000001
server: cloudflare
date: Mon, 17 May 2021 07:11:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2CpBbST3peq%2B6CVj8z1nWjXf9YkFSlkAGJjB71499DlO0oB0S1dk6rlcb%2Bwjyw57LUygT0%2Fnarq2FyQOdTfmYYj63fIth%2FSe7c15Rbfnhmp2EogASUNxKe%2FoTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gadget.pico.tools
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
session-id: 9d022272-0c3e-4c7c-8fe0-ebe45fab800b
cf-ray: 650b08667d991f25-FRA
version: 3.0.1

GET
H3-29 200 menu.02d33e3541a64f9a913f.css
gadget.pico.tools/ Frame 3F5C 2 MB
174 KB 41ms
41ms Stylesheet
text/css 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/menu.02d33e3541a64f9a913f.css?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61cb1ce074f05fe1c1cf6ca2e714625ebacf5f13868bdf2cb49ea7a85e9c837

Request headers

Referer: https://gadget.pico.tools/menu/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199862
cf-polished: origSize=1853921
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76S3R4M76ZXC6YG6
x-amz-id-2: pjG9ADpC8evCyjnl533PDaAV7f/GcNEkordpBiB84i6HGaOye3MG9SH8ZEicgW6BbFo9iaVYaxE=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"91824043bba49d725e88b2a2447206e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WiiI%2FDNlBUPqprSylxZFxcwVFW4FZmxrJE2LFc89f2VWReh%2FWOCo8ZaBFY%2ByxF0jbcMG7ugLEwxl0hcx3y%2Fa5bEpwGWmArWB5SnIw19antwKcyXki%2BNtOdDuFz1OCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: 7wOnCum198t0fayMu6EPIwYIdjekBViA
cf-request-id: 0a1ac392d300000610e8b92000000001
cf-ray: 650b08648d250610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js Show response
gadget.pico.tools/ Frame 3F5C 218 KB
64 KB 53ms
53ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c43fdcd1f0656591e4edb70747f2b561d53dfdc2833f19ffe5b0e53dbfbd75

Request headers

Referer: https://gadget.pico.tools/menu/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=223580
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYSJKQ9QFD0VW74
x-amz-id-2: lfxAIDHU7J15K4tVadU+eUIU7BWB/AIA2aWDDE5bmwBmEb6RmNFrznLB05CH7BkcdFfN0ckEIU8=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"ddb4c30f42d07ab511a51fe55f20d3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lr6L%2FEmI8UAPvkmyv2B1nr26mO7xyGBC3BK20qeJ5RH8nBOPrT29XWi5fPnq3a6PdnOTQ%2FXaKCiGUelnnV9LYAC9FldSV9HFHrCnhuUCdfvNiHi1T0n8E%2FXglZ0cxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: LauUSwIp1d.hlvugPLrnd.GWQ1srQ2WR
cf-request-id: 0a1ac392d4000006101d3f3000000001
cf-ray: 650b08648d2d0610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js Show response
gadget.pico.tools/ Frame 3F5C 978 KB
207 KB 67ms
66ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566c00ed3593be3a951d5599a5f19e798678b33811b6b7de91ef2d44da15a248

Request headers

Referer: https://gadget.pico.tools/menu/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=1001986
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYMQ7Z150XRDNJB
x-amz-id-2: KOtpJEqwCwtuLJGCBOL5pzd4giq3FgiBzzQ1cAMfBG7X5LrYm6qZ2ynmmW63VNIpLN9hmuPFbW4=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"4f941e59e470402fde7058050b348964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0qxYpZXJp7IHBaUM9nt7hfPOIsYdWUpdRggFoc4hjtjJbwZLDcxyjLScFPpEZIgpWgH6VLKsG7YY6OBAbc5A%2BSqU4w1vrkaBFV7Ej9MQhvZKBpKhSaPqoNSHACVmWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: hOpyuJB0fhVYk519FokHwECFE9wxnM9F
cf-request-id: 0a1ac392d90000061021269000000001
cf-ray: 650b08648d3b0610-FRA
cf-bgj: minify

GET
H3-29 200 menu.aa6a70372dc017421c06.js Show response
gadget.pico.tools/ Frame 3F5C 2 MB
440 KB 152ms
151ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/menu.aa6a70372dc017421c06.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79fb13319fb5502eab537faedf4fcc9364c32be0d398b3bfb3c9feb0eb82660

Request headers

Referer: https://gadget.pico.tools/menu/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199862
cf-polished: origSize=2139359
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76S7Z6D69DEA7VN1
x-amz-id-2: /T1+qoxExpJQxIOs+JrErKUqBhMnP7HQAxnO/GUiwMd1HacMjEsvfUIeDp4m6cLTJM6rPAPe2rk=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"b9cfd627537b65ed3bedc31fdee65ea3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I7em7GcOq%2BjMft3O9l2XxDNYQuIrhdOSUxPrShyI44so6yRZyrq6Le5vK9YJtoY6FaQJY8%2BWnOf5RwFS7LFTJxpZ%2FpetNR8KlsmXZ%2Br3fzRigd6ktVueYXgco7vr3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: .oZGdAkGr0KRAjh6fJIt7mnQIqbrG3ta
cf-request-id: 0a1ac392d80000061048a24000000001
cf-ray: 650b08648d430610-FRA
cf-bgj: minify

GET
H3-29 200 launcher.2af541037c68679009f0.css
gadget.pico.tools/ Frame 5876 59 KB
8 KB 385ms
355ms Stylesheet
text/css 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/launcher.2af541037c68679009f0.css?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 343adab432301509480822342c4aaa811dd91af22a280daee217b32e52491c75

Request headers

Referer: https://gadget.pico.tools/launcher/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199862
cf-polished: origSize=74491
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76SDWN54RASP0C6R
x-amz-id-2: WVS9mSvS/0TDJ8swlpLw6GbrrLxUG11XULiVQSfZ9wVz0UXrRVpDofnMq0mqQIDpqFj87mWHJzo=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"56b0641fca28157c9272cc4f3d16c2f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yni4pyShOTUDSbZFiD31Zi1FFWKFI9ICNXGxLEQNzWWkCu8oInPSm7hAOiVmAqPOffSmDrK4emfBQo7E6gII1uIYezBcGRrlnJfewdYXT12rk0cV%2B5PDPPBJttGIlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: CawfAoAV8r_21SOLcXkWcY_0lHCi8s4U
cf-request-id: 0a1ac39317000006102126e000000001
cf-ray: 650b0864ee360610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js Show response
gadget.pico.tools/ Frame 5876 218 KB
64 KB 114ms
96ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c43fdcd1f0656591e4edb70747f2b561d53dfdc2833f19ffe5b0e53dbfbd75

Request headers

Referer: https://gadget.pico.tools/launcher/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=223580
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYSJKQ9QFD0VW74
x-amz-id-2: lfxAIDHU7J15K4tVadU+eUIU7BWB/AIA2aWDDE5bmwBmEb6RmNFrznLB05CH7BkcdFfN0ckEIU8=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"ddb4c30f42d07ab511a51fe55f20d3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BPnfABYPOCUt%2B4cv81sz1eM5InrorZZyhe76fBmYgas13ilKMgAFK9uG5zVD3nWVCICE%2FJmXCQj1uGylH9FgUCrXd5a6PIGTOIDV%2BYK5fN6x%2Fuux2jQRtvDw6O1SXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: LauUSwIp1d.hlvugPLrnd.GWQ1srQ2WR
cf-request-id: 0a1ac3930800000610b8371000000001
cf-ray: 650b0864de060610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js Show response
gadget.pico.tools/ Frame 5876 978 KB
207 KB 321ms
303ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566c00ed3593be3a951d5599a5f19e798678b33811b6b7de91ef2d44da15a248

Request headers

Referer: https://gadget.pico.tools/launcher/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=1001986
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYMQ7Z150XRDNJB
x-amz-id-2: KOtpJEqwCwtuLJGCBOL5pzd4giq3FgiBzzQ1cAMfBG7X5LrYm6qZ2ynmmW63VNIpLN9hmuPFbW4=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"4f941e59e470402fde7058050b348964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RGH6yR3x%2F0B1RKvAzN87TaaGU8aMN66Qa1bXWoTX72fSD9Ez6EjREbBPFBhQiB84qHaBFnwdWSq1LfLdoUvfs7H7Q3NaPKPYD9JQjKKA493rzgcr2dFhtjM4Hhm%2BnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: hOpyuJB0fhVYk519FokHwECFE9wxnM9F
cf-request-id: 0a1ac3930800000610c409b000000001
cf-ray: 650b0864de090610-FRA
cf-bgj: minify

GET
H3-29 200 launcher.61eb2919fe21f595f3d6.js Show response
gadget.pico.tools/ Frame 5876 357 KB
71 KB 445ms
358ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/launcher.61eb2919fe21f595f3d6.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3310818ac4167d12fec4c2e2484897b04d87d3f9b2848b31a7b484bde8fa9247

Request headers

Referer: https://gadget.pico.tools/launcher/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199862
cf-polished: origSize=365313
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76SFW2VRNPEAZTH7
x-amz-id-2: 5jTmed9znDezTK5Qy3XBXdTo5oul+GKInoqI93QqgspMAt/qB7jR87JIjDjaqcsh9U2SgN6qnWY=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"9c47d2be7e363de2abf71b2c6f5a89b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RYaqPI9qdHgvKS%2BaCIVONGyqY2piBm8piTP543%2Bv2bZEDSqCD7lzmPs6bmerihUGjyMKkliHBU9IwwNu2sl5FwTFI8iu91Rl0Xg%2FWFCr%2BNkX2TylFyFw8HkueOiWaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: EXx51SngY33dDF2YtVgq6OtIk29.y3Uq
cf-request-id: 0a1ac3934d000006101e299000000001
cf-ray: 650b08654f0f0610-FRA
cf-bgj: minify

GET
H3-29 200 header.8e257f91ffee4c1e0760.css
gadget.pico.tools/ Frame 2575 206 KB
22 KB 387ms
355ms Stylesheet
text/css 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/header.8e257f91ffee4c1e0760.css?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22bc35c2f091d46e08582c443d350f2d3e23ab1e84a8d17bfcb151092a19a710

Request headers

Referer: https://gadget.pico.tools/header/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2199
cf-polished: origSize=257165
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9P5VRW1NRCWCTTRY
x-amz-id-2: Vy1iRpU+16PJGMue0Gij+uXJLVouwT8BACWuo2TONpLY8S2nKXzY+1hiGYkHIOh+gG/A/iAPVgw=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"4e6becc09cf49c89d658a08538b0c50d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BjYR4TAjK%2FFrBKpvtUw4MkPybn1tlo%2B1yiGiV7JHmb%2Fz4Py9Kf3Lc5IL1%2FMQtqD87NHw%2BFaidkHgzkDz4FBoP7bqrgDm4lLmfZ%2BV0bb9thrBhEz%2F8jEpaGSskZOs7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: m0cEHdyDJPgUPrQ6qbj3BflutDgLRwIM
cf-request-id: 0a1ac393150000061045aa5000000001
cf-ray: 650b0864ee3c0610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js Show response
gadget.pico.tools/ Frame 2575 218 KB
64 KB 295ms
269ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c43fdcd1f0656591e4edb70747f2b561d53dfdc2833f19ffe5b0e53dbfbd75

Request headers

Referer: https://gadget.pico.tools/header/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=223580
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYSJKQ9QFD0VW74
x-amz-id-2: lfxAIDHU7J15K4tVadU+eUIU7BWB/AIA2aWDDE5bmwBmEb6RmNFrznLB05CH7BkcdFfN0ckEIU8=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"ddb4c30f42d07ab511a51fe55f20d3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GVNXpz2G8h%2F4E09NuEawwj%2BUeFl1RYLHHt15syRoE7J4sfGf70T93kMGrvujhADo6S8JsDe7y07IMRfrOUT%2FJ5etph0bi7qQ5%2FFrDuiXnl2Lq5icShShv6TYBVtAEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: LauUSwIp1d.hlvugPLrnd.GWQ1srQ2WR
cf-request-id: 0a1ac393130000061042b3f000000001
cf-ray: 650b0864ee300610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js Show response
gadget.pico.tools/ Frame 2575 978 KB
207 KB 346ms
320ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566c00ed3593be3a951d5599a5f19e798678b33811b6b7de91ef2d44da15a248

Request headers

Referer: https://gadget.pico.tools/header/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=1001986
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYMQ7Z150XRDNJB
x-amz-id-2: KOtpJEqwCwtuLJGCBOL5pzd4giq3FgiBzzQ1cAMfBG7X5LrYm6qZ2ynmmW63VNIpLN9hmuPFbW4=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"4f941e59e470402fde7058050b348964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W2YJARLnh3fZB%2B3HmNLI4xGbIVKl8TD6qsja5dNpEoRU9UXqr8vc5DoI1t%2B8BU8eqNCYWKBQ24SJDKVx10l14SyIqfAsg9KVPbuK8oCnNnkbiL1kiLhLSUuVTLbfew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: hOpyuJB0fhVYk519FokHwECFE9wxnM9F
cf-request-id: 0a1ac3931300000610b3988000000001
cf-ray: 650b0864ee320610-FRA
cf-bgj: minify

GET
H3-29 200 header.2b8d05d9ca440891d6e2.js Show response
gadget.pico.tools/ Frame 2575 570 KB
129 KB 455ms
369ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/header.2b8d05d9ca440891d6e2.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e372abe7ce36205ab812e9f243492543fccb119db1e8b5245b422e352a5200

Request headers

Referer: https://gadget.pico.tools/header/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199862
cf-polished: origSize=583941
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76SF45ZQVQT9TZNS
x-amz-id-2: NBfTKl5fwGwNkIxoguLcknDYZKMnWVtBYrZiLD8TY8N/Qj3gkpni7u7fIFH9B0Fe3wMaINCmAw8=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"4cbe328877edd17569776733c375d1f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nLo82a%2FvaGo7AqpCt3lpNPBSi%2Fd6AA8Pe6RRyVpcE00dhqV4hro7iGtgaDd7KRTp1IkzRB6P3FpM1XDBRAOFi3kpvdq2l0ox6%2BwiQcxGjvTsPEyt9SIe%2FxzsH%2BR1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: q6ScnsM2vTB_dLHbT.dvVnJarVT.34f.
cf-request-id: 0a1ac3934d000006103a9ac000000001
cf-ray: 650b08654f160610-FRA
cf-bgj: minify

GET
H3-29 200 prompt.0c401b1eebedf7a26bdb.css
gadget.pico.tools/ Frame 5238 3 MB
326 KB 388ms
356ms Stylesheet
text/css 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/prompt.0c401b1eebedf7a26bdb.css?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6073fe3c3a236e0401bbabb02e2dcf6709612cee632c4797a7d62e5fe6dd54

Request headers

Referer: https://gadget.pico.tools/prompt/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199862
cf-polished: origSize=3326757
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76SECESSHJKFHK4N
x-amz-id-2: rIFHzV4yBzufHJ+RtGj9zmwiXGnD843cL+wOapNRAgqgSkaF/pwvfrfaiQLjv9A8i4MxKafJ1CE=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"858c7566a3f2e68983a60f8e766b7ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G5%2FVwW5gjLJEEwMNtmARKDB%2FcIEXx8FVvynkSzqWfoqnQuxHUfA4AG7JaAlvmgeF2EgNNDyTrX9DmyXqNhyQcmbAvizRXpcXeASE8Vq9s8xdzHlCutDmE9Do0Cr5rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: 1Iaszk9bAiIc.BmUJDXH7i5x9.8CBAdb
cf-request-id: 0a1ac39316000006100ca9b000000001
cf-ray: 650b0864ee3d0610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js Show response
gadget.pico.tools/ Frame 5238 218 KB
64 KB 436ms
384ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.f65052ef2b814ea96411.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c43fdcd1f0656591e4edb70747f2b561d53dfdc2833f19ffe5b0e53dbfbd75

Request headers

Referer: https://gadget.pico.tools/prompt/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=223580
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYSJKQ9QFD0VW74
x-amz-id-2: lfxAIDHU7J15K4tVadU+eUIU7BWB/AIA2aWDDE5bmwBmEb6RmNFrznLB05CH7BkcdFfN0ckEIU8=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"ddb4c30f42d07ab511a51fe55f20d3e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wQoU3RpDwUKie5taP%2Bnv1o4CEHwWfpRH0jRPosgInuMIKaqo0uQ6FokPKJ4sEurMtJgXpXpz9hP27vRMbtMUqCKN32jGYw8Zp4qRz0q0ilhRV2Jy4X9lzg9w6GEW3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: LauUSwIp1d.hlvugPLrnd.GWQ1srQ2WR
cf-request-id: 0a1ac3932c00000610b4b86000000001
cf-ray: 650b08651e9a0610-FRA
cf-bgj: minify

GET
H3-29 200 vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js Show response
gadget.pico.tools/ Frame 5238 978 KB
207 KB 420ms
391ms Script
application/javascript 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 566c00ed3593be3a951d5599a5f19e798678b33811b6b7de91ef2d44da15a248

Request headers

Referer: https://gadget.pico.tools/prompt/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199863
cf-polished: origSize=1001986
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: QVYMQ7Z150XRDNJB
x-amz-id-2: KOtpJEqwCwtuLJGCBOL5pzd4giq3FgiBzzQ1cAMfBG7X5LrYm6qZ2ynmmW63VNIpLN9hmuPFbW4=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"4f941e59e470402fde7058050b348964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P6Q%2FmTdaOcv%2BiXEQzFsIjfLKJ44lvRn%2FUiCuwhhNyvoF4eVRxBXBrsGRoU5kTZf%2BGyzbGKDBPaZe17Qjulj3wOWSKhhMzZkBC765x1TiDaTFQJMaTY4Wi1mSt2ejTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: hOpyuJB0fhVYk519FokHwECFE9wxnM9F
cf-request-id: 0a1ac3935100000610cdafb000000001
cf-ray: 650b08654f270610-FRA
cf-bgj: minify

GET
H2 200 prompt.0fe73e3b74b8e56efebc.js Show response
gadget.pico.tools/ Frame 5238 3 MB
629 KB 118ms
91ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/prompt.0fe73e3b74b8e56efebc.js?70915b78b72c8a3d4f4e
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b3927264e7dd1126ed4ef56227c1af419ad5d0557b3438a2fe3d8b032a8ad1

Request headers

Referer: https://gadget.pico.tools/prompt/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199862
cf-polished: origSize=3143372
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76S6ZKWG2BHA8DDT
x-amz-id-2: TJgN9uCg2H7ntYAq1Y8MSkSJF90aXYbTbQFqJm46s6p4kgEmanoUtl5tSRLYndd+0SZvobSKb6I=
last-modified: Fri, 14 May 2021 23:40:24 GMT
server: cloudflare
etag: W/"18e6b0f2f3df3669e2bf9abbc00dbe2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K4g2C6wtbps82irS0nP0yu801GCIGyzrVKeXzgBTvVTKq09SYCDX0qBf5CCxmOtaP1znLjyRP4zTjxDEvbrc8%2FPtqVHIrVvsXZgCdLLegVhUaq39r2qJReKMFlQSNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 7k_iIUa.iJ7CXZyuUJFIEDZGzourDHHh
cf-request-id: 0a1ac3936800002bf229b50000000001
cf-ray: 650b08657c462bf2-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ Frame 3F5C 9 KB
852 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1621035525778.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 06:00:16 GMT
server: ESF
date: Mon, 17 May 2021 07:11:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 07:11:38 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame 3F5C 27 KB
28 KB 450ms
126ms Stylesheet
text/css 52.217.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1621035525778.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.170.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b364b13a2836307fc232240d8951a25e54e6e2b886d432f7cdc3ec0df1bdb0d

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:40 GMT
Last-Modified: Wed, 14 Apr 2021 18:03:05 GMT
Server: AmazonS3
x-amz-request-id: DA5MYSWG9ND08AAT
ETag: "cd6b3703a43402d4dd9f5e907db5fc57"
Content-Type: text/css
x-amz-version-id: xL9.RoEBwNNRQfIS7asNuE4nLZ66sHE4
Accept-Ranges: bytes
Content-Length: 27952
x-amz-id-2: 4awy6jrtaXhsVuaJQUWSexm7gLtXqZogrAU06/a7YviXGIy0XP8duDn7DzycyCYD+ZvtUz6+39M=

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5876 9 KB
755 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1621035525778.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 05:38:23 GMT
server: ESF
date: Mon, 17 May 2021 07:11:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 07:11:38 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame 5876 27 KB
28 KB 421ms
126ms Stylesheet
text/css 52.217.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1621035525778.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.170.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b364b13a2836307fc232240d8951a25e54e6e2b886d432f7cdc3ec0df1bdb0d

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:40 GMT
Last-Modified: Wed, 14 Apr 2021 18:03:05 GMT
Server: AmazonS3
x-amz-request-id: DA5RWA1NVNFVCG3A
ETag: "cd6b3703a43402d4dd9f5e907db5fc57"
Content-Type: text/css
x-amz-version-id: xL9.RoEBwNNRQfIS7asNuE4nLZ66sHE4
Accept-Ranges: bytes
Content-Length: 27952
x-amz-id-2: 1LpXojCEs0qtaoL629muS17xJ8Y3TBuayBKl1/bYEtyqzmP0uWqDEOv4K+i+1aE48hi0MGi69OQ=

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2575 9 KB
755 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1621035525778.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 06:14:16 GMT
server: ESF
date: Mon, 17 May 2021 07:11:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 07:11:39 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame 2575 27 KB
28 KB 114ms
113ms Stylesheet
text/css 52.217.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1621035525778.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.170.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b364b13a2836307fc232240d8951a25e54e6e2b886d432f7cdc3ec0df1bdb0d

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:40 GMT
Last-Modified: Wed, 14 Apr 2021 18:03:05 GMT
Server: AmazonS3
x-amz-request-id: DA5WK98JQ4S8HB7C
ETag: "cd6b3703a43402d4dd9f5e907db5fc57"
Content-Type: text/css
x-amz-version-id: xL9.RoEBwNNRQfIS7asNuE4nLZ66sHE4
Accept-Ranges: bytes
Content-Length: 27952
x-amz-id-2: WiogfEHqrDCLedXGB0HQAtVOTrzzQI5gXA9Gc7WKP8ZYk8IIYI8bMNTwjG21AU9Tznou3frGRzI=

GET
H2 200 css
fonts.googleapis.com/ Frame 5238 9 KB
854 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 05:48:07 GMT
server: ESF
date: Mon, 17 May 2021 07:11:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 07:11:40 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame 5238 27 KB
28 KB 113ms
113ms Stylesheet
text/css 52.217.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.170.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b364b13a2836307fc232240d8951a25e54e6e2b886d432f7cdc3ec0df1bdb0d

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:41 GMT
Last-Modified: Wed, 14 Apr 2021 18:03:05 GMT
Server: AmazonS3
x-amz-request-id: 6F24CS1S0Q12TE1H
ETag: "cd6b3703a43402d4dd9f5e907db5fc57"
Content-Type: text/css
x-amz-version-id: xL9.RoEBwNNRQfIS7asNuE4nLZ66sHE4
Accept-Ranges: bytes
Content-Length: 27952
x-amz-id-2: KqTD7vPPE7LRTQ7y8FQiqssKXZIYOngg1eVnqPSbRPWvzu5jsvS0nE2XZEjrByiD3/uhahy6eSs=

GET
H2 404 null
gadget.pico.tools/prompt/ Frame 5238 540 B
540 B 283ms
282ms Image
text/html 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadget.pico.tools/prompt/null
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eeff231ccdc8b0ab7917fc02eb3cbf018e66cb4bb87850800f21044a4a59138

Request headers

Referer: https://gadget.pico.tools/prompt/index.1621035525778.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: E2HYVBGQA0KXJAA8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uhnESdq%2BRAnOGhC8bDnYl95NOQp0FcBAlDboEdnGIDxJk5Z1OyweuJ%2BDlsqjU1bzjtPC4HRDqIHKgxrZEZyDZbPZQr8dUrnPMyHV7hb%2Bcd3jCKm2Z%2Brr2i%2BNMmnIoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-request-id: 0a1ac39fe800002bf2453ab000000001
cf-ray: 650b08797bf62bf2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: AtQUltIeoeVMMqIL6nJSMHBLnInQBIg4wiqkZ5CGK4rChpkXzCUy4IUaufBP0m1ucYolIuVGdos=

GET
H2 200 logo_1614103069968_358.jpeg
images.pico.tools/production/ Frame 5876 7 KB
7 KB 39ms
17ms Image
image/webp 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.pico.tools/production/logo_1614103069968_358.jpeg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af6feac3aaa0ca34c60552ee8b52e2217a2ecd0dc111dce55ede0b64815f5e0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1309
cf-polished: qual=85, origFmt=jpeg, origSize=38519
cf-ray: 650b087aef542bf2-FRA
content-disposition: inline; filename="logo_1614103069968_358.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6800
x-amz-id-2: 4rU+aPya4IrkqO4y5Mol0rSQLpHYcGs2HmVM4r4WJgPb1RgJQMTVIUZyOxLBgQG7b3PDtGrAtAA=
last-modified: Tue, 23 Feb 2021 17:57:50 GMT
server: cloudflare
etag: "48ce0e444bbd8b460492dd423ba73424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4H1lOPiRBqd7UscR1EWtVCh3smBc8%2FX4BtKWCWrMPlVPREuqakYdkbZ4HvfGme51gJ8UfnckVgF4xA9d8CzFyqjEJkmyvS13s%2FetxzYvt31jg7NkmJAfxiY8TpEg9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: K2YY7TGQJ9N1R692
cf-request-id: 0a1ac3a0ce00002bf2caa94000000001
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 cover_1614103071031_141.jpeg
images.pico.tools/production/ Frame 5238 196 KB
197 KB 24ms
24ms Image
image/webp 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.pico.tools/production/cover_1614103071031_141.jpeg
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1621035525778.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e15367059c4eeff05a6e828e8e800db2c72ea4d42a79753030452447953b04

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1309
cf-polished: qual=85, origFmt=jpeg, origSize=1053409
cf-ray: 650b087aef582bf2-FRA
content-disposition: inline; filename="cover_1614103071031_141.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 200584
x-amz-id-2: PoQKuWAcmRDOj6m/5nalL7nHB3zWgSWUGo8oXoOJfaDjWvBA+4UCPqnIdI3pKn9GBcHO0xdsqi4=
last-modified: Tue, 23 Feb 2021 17:57:52 GMT
server: cloudflare
etag: "d384e783c0e78f79c8b7092ccfd1f206"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YjZ73NEMd76%2By7uCwwmlPferJXww%2FpeUbc7OUQ4PdZNpTpkE%2Fbnei778WVORnb9a60c84bCoEaMi60dAURWC7lZbzVwy53XRo3vhNiuZfPgfxfGCZHcX%2BGHvyLko5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: K2YSH59A6YHS4GGA
cf-request-id: 0a1ac3a0ce00002bf23e283000000001
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

POST
H3-29 200 prompt Show response
api.pico.tools/metrics/ Frame 101B 2 B
686 B 501ms
493ms XHR
text/plain 2606:4700:20::681a:2c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/metrics/prompt

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:2c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

adBlockling: false
Session-ID: 9d022272-0c3e-4c7c-8fe0-ebe45fab800b
current-page: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
from-domain: https://www.metrotimes.com/detroit/okinawa-flat-belly-tonic-reviews-afraid-it-wont-work/Content?oid=27115479
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb3VudGVycyI6eyJwYWdlX3ZpZXdfZmFlYTU3ZmMtY2Y1Zi00YjU3LWExNWUtMjE3ODk4MDkxZWFhIjp7ImNvdW50IjoxLCJyZXNldCI6InNlc3Npb24ifSwicGFnZV92aWV3X2VkZDQ3MDQwLWM4OGEtNDEzZS1hNjU2LTQyZmRjMzU3YmM1MSI6eyJjb3VudCI6MSwicmVzZXQiOiJtb250aCJ9LCJwb3B1cF9jb3VudGVyX2ZhZWE1N2ZjLWNmNWYtNGI1Ny1hMTVlLTIxNzg5ODA5MWVhYSI6eyJjb3VudCI6MSwicmVzZXQiOiJtb250aCJ9LCJHTE9CQUxfQVJUSUNMRV9DT1VOVCI6eyJjb3VudCI6MSwicmVzZXQiOiJtb250aCJ9fSwiYWxsX2FydGljbGVzIjpbIjFmNWFhZjYxLWMxNjctNDVkYS05YmM2LWNmNzBlNDQzNWQyYSJdLCJsb2NrZWRfYXJ0aWNsZXMiOltdLCJzY29wZSI6Imd1ZXN0IiwiYXpwIjoiNGQ1NjRiNDMtNmVjMy00MWZjLTg0OGItNDA3MTZlNmE1YmZkIiwidmVyc2lvbiI6MiwidXNlcl9pZCI6IjIzZTBkOTM4LTE1NGUtNGNkYS05ZmFlLWE2ZDMyMGZhZjc5NiIsImlhdCI6MTYyMTIzNTQ5OCwiZXhwIjoxNjUyNzkzMDk4LCJhdWQiOlsibWV0cm90aW1lcy5jb20iLCJtLm1ldHJvdGltZXMuY29tIiwibWV0cm90aW1lcy5jb20iXSwiaXNzIjoiaHR0cHM6Ly9hcGkucGljby50b29scyIsImp0aSI6IjIyYTllNDlkLTQ5MTYtNGE5Ny04NjE5LTI4MTZlNDAwOGU1MCJ9.LPqozCQYZ3uHNNgbL6ww0P3LuJt2EVlM08KtOsjKs8eQ9jXad2aKlZ0Lr5IDHqOajSk16WM-h8fzDYktbBMUvx-DpHLtrEUeA3fsS3n5dkIMjJvatMLny8v88nTzzwA16bwM-zz2daGC2NmZF5wcGukHTGNFXpigNmwOifj6I675-TPzbF1N502LZkdid81VC56HG0LoHC71XcHo4umNeV08v4fmGIJkKm0oYPP4VYkH7vrPYJrihKu3jKHfwbpe09izfda1NqGl0J1yOvile51edicO9sr_rdw4WVPXqAKXFBVBX5bCs3bRao1YQNIJkFeiYYSFIslXQqu3yHuh-gXzmsUj4-iyneXHTS21Kk1Qbm0kqSVAh71EP4J615cqMvqjuRz1ZjzYMH8R4o_rKEbVuDh6lED8a1QkmNGDeG4ibae--BVclg8l5qnaAUigmoAOsvQFMAE9dIYNWG6dl96FeX5GtqFUV8HAynaoMBXkf7Kzt5npiNvnr4EOgKpQulC5_RrNXEPN6zQBaLVO5zqfPKnkVUM9-yqpLqshkwIsX9SlZ7EiFFUY0Bx4gpPm-oQ5cQDLvy1_Sjfl_XbijUTDoIr6rOQ5IxctGk3QikeCCa8vWOj-NIwXlSUFkAB0uHT4DWnyyhpCVcRhduX8SFWi5fWQnIanvKzL58qjeeg
Content-Type: application/json
Accept: application/json
prev-page
Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
publisherId: 4d564b43-6ec3-41fc-848b-40716e6a5bfd

Response headers

date: Mon, 17 May 2021 07:11:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mvd5Fkb9ZF9J7HQUgY6jAydCTFLXxnVChdcVCMHrDwOgOq7iabM0lTVIQ%2FI2jgajvkCfI7OzTnxqzD7%2BYO8cOC8IidWW1WOssZY7Y2UcQSJaFVt5HG1sR4FY%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
cf-request-id: 0a1ac3a33900001f25813d1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
x-download-options: noopen
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://gadget.pico.tools
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
session-id: 9d022272-0c3e-4c7c-8fe0-ebe45fab800b
cf-ray: 650b087ecb331f25-FRA
version: 3.0.1

OPTIONS
H2 204 prompt
api.pico.tools/metrics/ Frame 0
0 498ms
498ms Preflight 2606:4700:20::ac43:48fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/metrics/prompt

Protocol

Server

2606:4700:20::ac43:48fb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: adblockling,authorization,content-type,current-page,from-domain,prev-page,publisherid,session-id
Origin: https://gadget.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 17 May 2021 07:11:41 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://gadget.pico.tools
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: adblockling,authorization,content-type,current-page,from-domain,prev-page,publisherid,session-id
cf-cache-status: DYNAMIC
cf-request-id: 0a1ac3a14c00002c36ebb86000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I3obQUSQhKpRXbKjAqmKv%2Bjycd8feuvCDE7y5Db8QXFfxkUHIWzdtJJgo92EaGIDTf6cVjCMAFAqK6QaqLqwkI8G2DSXVU8OXQS2w7GtXufA1%2F%2FOpYSlE7lTWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 650b087baff62c36-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK metrotimes-1620844067828-offer-signup_rich_text-markdown.md Show response
s3.amazonaws.com/customtext.pico.tools/ Frame 5238 152 B
745 B 471ms
150ms XHR
application/octet-stream 52.217.106.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/customtext.pico.tools/metrotimes-1620844067828-offer-signup_rich_text-markdown.md
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.106.246 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a3ec6fa8d464bc45244702f38266677747946527355e9c2a4d61ab6ef2438252

Request headers

Accept: application/json, text/plain, */*
Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:43 GMT
Last-Modified: Thu, 13 May 2021 22:53:19 GMT
Server: AmazonS3
x-amz-request-id: 1JFEHS6PBDWAAEYR
ETag: "b32b8f267e2820dc1b3a986e4c366238"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD, PUT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 152
x-amz-id-2: tKfEKowG6SmICcuuXmQDTPROASZuKtD/1RnTLElB1xvaDqAk1LjoDqFHx/ZLNPIvNrhIVN/4J8w=
Access-Control-Expose-Headers: ETag

GET
H/1.1 200
OK picomoon.ttf
development-cms-assets.s3.amazonaws.com/icons/common/fonts/ Frame 5238 61 KB
61 KB 461ms
143ms Font
binary/octet-stream 52.217.170.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/fonts/picomoon.ttf?444c0j
Requested by: Host: development-cms-assets.s3.amazonaws.com
URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.170.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a55fb54fae46a2a5dd92fa074cdbffd49ddffb4f1e578f69c5be83442e8a0ee6

Request headers

Origin: https://gadget.pico.tools
Referer: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:43 GMT
Last-Modified: Wed, 14 Apr 2021 18:03:07 GMT
Server: AmazonS3
x-amz-request-id: 1JF2A4KJ1NJ5RAQG
ETag: "595140a4f1cffa1fe1e6926464d9c2aa"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: S.pbilvH6dxrRxeGE0seLwtEZKqwxQr4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, x-amz-meta-custom-header
Accept-Ranges: bytes
Content-Type: binary/octet-stream
Content-Length: 62268
x-amz-id-2: VMOSV4rZn91iSNdGv2RSus/iRVLs83mAVJiaM1JSGB6zmFc+jHi7Pjd5fW34wLzvGw3PSp46HjA=

POST
H2 200 ping Show response
pingback.issuu.com/ Frame BC18 0
43 B 111ms
111ms XHR
text/plain 2600:1901:0:a175::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pingback.issuu.com/ping
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/249/iframe-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a175:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 May 2021 07:11:42 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-max-age: 86400
access-control-allow-methods: POST
access-control-allow-origin: https://e.issuu.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 like.php Show response
www.facebook.com/v3.2/plugins/ Frame 3381 47 KB
15 KB 241ms
239ms Document
text/html 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35e7ccb2d142fc%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff3488561f7f43f8%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a5b619d2a316822b74a98ffdfb91332c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7202e78be9084b0edfced5e80a8ccf5e84d9745d4124d229e07e3ee7d532b5a0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35e7ccb2d142fc%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff3488561f7f43f8%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

x-fb-rlafr: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.3
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
vary: Accept-Encoding
pragma: no-cache
content-type: text/html; charset="utf-8"
x-fb-debug: QuFrV1lAF6+YupjTgDMF1tbP7G7sspuICLKpCVB21BzBxMhCHb5CQ7VmQAaFH+K2qcnUVDoC4zC8Hx4lra3Rlw==
date: Mon, 17 May 2021 07:11:42 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 8B66 0
182 B 103ms
33ms Document
text/html 52.30.148.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&upid=6zt9zkh&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.148.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&upid=6zt9zkh&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Mon, 17 May 2021 07:11:42 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 3381 400 B
449 B 18ms
16ms Image
image/png 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35e7ccb2d142fc%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff3488561f7f43f8%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35e7ccb2d142fc%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff3488561f7f43f8%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: jrrKB0/7cuG281BQBF69bWuGzmKecrEHBiUTMSqFPZDKdWAAAy+z58HaB68VcbKi8nnUBSH7MwoDmf5sgR8/aw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Wed, 12 May 2021 01:53:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Thu, 12 May 2022 01:53:25 GMT

GET
H3-29 200 1aGdzEZwTaf.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 3381 504 KB
132 KB 18ms
16ms XHR
application/x-javascript 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yT/l/en_US/1aGdzEZwTaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c6676edb6a480947e8347cfa5b1b4ae63428d69daa309a55fb8431e772254a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35e7ccb2d142fc%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff3488561f7f43f8%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 16:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HrxID+X1h6P6uVwL4laoDg==
cross-origin-resource-policy: cross-origin
content-length: 135123
x-fb-rlafr: 0
x-fb-debug: jxI9n8+lqZS0YOAhw85yCCX8PxniSFEnwKs6ItJ/kLqZILIawas9N6gfPVMLmEQvjxVlxcPBfrZHgV4L8Ydo6g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 May 2022 16:36:39 GMT

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 3381 67 B
97 B 46ms
42ms Image
image/png 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1621235502621&t_start=1621235502621&t_domcontent=1621235502631&t_layout=1621235502698&t_onload=1621235502698&t_paint=1621235502698&t_creport=1621235502698&t_tti=1621235502631&lid=6963153460328747141-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35e7ccb2d142fc%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff3488561f7f43f8%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2Fokinawa-flat-belly-tonic-reviews-afraid-it-wont-work%2FContent%3Foid%3D27115479&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 0oK41LtwcjPeKkvEu0QmYzv7HOl/W7suunPfLKu3yiAlqHklM9+cOGVEt87NmA08m1RbcOe/87rYFpaRCVwfTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 May 2021 07:11:42 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 57ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.metrotimes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 07:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ Frame 6F20 9 KB
5 KB 62ms
32ms XHR
application/xml 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20971543&cb=1621235505010&referrer=https://www.metrotimes.com&kw_publication=metrotimes&kw_page=article&vwidth=426&vheight=240&vcontext=4&vframeworks=1,2&vv=2,3,4&mimes=video%2Fmp4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

238fe5ec47aca620dbd6dda721a8c5c34243614bb7e7a638413ceca207f51e9d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 89.249.64.196; 89.249.64.196; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.50:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5c7f7fbd-a94b-47f2-9d33-f5f866575d23
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6F20 0
331 B 70ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kos9r5ej&c=957447423777&slotId=478723711888.5&fb=ima-html5&sdkv=h.3.458.0&ppt=fdncms%2Ftop-stories&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=420706109%2C44739555
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader20.html Show response
tpc.googlesyndication.com/pagead/js/ Frame B32E 51 KB
19 KB 51ms
16ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 16 May 2021 14:21:08 GMT
expires: Mon, 17 May 2021 14:21:08 GMT
content-type: text/html; charset=UTF-8
etag: 15578078210308968909
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 18563
x-xss-protection: 0
age: 60637
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK anwrapper-1.999.0.js Show response
acdn.adnxs-simple.com/vx/static/w/ Frame B32E 152 KB
43 KB 68ms
25ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 14:16:07 GMT
Server: nginx/1.13.10
ETag: W/"607d90a7-26103"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 43880
Expires: Tue, 17 May 2022 07:11:45 GMT

POST
H2 204 pack
rb.adnxs-simple.com/ Frame B32E 0
278 B 60ms
13ms Ping
text/plain 37.252.167.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.215 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Mon, 17 May 2021 07:11:45 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H/1.1 200
OK sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34= Show response
ads.adaptv.advertising.com/a/h/ Frame B32E 2 KB
1 KB 80ms
25ms XHR
text/xml 3.125.100.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=?cb=1031765852&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=EMBEDDING_PAGE_URL&scpid=[scpid]&hp=[hp]&eov=eov

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-100-70.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

8c9d82560616b575850e3565bd5891befb0f91af40e2c53bf8973361632aa080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 974
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7D4D 52 KB
17 KB 41ms
8ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tpc.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: anj=dTM7k!M4/8CxrEQF']wIg2In9hDijp!@wnf-Te9(>wL5L!!'L$$cCAP; icu=ChgI5rZxEAoYASABKAEwsa6IhQY4AUABSAEQsa6IhQYYAA..; uuid2=172935876889166044
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 14 May 2021 05:43:20 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 17 May 2021 07:11:45 GMT
Age: 5299
X-Served-By: cache-lga21946-LGA, cache-hhn4059-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 5, 144972
X-Timer: S1621235506.538726,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 74E8 15 KB
7 KB 167ms
28ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=04330fd0-58db-4feb-9537-44d78d62ea90&pblob=
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-94-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: de96630998b37fa93c8a03b6bd8449a1a75ce729ab4989ef6b848f8f7f3ffdae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:45 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6613

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame 74E8 317 KB
102 KB 40ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=04330fd0-58db-4feb-9537-44d78d62ea90&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 15 May 2021 06:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176577
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: KIQUg64nM40gq5uHl5VpW0VjLoKLN5rjsrIm/DRpbTqz3XjZ3aq1HaZ/AF822YuZ1UeNO69bO/I=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: BAXGZE9F1ASAVVSQ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 74E8 43 B
246 B 86ms
12ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5f981d4f17a15a0001a55286&s=true&pv=10.2.63&ifr=true&cb=0.013417255009712248&pt=o2unit&sid=c5da4424-525a-4419-aa67-7184ab483e7a&r=https%3A%2F%2Fwww.metrotimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:45 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:45 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame B32E 133 KB
44 KB 19ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:45 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46913
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame 8642 2 KB
781 B 7ms
7ms Document
text/html 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tpc.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

x-amz-id-2: EjRcJI+UbIPKNm7Wd8p1vcXjmlurpKond+EFEfLVushaY+wiiAF0t7nxvTOk3URkhpIHKuAy7UU=
x-amz-request-id: 9YRCKQ0BC3M24KAF
date: Thu, 13 May 2021 06:47:27 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 347059
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=
ads.adaptv.advertising.com/a/h/ Frame 74E8 249 B
0 198ms
194ms XHR
text/xml 3.125.100.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=?cb=1031765852&gdpr=&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fwww.metrotimes.com&scpid=[scpid]&hp=[hp]&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.metrotimes.com&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=2&height=0&moatViewableOpportunity=100&p.vw.active=1&p.vw.psize=-1&p.vw.viewable=1&p.vw.viewableOpportunity=1&referrerUrl=https%3A%2F%2Fimasdk.googleapis.com%2F&width=0

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-100-70.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 74E8 43 B
245 B 18ms
14ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=c5da4424-525a-4419-aa67-7184ab483e7a&vvuid=a04061d9-1d6f-4433-bb3c-75116f64af1d&orgId=28860&plcid=1274816&vrid=04330fd0-58db-4feb-9537-44d78d62ea90&ab=0&dt=225&h=0&spaceid=793604934&w=0&cb=0.6207240912321657
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:46 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:46 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 74E8 43 B
245 B 20ms
15ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=c5da4424-525a-4419-aa67-7184ab483e7a&vvuid=a04061d9-1d6f-4433-bb3c-75116f64af1d&orgId=28860&plcid=1274816&vrid=04330fd0-58db-4feb-9537-44d78d62ea90&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&cb=0.46568500249340605
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:46 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:46 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 74E8 43 B
245 B 23ms
19ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=c5da4424-525a-4419-aa67-7184ab483e7a&vvuid=a04061d9-1d6f-4433-bb3c-75116f64af1d&orgId=28860&plcid=1274816&vrid=04330fd0-58db-4feb-9537-44d78d62ea90&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&h=0&cb=0.6472204087198148
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:46 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:46 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame B32E 43 B
260 B 34ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1621235506115&de=499622415979&d=152%3A-%3A-%3A-&bo=metrotimes.com&bd=metrotimes.com&f=1&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 May 2021 07:11:46 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame 74E8 0
0

POST
H2 204 pack
rb.adnxs-simple.com/ Frame B32E 0
277 B 19ms
15ms Ping
text/plain 37.252.167.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.215 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Mon, 17 May 2021 07:11:46 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H/1.1 200
OK v2
ams1-ib.adnxs.com/vast_track/ Frame 6F20 0
820 B 54ms
21ms Image
text/html 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/vast_track/v2?info=ZgAAAAMArgAFAQkxF6JgAAAAABEysFRyNbJGbxkxF6JgAAAAACDds9V5KAAww0Y4w0ZA5rZxSJmg0AJQl4CAClgBYgJERWgBcAF4AIABAogBBJABqgOYAfABoAEAqAHds9V5sAEB&s=cf83c53fef06b9477e443760880ba3f8b8058f89&event_type=4&error_code=901

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 07:11:46 GMT
X-Proxy-Origin: 89.249.64.196; 89.249.64.196; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: 321d3a57-d4c5-4293-b48b-a47d94eb9801
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.metrotimes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 07:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ Frame 6F20 9 KB
5 KB 79ms
78ms XHR
application/xml 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20971543&cb=1621235512931&referrer=https://www.metrotimes.com&kw_publication=metrotimes&kw_page=article&vwidth=426&vheight=240&vcontext=4&vframeworks=1,2&vv=2,3,4&mimes=video%2Fmp4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

568a48024cbc4afda49ccc9e218cf60b24ce257680841c0ee72fecaf851b86c7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 89.249.64.196; 89.249.64.196; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.180:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b1e137c4-aa5f-44c0-8f06-dbfb576787a1
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6F20 0
54 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kos9rdwt&c=957447423777&slotId=478723711888.5&fb=ima-html5&sdkv=h.3.458.0&ppt=fdncms%2Ftop-stories&mrd=4&aab=1&itv=1&met.4=err.kos9reqo&aec=901
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader20.html Show response
tpc.googlesyndication.com/pagead/js/ Frame 0C2F 51 KB
18 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 16 May 2021 14:21:08 GMT
expires: Mon, 17 May 2021 14:21:08 GMT
content-type: text/html; charset=UTF-8
etag: 15578078210308968909
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 18563
x-xss-protection: 0
age: 60645
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK anwrapper-1.999.0.js Show response
acdn.adnxs-simple.com/vx/static/w/ Frame 0C2F 152 KB
43 KB 21ms
20ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 07:11:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 14:16:07 GMT
Server: nginx/1.13.10
ETag: W/"607d90a7-26103"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 43880
Expires: Tue, 17 May 2022 07:11:53 GMT

POST
H2 204 pack
rb.adnxs-simple.com/ Frame 0C2F 0
277 B 17ms
14ms Ping
text/plain 37.252.167.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.215 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Mon, 17 May 2021 07:11:53 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H/1.1 200
OK sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34= Show response
ads.adaptv.advertising.com/a/h/ Frame 0C2F 2 KB
1 KB 18ms
18ms XHR
text/xml 3.125.100.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=?cb=1144512945&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=EMBEDDING_PAGE_URL&scpid=[scpid]&hp=[hp]&eov=eov

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-100-70.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

4a239a8776572473dc20be8fd07cfd8efb32c88ea7dd988f16a5c2bbc271e0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 974
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0C7B 52 KB
17 KB 8ms
8ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tpc.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: anj=dTM7k!M4/8CxrEQF']wIg2In2hDijp!A#FZ.CK$wNya!tNhTp%hRtl>; icu=ChgI5rZxEAoYASABKAEwua6IhQY4AUABSAEQua6IhQYYAA..; uuid2=3425243147827754678
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 14 May 2021 05:43:20 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 17 May 2021 07:11:53 GMT
Age: 5307
X-Served-By: cache-lga21946-LGA, cache-hhn4059-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 5, 145201
X-Timer: S1621235514.548610,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 949F 15 KB
7 KB 32ms
31ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=25632ce2-7665-47b3-88bf-8cf9944d3cbc&pblob=
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-94-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 633cc46cfa7ca1dc186a026c5de5a99b22d154bb3973e93f9830e5c536bcdbf3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:53 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6615

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame 949F 317 KB
102 KB 10ms
9ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 15 May 2021 06:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176585
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: KIQUg64nM40gq5uHl5VpW0VjLoKLN5rjsrIm/DRpbTqz3XjZ3aq1HaZ/AF822YuZ1UeNO69bO/I=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: BAXGZE9F1ASAVVSQ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 949F 43 B
245 B 14ms
14ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5f981d4f17a15a0001a55286&s=true&pv=10.2.63&ifr=true&cb=0.8290683528493104&pt=o2unit&sid=f3142e52-d596-49d5-b25c-98aa4bac8838&r=https%3A%2F%2Fwww.metrotimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:53 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:53 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 0C2F 133 KB
44 KB 27ms
27ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46905
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame F1F4 2 KB
614 B 9ms
7ms Document
text/html 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tpc.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

x-amz-id-2: EjRcJI+UbIPKNm7Wd8p1vcXjmlurpKond+EFEfLVushaY+wiiAF0t7nxvTOk3URkhpIHKuAy7UU=
x-amz-request-id: 9YRCKQ0BC3M24KAF
date: Thu, 13 May 2021 06:47:27 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 347067
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=
ads.adaptv.advertising.com/a/h/ Frame 949F 249 B
0 414ms
409ms XHR
text/xml 3.125.100.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=?cb=1144512945&gdpr=&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fwww.metrotimes.com&scpid=[scpid]&hp=[hp]&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.metrotimes.com&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=2&height=0&moatViewableOpportunity=100&p.vw.active=1&p.vw.psize=-1&p.vw.viewable=1&p.vw.viewableOpportunity=1&referrerUrl=https%3A%2F%2Fimasdk.googleapis.com%2F&width=0

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.100.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-100-70.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 949F 43 B
245 B 17ms
1ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=f3142e52-d596-49d5-b25c-98aa4bac8838&vvuid=09c188c0-8ffc-4229-9e3e-d8125d4d40cb&orgId=28860&plcid=1274816&vrid=25632ce2-7665-47b3-88bf-8cf9944d3cbc&ab=0&dt=85&h=0&spaceid=793604934&w=0&cb=0.9650813785415375
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:53 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:53 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 949F 43 B
245 B 32ms
17ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=f3142e52-d596-49d5-b25c-98aa4bac8838&vvuid=09c188c0-8ffc-4229-9e3e-d8125d4d40cb&orgId=28860&plcid=1274816&vrid=25632ce2-7665-47b3-88bf-8cf9944d3cbc&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&cb=0.7749353179014076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:53 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:53 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 949F 43 B
245 B 31ms
16ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=f3142e52-d596-49d5-b25c-98aa4bac8838&vvuid=09c188c0-8ffc-4229-9e3e-d8125d4d40cb&orgId=28860&plcid=1274816&vrid=25632ce2-7665-47b3-88bf-8cf9944d3cbc&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&h=0&cb=0.9245923598640977
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:11:53 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 17 May 2021 07:11:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 0C2F 43 B
260 B 22ms
21ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1621235513827&de=356295326564&d=8%3A-%3A-%3A-&bo=metrotimes.com&bd=metrotimes.com&f=1&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:11:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 17 May 2021 07:11:53 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame 949F 0
0

POST
H2 204 pack
rb.adnxs-simple.com/ Frame 0C2F 0
277 B 18ms
18ms Ping
text/plain 37.252.167.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs-simple.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/vx/static/w/anwrapper-1.999.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.215 Bethnal Green, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Mon, 17 May 2021 07:11:54 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H/1.1 200
OK v2
ams1-ib.adnxs.com/vast_track/ Frame 6F20 0
821 B 33ms
33ms Image
text/html 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/vast_track/v2?info=ZgAAAAMArgAFAQk5F6JgAAAAABFfeFGtm0NgXxk4F6JgAAAAACDds9V5KAAww0Y4w0ZA5rZxSJmg0AJQl4CAClgBYgJERWgBcAF4AIABAogBBJABqgOYAfABoAEAqAHds9V5sAEB&s=b3b807b8a72257d1f0726ae334b67d4960eadda8&event_type=4&error_code=901

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 07:11:54 GMT
X-Proxy-Origin: 89.249.64.196; 89.249.64.196; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid: 247695e1-190c-48e6-aca2-3f7c621a7c3f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=c5da4424-525a-4419-aa67-7184ab483e7a&vvuid=a04061d9-1d6f-4433-bb3c-75116f64af1d&orgId=28860&plcid=1274816&vrid=04330fd0-58db-4feb-9537-44d78d62ea90&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=224&ar=no&fo=0&ft=0&h=0&cb=0.16395032196272896

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=f3142e52-d596-49d5-b25c-98aa4bac8838&vvuid=09c188c0-8ffc-4229-9e3e-d8125d4d40cb&orgId=28860&plcid=1274816&vrid=25632ce2-7665-47b3-88bf-8cf9944d3cbc&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=434&ar=no&fo=0&ft=0&h=0&cb=0.9177453220498986

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://widget.pico.tools/wrapper.min.js(Line 1) Message: Local storage not available
console-api	error	URL: https://widget.pico.tools/wrapper.min.js(Line 1) Message: Local storage not available
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.metrotimes.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.group
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The current URL, is /registration?popupId=3c56285e-df80-47f7-9ec4-da1c3f961d63
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The last navigation action was REPLACE
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.groupEnd
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.group
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The current URL, is /login?id=RegistrationWizard
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The last navigation action was REPLACE
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.groupEnd
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.group
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The current URL, is /login/enter-email?id=LoginWizard
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The last navigation action was REPLACE
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.groupEnd
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.group
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The current URL, is /header-bar?useDefault=true
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: The last navigation action was REPLACE
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.b0d9a16cbad9f7d3fa9f.js?70915b78b72c8a3d4f4e(Line 1) Message: console.groupEnd
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 09:11:46.247 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 09:11:46.249 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 09:11:54.184 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 09:11:54.186 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
acdn.adnxs-simple.com
acdn.adnxs.com
acds.prod.vidible.tv
ads.adaptv.advertising.com
adservice.google.com
ajax.googleapis.com
ams1-ib.adnxs.com
api.pico.tools
apis.google.com
assets.isu.pub
cdn-ssl.vidible.tv
connect.facebook.net
csi.gstatic.com
development-cms-assets.s3.amazonaws.com
diffuser-cdn.app-us1.com
e.issuu.com
fonts.googleapis.com
fonts.gstatic.com
gadget.pico.tools
ib.adnxs.com
image.isu.pub
images.pico.tools
imasdk.googleapis.com
insight.adsrvr.org
issuu.com
js.adsrvr.org
layers.isu.pub
media1.fdncms.com
media2.fdncms.com
pagead2.googlesyndication.com
photos.metrotimes.com
pingback.issuu.com
pixel.quantserve.com
platform.twitter.com
prism.app-us1.com
px.moatads.com
quantcast.mgr.consensu.org
rb.adnxs-simple.com
reader3.isu.pub
rules.quantcount.com
s0.2mdn.net
s3.amazonaws.com
s7.addthis.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.gstatic.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
trackcmp.net
trk.vidible.tv
unpkg.com
us.commitchange.com
v1.addthisedge.com
widget.pico.tools
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.metrotimes.com
z.moatads.com
trk.vidible.tv
104.244.42.72
104.75.88.126
142.250.181.226
151.101.113.108
185.33.220.243
185.33.221.88
2.18.232.130
2.18.235.40
2001:4860:4802:32::3
209.104.5.202
209.104.5.203
209.104.5.204
2600:1901:0:a175::
2600:9000:211e:ea00:9:46dc:4700:93a1
2600:9000:2190:7c00:6:44e3:f8c0:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:178
2606:4700:20::681a:2c0
2606:4700:20::681a:3c0
2606:4700:20::ac43:4771
2606:4700:20::ac43:48fb
2606:4700::6810:7aaf
2606:4700::6811:925b
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:800::7000
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:802::200d
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2006
2a00:1450:4001:813::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a00:1450:400c:c0a::9b
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
2a04:4e42:1b::622
3.125.100.70
35.170.115.227
37.252.167.215
52.207.46.124
52.217.106.246
52.217.170.17
52.30.148.233
52.57.141.238
54.195.94.143
65.9.65.116
01364176bc68881806e67bfb4477a7ef67f4afe64c2694d65f991cfc39291115
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05c43fdcd1f0656591e4edb70747f2b561d53dfdc2833f19ffe5b0e53dbfbd75
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
081fe081ca1a1c7857c829ef147d17156961a29cbe66e56b31bb6fbefee16310
09c0e7ca6a3b802c1833253354fe3fcc34bdb147a3c2928bd052946f923dcb51
0c6676edb6a480947e8347cfa5b1b4ae63428d69daa309a55fb8431e772254a3
0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
132d57a4a149305b69addae71121eede5194c86d26beec45d4395058bbafff63
134e71676ed35a1ec4ebcf22d1f6445670b3556afa7f7399866da8301331556f
15bd44ded791bf9220dcd55602b962123be80784c7d3f7e40bdcaad56bbd4188
166ffb156fe893d301169ee0023b387cf7e22535c89aa8112b0ed07e87d46928
1a707ebe79188b2e52b8ae9858b9866035b75aa5732efaa09967a4ed573cf3bd
1dd9f724ce2c535eb36d10a55b65357a2c09e63d387bde29c8f262e02428787b
1eeff231ccdc8b0ab7917fc02eb3cbf018e66cb4bb87850800f21044a4a59138
1f97c4a1e81f37dff31489b1920a0517aa63fb260f5d1f6fc4353a84b45eb585
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22bc35c2f091d46e08582c443d350f2d3e23ab1e84a8d17bfcb151092a19a710
238fe5ec47aca620dbd6dda721a8c5c34243614bb7e7a638413ceca207f51e9d
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
278d81f885ab79e32863fac9141dc46f77a97166f1c5d2d275b654a18d7d2df7
279e9aed3ee45e5c46cd06e98a998e2157d46dc91621e9d786f85e1bc7779e2d
286664089c507d51df7b381998005bd2545122d1a782338a8fbc9f33767958c2
28a0c25b90c0da5df6383c38c3b614c9082f52da460f121a5638b8c1355de6d8
28e15367059c4eeff05a6e828e8e800db2c72ea4d42a79753030452447953b04
2a29b9c11264781fbfa468e9ed44d4100204b99ff74ff9a21ea385071c638380
2b83c2bd6fddd39afe7a082916b2c6a1b9e11cd18157192740d4140a68d23d3e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0
2d12ff1cea7ea6fd7aa549213933dd12e51012a938df670d1b3a20e2a74d085f
2d89e20ce224aa9a95129f0043edad569ccb8b8e24ae9667174ec39fc4009fbc
2ddef05ee7b0caa6fd9be281a5b4e53ada42bff7814578d748144f2f9181e476
2e75b04c6bdc12720ad8d15b410e0587d006c7a862f753bfa15923341f2db267
2f786e9379d7e8f9e59c1c85b8e238252d881a58c54142493f710f0aa0c85558
3310818ac4167d12fec4c2e2484897b04d87d3f9b2848b31a7b484bde8fa9247
3376b034e123cac4401ae336b8e1e0ec4e264ef65107cba78b9f7871413bf304
343adab432301509480822342c4aaa811dd91af22a280daee217b32e52491c75
37e372abe7ce36205ab812e9f243492543fccb119db1e8b5245b422e352a5200
382878e5bac754f996fc60aa8d95fcff5a9fe331ec5772c9278ae40bdf6b8fc2
38b12f1aa28e1ad8fb546894c0c412e2294d8e3ae7045c1af3c6b88de1665c5c
3a547934f2bbf06d860e17a6e71cb1181669caf01f26fd67c1e55d0102ef077a
3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de90a9266115ffeaea8148d0604ae89e3eeab3105a52bf9e3a90268319ec629
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44414085ed386f969ca7756aa87092dad7128dbd17df5b1de8af2b080d957875
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7
48b0ee0e27c6f0858a216f72019329ef84eaf6c16b5088187da73c0067b497e6
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4a239a8776572473dc20be8fd07cfd8efb32c88ea7dd988f16a5c2bbc271e0f3
4a50fbdd6f9e85373e2b7a39749dc8bd5a324608f1e74a4c203479d4f30e7db3
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
4c0f8cf23d4d87f037b07b227f64f35eefb1d51556c66250811ea732137bbb5c
50bbdd75feb39a907ce7350e24590604cb45b461c4eb9daa83b2d800c0601ef2
556789672b29b47ea4ae8c84596418d10c609ec479712c401de6f5ed5dcc4ec2
55afabf270d5f7a31977c503affd9e54b3985e388bb9ab0e78c5e2523c8ddb22
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566c00ed3593be3a951d5599a5f19e798678b33811b6b7de91ef2d44da15a248
568a48024cbc4afda49ccc9e218cf60b24ce257680841c0ee72fecaf851b86c7
57ba81b65998bca856d531df13c24697e3dfdb6c22dca26e0d278b7723dabacc
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5e27725e64d6d9f8b0ffbf3f35f8fd0c986304e2a2102f52e123097d03b4f565
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
607f2853fbe18fada45c2ce972c8f543b233cccbf6eee7e97d86d43438d59c8d
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61d3e0ca13057c9653da51f691e6c9bae0e4b0b78170812c9728d298cc22c4e4
633cc46cfa7ca1dc186a026c5de5a99b22d154bb3973e93f9830e5c536bcdbf3
638f713fbe796ffaa95ef7bafc2b90e1151088c138167316b93300566fd53565
6598e71167cec2f5afb33005aca2185944a3a9def8be956dac43bf65b56b40ef
6644f530646a94a44f175707fb76af875cdbdc199ed89565508f440427a943a9
66700ee0ff56e09fcf30d5327143852d8bc9225c9ab70514b0f0f2bb9df18a82
6691ce99ac86921c537c41121571eb4fb35180268c5cf8a68b5009a7edcb2773
6b364b13a2836307fc232240d8951a25e54e6e2b886d432f7cdc3ec0df1bdb0d
6bb33abf49e1fbff6ef77d7f7244884f00ac4c529ca084a099d01ed6c63f5531
6c1b12801dbd0748278dea3ccfe96bd07b77497076d49dffb9f18b2ef59521a5
6d14518724e7fc0ba99c1dc3d79d1e48dc8ca2ed08c83d967a17852bdbaf3703
6d464449930c5ed285ea1e04cc8ff8d57f56d7eafaf2f7f59c8dcd97c9e53763
6d592e98f964ab619fe5670fb32e07de0b2834242d9b1bf6abeaec56554fa43e
6e069a03fc94f1093687bd1dc24f5532070ca41b7c53ceb0137e1cfbcf9b4797
7202e78be9084b0edfced5e80a8ccf5e84d9745d4124d229e07e3ee7d532b5a0
7391ac265bb41d1e999ba454d7a3fb385bd47c37bf81ef451bf004a09e32a97a
762a3c72f55d39376f8db4b0caa50d8d1b0ac26758a326f4588e3fb66469f877
7ab33dbe73a851b4dbd05266132f975668589b51e7eb61547b3c52f74cbb97c8
7bff9fb711196829be806e4a3a6b3ee05f1fcfbf12c96ac73a544b9993f0f781
7c56cf8d1ba8c8e01c97814b519bf30a888e475ebc2b94fa75a446bbf8173e6a
7e2f1e7e082d75ba1a052dabfe84dc16b855c1a1afe0a67857b91261cbf4099f
7f6f6f6d18be8bf6359ce49cf949cd1f9e51d74f85550e5325e20517726a85d7
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8656a625a0d02ad7c895a5e8ceaeb3c0b6faf432f4ef2493a77854db114d7a0c
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8a36bd6ed9dcbb6fc741e7e5833901d1f5c39a4d4ee8a4c5886d0d925cd6e61e
8b73cf59c6bef434696cec05f55ac95e2f0e464d74ce0b2bd02e6f11f7558f97
8c0d81307b185313dd128991d64e74fd9708f4730e236c3545e2da332c3b127a
8c4343145dc98656a76ffdd570f8e2fc13009f3acf9fbb520d6d8c39ebc5eae0
8c9d82560616b575850e3565bd5891befb0f91af40e2c53bf8973361632aa080
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
90fb7f486363baac11225c229b7c82176fc1cb6549cae16dcb3e6e41a29857de
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
992851e6a109ef096e17ece547dd681abfb670a12691cd141b329d4fc54935f0
9a58bbe9a737679707bdcbf60ab3239d554f6e06bd9bf613b509d9badfd88ed6
9aa55e588451cd522a4ae7075965040394ca46dafd33bec8d0439b0cf9943e6c
9af6feac3aaa0ca34c60552ee8b52e2217a2ecd0dc111dce55ede0b64815f5e0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a3ec6fa8d464bc45244702f38266677747946527355e9c2a4d61ab6ef2438252
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e5713d7c16b8aeb4dcb33dff0c3f12c952a47d72bc6c7d495e8ebe77542603
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a55fb54fae46a2a5dd92fa074cdbffd49ddffb4f1e578f69c5be83442e8a0ee6
a5eadfdc128dc2142d3c042e1510fa82ef4c47624677a7ed165219345ca3c9d9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abf113495892c5e90e509edd9ae2711bec6fa2348772aa231e44f2c696d28148
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adadbc88bf4daaebd9858f8fd1626265948c1fd247397b2561df37d8db24619b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9
b20e39f373406f8ea0c460faf858320750891c38303ef2a5eeb79aa3dbf1360b
b40d864cf7bcc3d61fd6c019360541cff590f5d5be6643c53b5f5b8335c17dbc
b79fb13319fb5502eab537faedf4fcc9364c32be0d398b3bfb3c9feb0eb82660
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bfbf3d9abff305b811e7799fc9d088efc092005fbdfa746abbe2517ecd543e0d
c171a152377fd02bed4a0ce92ead78d9ea1f13d0413086dfa4e048352f1265ec
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9d123692086fc6d57acd0d0e07198ff9fa171ddd33f5da6871e6b4e098e1d2e
ca4feabc3a89294410dec165c69950610b2148dc2273dbeaf491f5d7bb259901
ca93fa43c9e5fd9ce2d17221dd6580679784879961e4ab6578d67bcf30434221
cad71d73849a4865163a40dad4461e741aaa49c1bfdc7dca24b82a1e9792d933
cc63200ad20acf855f0fd9b1db61beaca4d616b46e3e0cd7a0bb7daf19d52c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf57d7eef926d5c966829e1f95545683641cb862383eb629e3783f42648b3845
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1713285a99457e4cff3dbfe3d6e2e581155a2bd46261d121f6c55e42c4fec79
d53796fa295c1a584c75c03e30c1497fcaaeb3ab78244add2d8b6bd377e406d4
d61cb1ce074f05fe1c1cf6ca2e714625ebacf5f13868bdf2cb49ea7a85e9c837
d718dfc7056debc5338756abe31599d7ab9315e7b654f049c43f9774706d8e18
d9254c2714cf69f8a35f437848aa8060d1d81cc1345a2af47f96dab96e25b580
daf01eca5e7392e4b6438d6d55f859532d9466c70c22e6dbae67dec7cbd9e5a4
de6073fe3c3a236e0401bbabb02e2dcf6709612cee632c4797a7d62e5fe6dd54
de96630998b37fa93c8a03b6bd8449a1a75ce729ab4989ef6b848f8f7f3ffdae
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e0ee9666e7a26d0e0b170585ea46784a25a8c9f31ee99ba6f1c9b375a00ff396
e1939c9847d6c1dc6cb88ce61cbe9be273d982b40015824aeda5864c183ef723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40856d91053685f1a0064622843157bb5d0fe60f5dd8a59f1bb53d5d1678dae
e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a
e7b3927264e7dd1126ed4ef56227c1af419ad5d0557b3438a2fe3d8b032a8ad1
e92b2de70cc9b8a5613929428f90f57e24bc18364522b9b4c73ccdb91e516283
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eee26a79a3555d648250b1054d10cf6ff3ce0610b6b3e0f99f38ea08a1420d21
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04074f496778ce45a42859d0c8f07551697c32369e8ef73597ca8959fdaf464
f4290d1b95415c63c669966c50246854e7cbe8375cec496639bb0555bb6e4119
f6f450b51cc06a04cd5c8441e602247fa13137cff22d9f2941fc807c2ddc3758
f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8
f80fb33354da86dd7620554f30c087032a4914e2ea66a3d6bbec1c983ab13fba
fc1f188cc2029e3681b0fca2423b30cc81d88883200558e5024be6154a0c6329
ffabe386b82cc6fd612afb72104a4a52fb4953bd44d904da6dbd133279941ade

www.metrotimes.com Open in urlscan Pro 209.104.5.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

218 Requests

98 %HTTPS

61 %IPv6

33 Domains

63 Subdomains

55 IPs

7 Countries

8528 kBTransfer

29036 kBSize

0 Cookies

29 Outgoing links

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.metrotimes.com Open in urlscan Pro
209.104.5.202 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

98 %
HTTPS

61 %
IPv6

33
Domains

63
Subdomains

55
IPs

7
Countries

8528 kB
Transfer

29036 kB
Size

0
Cookies

218 HTTP transactions
4 data transactions