www.metrotimes.com Open in urlscan Pro
209.104.5.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Submission Tags: @phishunt_io
Submission: On April 11 via api (April 11th 2021, 4:05:37 am UTC) from ES

Summary HTTP 256 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 60 IPs in 6 countries across 37 domains to perform 256 HTTP transactions. The main IP is 209.104.5.202, located in Tucson, United States and belongs to LOGIN, US. The main domain is www.metrotimes.com.
TLS certificate: Issued by R3 on March 2nd 2021. Valid for: 3 months.

This is the only time www.metrotimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	209.104.5.202 209.104.5.202	22772 (LOGIN) (LOGIN)
6	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2182:9000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
11	2606:4700:20:... 2606:4700:20::ac43:4771	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	2606:4700:20:... 2606:4700:20::681a:3c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f05... 2a03:2880:f050:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f15... 2a03:2880:f150:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:201... 2600:9000:2016:de00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	209.104.5.203 209.104.5.203	22772 (LOGIN) (LOGIN)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.218.209.154 23.218.209.154	16625 (AKAMAI-AS) (AKAMAI-AS)
9	209.104.5.204 209.104.5.204	22772 (LOGIN) (LOGIN)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a04:4e42:1b:... 2a04:4e42:1b::622	54113 (FASTLY) (FASTLY)
2	34.193.232.123 34.193.232.123	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700:20:... 2606:4700:20::681a:78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.230.55.228 54.230.55.228	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
14	2600:9000:210... 2600:9000:2104:5c00:0:6fdd:6480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
8	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	52.219.116.35 52.219.116.35	16509 (AMAZON-02) (AMAZON-02)
1	184.73.71.44 184.73.71.44	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
9	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	34.208.10.33 34.208.10.33	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:a... 2600:1901:0:a175::	15169 (GOOGLE) (GOOGLE)
4	52.217.12.36 52.217.12.36	16509 (AMAZON-02) (AMAZON-02)
1	52.30.177.128 52.30.177.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2607:f8b0:400... 2607:f8b0:400e:c09::5e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2	37.252.167.197 37.252.167.197	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.29.183.32 52.29.183.32	16509 (AMAZON-02) (AMAZON-02)
1	54.195.94.143 54.195.94.143	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
4	35.156.201.148 35.156.201.148	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
256	60

27 209.104.5.202 (Tucson, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

www.metrotimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:9000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::ac43:4771 (United States)

ASN13335 (CLOUDFLARENET, US)

us.commitchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:20::681a:3c0 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gadget.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.pico.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f050:f:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f150:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2016:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 209.104.5.203 (Tucson, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media1.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.248.44 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 209.104.5.204 (Tucson, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media2.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::622 (United States)

ASN54113 (FASTLY, US)

e.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:1b::622 (United States)

ASN54113 (FASTLY, US)

reader3.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
layers.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.232.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-232-123.compute-1.amazonaws.com

issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:78 (United States)

ASN13335 (CLOUDFLARENET, US)

photos.metrotimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.55.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-55-228.ham50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2104:5c00:0:6fdd:6480:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2e5we1j08b82a.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:3::621 (United States) 2 redirects

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.116.35 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-w.amazonaws.com

commitchange.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.71.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-71-44.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.10.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-10-33.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:a175:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

pingback.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.12.36 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

development-cms-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.177.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400e:c09::5e (The Dalles, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.167.197 (Shepherds Bush, United Kingdom)

ASN29990 (ASN-APPNEX, US)

rb.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.183.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.201.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	pico.tools widget.pico.tools gadget.pico.tools api.pico.tools	3 MB
35	metrotimes.com www.metrotimes.com photos.metrotimes.com	667 KB
20	fdncms.com media1.fdncms.com media2.fdncms.com	1 MB
17	stripe.com js.stripe.com q.stripe.com m.stripe.com	112 KB
14	cloudfront.net d2e5we1j08b82a.cloudfront.net	410 KB
11	gstatic.com fonts.gstatic.com ssl.gstatic.com www.gstatic.com csi.gstatic.com	418 KB
11	commitchange.com us.commitchange.com	512 KB
10	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	401 KB
9	google.com apis.google.com www.google.com accounts.google.com adservice.google.com	73 KB
8	issuu.com e.issuu.com issuu.com pingback.issuu.com	423 KB
7	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	111 KB
7	facebook.com www.facebook.com	141 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com rb.adnxs.com ams1-ib.adnxs.com	70 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
5	amazonaws.com commitchange.s3.amazonaws.com development-cms-assets.s3.amazonaws.com	113 KB
5	isu.pub reader3.isu.pub assets.isu.pub layers.isu.pub	488 KB
5	quantserve.com secure.quantserve.com pixel.quantserve.com	35 KB
4	polyfill.io 2 redirects cdn.polyfill.io	991 B
4	facebook.net connect.facebook.net	159 KB
3	moatads.com z.moatads.com px.moatads.com	45 KB
3	quantcount.com rules.quantcount.com	3 KB
3	google-analytics.com www.google-analytics.com	38 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	121 KB
2	advertising.com ads.adaptv.advertising.com	1 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	6 KB
2	unpkg.com unpkg.com	41 KB
2	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	31 KB
2	addthis.com s7.addthis.com	190 KB
2	consensu.org quantcast.mgr.consensu.org	79 KB
1	stripe.network m.stripe.network	12 KB
1	trackcmp.net trackcmp.net	271 B
1	recaptcha.net www.recaptcha.net	1003 B
1	addthisedge.com v1.addthisedge.com	609 B
1	2mdn.net s0.2mdn.net	17 KB
1	google.de www.google.de	107 B
1	googletagmanager.com www.googletagmanager.com	34 KB
256	37

	Domain	Requested by
29	gadget.pico.tools	widget.pico.tools gadget.pico.tools
27	www.metrotimes.com	www.metrotimes.com
14	d2e5we1j08b82a.cloudfront.net	us.commitchange.com d2e5we1j08b82a.cloudfront.net
11	media1.fdncms.com	www.metrotimes.com
11	us.commitchange.com	www.metrotimes.com us.commitchange.com
9	q.stripe.com	js.stripe.com us.commitchange.com www.metrotimes.com
9	media2.fdncms.com	www.metrotimes.com
8	api.pico.tools	gadget.pico.tools
8	photos.metrotimes.com	www.metrotimes.com photos.metrotimes.com
7	js.stripe.com	us.commitchange.com js.stripe.com
7	www.facebook.com	connect.facebook.net www.metrotimes.com www.facebook.com
6	fonts.googleapis.com	www.metrotimes.com js.stripe.com gadget.pico.tools
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	trk.vidible.tv
4	development-cms-assets.s3.amazonaws.com	gadget.pico.tools
4	www.gstatic.com	www.recaptcha.net www.google.com www.gstatic.com
4	cdn.polyfill.io	2 redirects us.commitchange.com
4	platform.twitter.com	www.metrotimes.com platform.twitter.com
4	secure.quantserve.com	quantcast.mgr.consensu.org e.issuu.com www.metrotimes.com
4	www.google.com	www.metrotimes.com www.gstatic.com www.google.com
4	connect.facebook.net	www.metrotimes.com connect.facebook.net
3	pingback.issuu.com	e.issuu.com
3	layers.isu.pub	e.issuu.com
3	e.issuu.com	www.metrotimes.com e.issuu.com
3	rules.quantcount.com	secure.quantserve.com
3	www.google-analytics.com	www.metrotimes.com www.google-analytics.com e.issuu.com
2	cdn-ssl.vidible.tv	acds.prod.vidible.tv cdn-ssl.vidible.tv
2	ads.adaptv.advertising.com	acdn.adnxs.com cdn-ssl.vidible.tv
2	rb.adnxs.com	acdn.adnxs.com
2	acdn.adnxs.com	tpc.googlesyndication.com acdn.adnxs.com
2	ajax.googleapis.com	photos.metrotimes.com
2	syndication.twitter.com	platform.twitter.com www.metrotimes.com
2	issuu.com	e.issuu.com
2	unpkg.com	e.issuu.com
2	imasdk.googleapis.com	www.metrotimes.com imasdk.googleapis.com
2	z.moatads.com	s7.addthis.com cdn-ssl.vidible.tv
2	s7.addthis.com	www.metrotimes.com s7.addthis.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	apis.google.com	www.metrotimes.com apis.google.com
2	securepubads.g.doubleclick.net	www.metrotimes.com securepubads.g.doubleclick.net
2	quantcast.mgr.consensu.org	www.metrotimes.com quantcast.mgr.consensu.org
1	ams1-ib.adnxs.com
1	px.moatads.com
1	acds.prod.vidible.tv	acdn.adnxs.com
1	tpc.googlesyndication.com	imasdk.googleapis.com
1	csi.gstatic.com	imasdk.googleapis.com
1	ib.adnxs.com	imasdk.googleapis.com
1	adservice.google.com	imasdk.googleapis.com
1	insight.adsrvr.org	js.adsrvr.org
1	m.stripe.com	m.stripe.network
1	m.stripe.network	js.stripe.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	commitchange.s3.amazonaws.com	us.commitchange.com
1	www.recaptcha.net	us.commitchange.com
1	pixel.quantserve.com	www.metrotimes.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	js.adsrvr.org	www.googletagmanager.com
1	v1.addthisedge.com	s7.addthis.com
1	diffuser-cdn.app-us1.com	www.metrotimes.com
1	assets.isu.pub	e.issuu.com
1	reader3.isu.pub	e.issuu.com
1	pagead2.googlesyndication.com	srcdoc
1	s0.2mdn.net	imasdk.googleapis.com
1	ssl.gstatic.com	accounts.google.com
1	www.google.de	www.metrotimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.metrotimes.com
1	widget.pico.tools	www.metrotimes.com
256	68

This site contains links to these domains. Also see Links.

Domain
m.metrotimes.com
photos.metrotimes.com
www.facebook.com
www.twitter.com
instagram.com
posting.metrotimes.com
www.addthis.com
media1.fdncms.com
bogartzdetroit.com
briggsdetroit.com
buffalowildwings.com
cantinadiablo.com
chelischilibar.com
ckdiggs.com
cuttersdetroit.com
dinedrinkdetroit.com
greatbaraboo.com
hayloftdetroit.com
hopcat.com
nancywhiskeydetroit.com
nickydsbar.com
mgmgranddetroit.com
issuu.com
www.ruxton.com
metrotimes.com
www.clevescene.com
www.citybeat.com
www.cltampa.com
www.orlandoweekly.com
www.riverfronttimes.com
www.sacurrent.com
outinsa.com
outinstl.com
www.publishwithfoundation.com

Subject Issuer	Validity	Valid
metrotimes.com R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
commitchange.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
pico.tools Cloudflare Inc ECC CA-3	`2021-03-27` - `2022-03-26`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
media.fdncms.com R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-06` - `2022-04-11`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.issuu.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.isu.pub GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
issuu.com Amazon	`2020-09-16` - `2021-10-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
misc.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-01-19` - `2021-05-04`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-01-12` - `2021-09-29`	9 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-20` - `2021-05-04`	3 months	crt.sh
pingback.issuu.com R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-12-19` - `2021-06-15`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh

This page contains 27 frames:

Primary Page: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Frame ID: 732E197AA6A7B07C5E290FCADF55B0CF
Requests: 96 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: FF4C462F4FBCC94B7127B5EF01C1F500
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: BEB2905285932B9F6C579CA94571C688
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8FFBCB7C40428759F74579B7917B0663
Requests: 1 HTTP requests in this frame

Frame: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
Frame ID: ABBC57A6CB88A6423950952AC5B9C235
Requests: 25 HTTP requests in this frame

Frame: https://photos.metrotimes.com/thumbnail-scroller-square/
Frame ID: 94F30F01A45DA3623EDAFBF4897EA4A6
Requests: 10 HTTP requests in this frame

Frame: https://us.commitchange.com/nonprofits/5487/btn
Frame ID: 7B6CD57EC88A70E037DD1222AED1D497
Requests: 6 HTTP requests in this frame

Frame: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Frame ID: EB1B9872642D4D2B076788875F391BB7
Requests: 1 HTTP requests in this frame

Frame: https://us.commitchange.com/nonprofits/5487/btn?fixed=t
Frame ID: 980C79ABA366CECF0454D5A099E8C762
Requests: 6 HTTP requests in this frame

Frame: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Frame ID: 741524E44B99D194E5F272588CC3F2D7
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df209ba6e9655f24%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff9963ec32caa88%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: DBFDFF9EFE93FA2D12039F7F0475D6DA
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fwww.metrotimes.com
Frame ID: 4AA10C3A7156059F099E64012EF25318
Requests: 2 HTTP requests in this frame

Frame: https://gadget.pico.tools/arbiter/index.1616775193557.html
Frame ID: A6473C7545A5C212DD69D88CFF59357F
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.e16c6ecf9d86005b77fc7c17beced5d8.en.html
Frame ID: 093E7FE306C21BB03AF736FBFAD6E4DD
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html
Frame ID: F3C8FA35C9ED758932874CF7E70758C5
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Frame ID: EF853D2D4F66AF0DD16A9C4B79E5056B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r&co=aHR0cHM6Ly91cy5jb21taXRjaGFuZ2UuY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=invisible&cb=42i7uxvjmp1p
Frame ID: 69AD130E99BDDBF9972277F7E6F0D7BE
Requests: 8 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 518B664A6F7F7F431DBDEEA3DEE90D4D
Requests: 2 HTTP requests in this frame

Frame: https://gadget.pico.tools/launcher/index.1616775193557.html
Frame ID: DEDA3403A12A8000B9C54D8BDF204E85
Requests: 7 HTTP requests in this frame

Frame: https://gadget.pico.tools/menu/index.1616775193557.html
Frame ID: 6A0873A3D33466B4C7667C2932544C06
Requests: 7 HTTP requests in this frame

Frame: https://gadget.pico.tools/prompt/index.1616775193557.html
Frame ID: B445106F4F67274B1AC5C76E3766B0E0
Requests: 8 HTTP requests in this frame

Frame: https://gadget.pico.tools/header/index.1616775193557.html
Frame ID: 340E0F968395FD457DA4B218C6E82BA5
Requests: 7 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&upid=6zt9zkh&upv=1.1.0
Frame ID: 685615DDD11053D85289FBD91605BD76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
Frame ID: 1B551095D91CE475F23858CD6095BA9B
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B1541B578E710A670A76CFBBD5C270ED
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=65dbf3b8-caf6-46e2-a326-e6425e22d447&pblob=
Frame ID: CC688AB0301E8DFD695DD9D2182D7777
Requests: 8 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 15410FD87CD89E4D92AC351EC4FCAB99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

256
Requests

99 %
HTTPS

61 %
IPv6

37
Domains

68
Subdomains

60
IPs

6
Countries

9897 kB
Transfer

35000 kB
Size

6
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://m.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Title: mobile version

Search URL Search Domain Scan URL

URL: http://photos.metrotimes.com/
Title: Slideshows

Search URL Search Domain Scan URL

URL: https://www.facebook.com/metrotimes
Title: Metro Times Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/metrotimes
Title: Metro Times Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/metrotimes
Title: Metro Times Instagram

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/Tools/EmailFriend?oid=2483284
Title: Email

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?v=300&pubid=ra-51f9437a2abb7e86
Title: AddThisShare

Search URL Search Domain Scan URL

URL: https://media1.fdncms.com/metrotimes/imager/u/zoom/2483283/tap3.jpg

Search URL Search Domain Scan URL

URL: http://bogartzdetroit.com/
Title: bogartzdetroit.com

Search URL Search Domain Scan URL

URL: http://briggsdetroit.com/
Title: briggsdetroit.com

Search URL Search Domain Scan URL

URL: http://buffalowildwings.com/
Title: buffalowildwings.com

Search URL Search Domain Scan URL

URL: http://cantinadiablo.com/
Title: cantinadiablo.com

Search URL Search Domain Scan URL

URL: http://chelischilibar.com/
Title: chelischilibar.com

Search URL Search Domain Scan URL

URL: http://ckdiggs.com/
Title: ckdiggs.com

Search URL Search Domain Scan URL

URL: http://cuttersdetroit.com/
Title: cuttersdetroit.com

Search URL Search Domain Scan URL

URL: http://dinedrinkdetroit.com/
Title: dinedrinkdetroit.com

Search URL Search Domain Scan URL

URL: http://greatbaraboo.com/
Title: greatbaraboo.com

Search URL Search Domain Scan URL

URL: http://hayloftdetroit.com/
Title: hayloftdetroit.com

Search URL Search Domain Scan URL

URL: http://hopcat.com/
Title: hopcat.com

Search URL Search Domain Scan URL

URL: http://nancywhiskeydetroit.com/
Title: nancywhiskeydetroit.com

Search URL Search Domain Scan URL

URL: http://nickydsbar.com/
Title: nickydsbar.com

Search URL Search Domain Scan URL

URL: http://mgmgranddetroit.com/
Title: mgmgranddetroit.com

Search URL Search Domain Scan URL

URL: https://photos.metrotimes.com/25-essential-detroit-area-brunches-you-should-have-tried-by-now/?utm_source=widget&utm_medium=articleblog&utm_campaign=rightrail&utm_content=MorebyThisAuthor
Title:

Search URL Search Domain Scan URL

URL: https://photos.metrotimes.com/21-socially-distant-things-to-do-outdoors-in-metro-detroit-this-spring/?utm_source=widget&utm_medium=articleblog&utm_campaign=rightrail&utm_content=MorebyThisAuthor
Title:

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/Search
Title: All

Search URL Search Domain Scan URL

URL: https://issuu.com/euclidmediagroup/docs/mt_usersguide2021

Search URL Search Domain Scan URL

URL: https://photos.metrotimes.com/25-detroit-area-restaurants-with-igloos-tents-and-heated-outdoor-seating/?utm_source=widget&utm_medium=articleblog&utm_campaign=rightrail&utm_content=SpecialIssues
Title: Outdoor dining

Search URL Search Domain Scan URL

URL: http://www.ruxton.com/
Title: National Advertising

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/MyProfile
Title: View Profile

Search URL Search Domain Scan URL

URL: https://posting.metrotimes.com/detroit/Profile/MySettings
Title: Edit Profile

Search URL Search Domain Scan URL

URL: http://metrotimes.com/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/metrotimes
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/metrotimes
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.clevescene.com/
Title: Cleveland Scene

Search URL Search Domain Scan URL

URL: https://www.citybeat.com/
Title: Cincinnati CityBeat

Search URL Search Domain Scan URL

URL: https://www.cltampa.com/
Title: Creative Loafing Tampa

Search URL Search Domain Scan URL

URL: https://www.orlandoweekly.com/
Title: Orlando Weekly

Search URL Search Domain Scan URL

URL: https://www.riverfronttimes.com/
Title: St. Louis Riverfront Times

Search URL Search Domain Scan URL

URL: https://www.sacurrent.com/
Title: San Antonio Current

Search URL Search Domain Scan URL

URL: https://outinsa.com/
Title: Out in SA

Search URL Search Domain Scan URL

URL: https://outinstl.com/
Title: Out in STL

Search URL Search Domain Scan URL

URL: https://www.publishwithfoundation.com/
Title: Foundation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138

https://cdn.polyfill.io/v1/polyfill.min.js HTTP 301
https://cdn.polyfill.io/v2/polyfill.min.js

Request Chain 162

https://cdn.polyfill.io/v1/polyfill.min.js HTTP 301
https://cdn.polyfill.io/v2/polyfill.min.js

256 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Content Show response
www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/ 171 KB
36 KB 1025ms
724ms Document
text/html 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 3cce1287e6ab9f29e1a8404a6ec0dedd41c0f0e9d9abadabf45b91e3923d1400

Request headers

Host: www.metrotimes.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:12 GMT
Server: Apache
X-DN-Cache-Control: max-age=93600
Cache-Control: max-age=600, s-maxage=1800
X-DN-GyrobaseID: metrotimes-Content-2483284-fooddrink
X-Gyrobase-Publication: metrotimes
Vary: Host,Accept-Encoding
Last-Modified: Sun, 11 Apr 2021 02:05:12 GMT
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK reset.css
www.metrotimes.com/foundation/styles/ 1015 B
916 B 447ms
149ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/styles/reset.css?cb=19e7636692ab9da1915df37aa08e9653
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: d53796fa295c1a584c75c03e30c1497fcaaeb3ab78244add2d8b6bd377e406d4

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Aug 2014 23:09:22 GMT
Server: Apache
Age: 310
ETag: "3f7-4ff997aca4c80"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 571
Expires: Wed, 14 Apr 2021 04:00:03 GMT

GET
H/1.1 200
OK defaults.css
www.metrotimes.com/styles/ 124 KB
24 KB 461ms
158ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/defaults.css?cb=19e7636692ab9da1915df37aa08e9653
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 2f786e9379d7e8f9e59c1c85b8e238252d881a58c54142493f710f0aa0c85558

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jan 2021 20:10:12 GMT
Server: Apache
Age: 309
ETag: "1efad-5b9324f361100"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 24691
Expires: Wed, 14 Apr 2021 04:00:03 GMT

GET
H/1.1 200
OK components.css
www.metrotimes.com/styles/ 107 KB
37 KB 458ms
153ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/components.css?cb=19e7636692ab9da1915df37aa08e9653
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 44414085ed386f969ca7756aa87092dad7128dbd17df5b1de8af2b080d957875

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Nov 2020 15:23:14 GMT
Server: Apache
Age: 309
ETag: "1ac19-5b3ae240bfc80"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 37475
Expires: Wed, 14 Apr 2021 04:00:03 GMT

GET
H/1.1 200
OK publication.css
www.metrotimes.com/styles/ 53 KB
16 KB 459ms
154ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/publication.css?cb=19e7636692ab9da1915df37aa08e9653
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 6644f530646a94a44f175707fb76af875cdbdc199ed89565508f440427a943a9

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 00:34:23 GMT
Server: Apache
Age: 309
ETag: "d2c7-5a5689ffea1c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 16196
Expires: Wed, 14 Apr 2021 04:00:03 GMT

GET
H/1.1 200
OK iapetus-10-zone.css
www.metrotimes.com/foundation/grids/ 2 KB
967 B 463ms
154ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/grids/iapetus-10-zone.css
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8a36bd6ed9dcbb6fc741e7e5833901d1f5c39a4d4ee8a4c5886d0d925cd6e61e

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Aug 2014 23:09:25 GMT
Server: Apache
Age: 23400
ETag: "6e0-4ff997af81340"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 620
Expires: Tue, 13 Apr 2021 21:35:12 GMT

GET
H/1.1 200
OK common.js Show response
www.metrotimes.com/foundation/scripts/ 215 KB
71 KB 629ms
160ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/scripts/common.js?cb=66c6c9f96f1a0f5b45a809aff8b4d333
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 23:26:43 GMT
Server: Apache
Age: 309
ETag: "35a67-5b971678892c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 72297
Expires: Wed, 14 Apr 2021 04:00:03 GMT

GET
H/1.1 200
OK desktop-bundle.js Show response
www.metrotimes.com/foundation/scripts/ 268 KB
66 KB 756ms
154ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=66c6c9f96f1a0f5b45a809aff8b4d333
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: e92b2de70cc9b8a5613929428f90f57e24bc18364522b9b4c73ccdb91e516283

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 23:26:43 GMT
Server: Apache
Age: 310
ETag: "42fca-5b971678892c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 66920
Expires: Wed, 14 Apr 2021 04:00:03 GMT

GET
H/1.1 200
OK jquery.fancybox-1.3.4.css
www.metrotimes.com/foundation/styles/fancybox/ 9 KB
2 KB 597ms
149ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/styles/fancybox/jquery.fancybox-1.3.4.css
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Aug 2014 23:09:22 GMT
Server: Apache
Age: 1782
ETag: "2294-4ff997aca4c80"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1814
Expires: Wed, 14 Apr 2021 03:35:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
847 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4e5713d7c16b8aeb4dcb33dff0c3f12c952a47d72bc6c7d495e8ebe77542603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 04:05:12 GMT
server: ESF
date: Sun, 11 Apr 2021 04:05:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Apr 2021 04:05:12 GMT

GET
H/1.1 200
OK print.css
www.metrotimes.com/styles/ 2 KB
1 KB 154ms
154ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/styles/print.css
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 57ba81b65998bca856d531df13c24697e3dfdb6c22dca26e0d278b7723dabacc

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 1710
ETag: "8f7-50f643e4e0500"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 983
Expires: Wed, 14 Apr 2021 03:36:43 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/ 5 KB
2 KB 422ms
401ms Script
application/javascript 2600:9000:2182:9000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/choice.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e40856d91053685f1a0064622843157bb5d0fe60f5dd8a59f1bb53d5d1678dae

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:15 GMT
content-encoding: br
etag: W/"2cdc40037aa077b7afb723f91a80b50b"
last-modified: Wed, 10 Feb 2021 18:02:23 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: GEbD-kq1kaZK63QymX-5hH8j4yKWltR3HGyH9KNOQgdPWmzkxc-NoA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 59 KB
20 KB 60ms
23ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

9fb16385a3573013d1274831f25277f2f657c0732f61c79ef9923d2d5042176a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "839 / 73 of 1000 / last-modified: 1618006109"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20315
x-xss-protection: 0
expires: Sun, 11 Apr 2021 04:05:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 974
date: Sun, 11 Apr 2021 03:48:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sun, 11 Apr 2021 05:48:59 GMT

GET
H2 200 donate-button.v2.js Show response
us.commitchange.com/js/ 6 KB
3 KB 50ms
20ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/js/donate-button.v2.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf113495892c5e90e509edd9ae2711bec6fa2348772aa231e44f2c696d28148

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:13 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 41050
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b3fc6f00002bf264100000000001
x-content-digest: ba81709405364f6e84ec29aedd9d059bbaa3c1b9
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gl4gDqRv%2BN6rXTf6YNLl4gwCflV5Qri7Zuf%2BujQzstH9Q1HoH4fC6kZeXL8Y5MbO0hBXkKICF7QDrrA6U6CHzkaLyw83lmEEb7y56b42b9grtH8bJld7GswGV1zqj%2Fxz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155da48502bf2-FRA
x-rack-cache: fresh

GET
H2 200 wrapper.min.js Show response
widget.pico.tools/ 4 KB
2 KB 285ms
260ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.pico.tools/wrapper.min.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 278d81f885ab79e32863fac9141dc46f77a97166f1c5d2d275b654a18d7d2df7

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: E0CGB66DDXEPXSVR
cf-ray: 63e155da4e4e4ab6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jtG/VW5D2G9qof5ZhPb/BcnY8uISTi/Kpsu3SOHBhgmfQBSNJHR7y2JBIbEXp4FEqiNjmMYar4g=
last-modified: Fri, 26 Mar 2021 16:14:59 GMT
server: cloudflare
etag: W/"f1813c22132c459382a1ef2d8410f1fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HQtK40rwmWlh9kfOHgdqztJt%2BhR3YWkI9H825pVWk5xIwaVPcJ0CMQVfkya7U3vbVGoeYQ05tg2raGBWUXfmTC%2FmMZ5h4Cuj4z6m2Wy7uyYp51S2WKmgC0qVcTIzMg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: lkUL60KLDO6Zpt_0bZlS5vPU59yXNTIV
cache-control: no-cache
cf-request-id: 0960b3fc6a00004ab6c10ee000000001
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
34 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHZV5V

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2e6aa1b0b6927af38461acbc15575103d3f1f0f15b8af6f2c31e16a73cd2466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34387
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Apr 2021 04:05:13 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=66c6c9f96f1a0f5b45a809aff8b4d333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ef936f2adb36ad65a54af6f588cb755c8e7eaa81cbeda60b8922e1ec635f705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: D+AQvJn1VCc9txXCgf14bQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 11 Apr 2021 04:21:00 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: KHno3XToqz7Pd+L0Rq099jJPmXmJ/eyW39KXhdsksU+ZDzNuy6GAqOCn/F0+HeN1bvR5qX4JaARzM4KwJbdUjw==
x-fb-trip-id: 1679558926
x-fb-content-md5: eff3e457f3ee8289ca0e8034f0e86ae4
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 11 Apr 2021 04:05:13 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8af2863a442acec94201dd0253f11b05"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=66c6c9f96f1a0f5b45a809aff8b4d333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f427108a3bb3749fe663df4b7ae84de3a12794354a6c3398a26d6d32f652a8db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aijgI7V2isJ9VUrqBNC82A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "a0e179a80c4f41212101b070b49b61ba"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-aijgI7V2isJ9VUrqBNC82A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 11 Apr 2021 04:05:13 GMT

GET
H/1.1 200
OK mt_logo_2019.jpg
www.metrotimes.com/images/logos/ 49 KB
50 KB 150ms
149ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/logos/mt_logo_2019.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/publication.css?cb=19e7636692ab9da1915df37aa08e9653
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 2b83c2bd6fddd39afe7a082916b2c6a1b9e11cd18157192740d4140a68d23d3e

Request headers

Referer: https://www.metrotimes.com/styles/publication.css?cb=19e7636692ab9da1915df37aa08e9653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:14 GMT
Last-Modified: Wed, 23 Jan 2019 18:02:49 GMT
Server: Apache
Age: 1733
ETag: "c59b-58023e6dce440"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 50587
Expires: Sun, 09 May 2021 03:36:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.metrotimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 151296
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.metrotimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 266531
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=641036495&t=pageview&_s=1&dl=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&ul=en-us&de=UTF-8&dt=18%20bars%20where%20you%20can%20watch%20the%20big%20game%20in%20metro%20Detroit%20%7C%20Food%20%26%20Drink%20%7C%20Detroit%20%7C%20Detroit%20Metro%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1817786512&gjid=208227468&cid=1341852839.1618113914&tid=UA-643668-1&_gid=236374288.1618113914&_r=1&_slc=1&cd1=fooddrink&cd2=food&z=18016398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metrotimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 216 KB
65 KB 44ms
15ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1f1f00b42121402e607e95647655ef27&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

795b08ccf6fd23c27eb3eb01f10bfed422c2af7c25be6475c4cb7866f2263f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eBQvwQFXX2FnG4KuDzfvVw==
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Apr 2022 02:47:41 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65400
x-fb-rlafr: 0
x-fb-debug: rCzJ/d0W0luAjugcnTFrIHS2BRlRwT+L5HLQjtUD1gvSKMAGx9gZ8tFVyZsF3sQOOYcdfa3iN4rluzAMp3CMbw==
x-fb-trip-id: 1679558926
x-fb-content-md5: bb5970644a78a88e5567526ffdc95f7b
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 11 Apr 2021 04:05:14 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "76c86a27d25f5654ad6e5bb33173b60d"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 102 KB
34 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6289a67bc4acdbdafbc49c8db8bee69deaca8a0a5a9321011b96e2cc9c242eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 06:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 15:29:21 GMT
server: sffe
age: 251149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34454
x-xss-protection: 0
expires: Fri, 08 Apr 2022 06:19:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-643668-1&cid=1341852839.1618113914&jid=1817786512&gjid=208227468&_gid=236374288.1618113914&_u=YEBAAAAAAAAAAC~&z=1367261794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Apr 2021 04:05:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.metrotimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23784
x-fb-rlafr: 0
pragma: public
x-fb-debug: E7IQFVFX1Cr3mu34c4IPa14HtRDlNBmSO5KrkA94qPneAEp9JB3BRE753AYJrHAEkKqbfdMs0GUq57rm3feZXg==
x-fb-trip-id: 1679558926
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 11 Apr 2021 04:05:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021040101.js Show response
securepubads.g.doubleclick.net/gpt/ 286 KB
101 KB 52ms
29ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103004
x-xss-protection: 0
expires: Sun, 11 Apr 2021 04:05:14 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-643668-1&cid=1341852839.1618113914&jid=1817786512&_u=YEBAAAAAAAAAAC~&z=758162400

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-643668-1&cid=1341852839.1618113914&jid=1817786512&_u=YEBAAAAAAAAAAC~&z=758162400

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame FF4C 513 B
843 B 35ms
15ms Document
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0415e74653c5d504014b3ebdca883f24e8ea39dde95644da11981adcbe2492db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iTLwwSZZ1hsye0w4Ux+K/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=213=LlzS5f1VgqG097DdliS6lGczjSIOJWoM3mYTRvWeKq_9vWLoPUOtCmnjMkmWc9Dn5CeQQDJ-IOh0E6edfwONibqC3CCSOdCkhzkkT6JUMZRc5T6seoKLbWkRXcAP80f-ZdqMwKaLfhJMPucYYzgmzy6_AeW6SF0EWkRokONtmds
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Apr 2021 04:05:14 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-iTLwwSZZ1hsye0w4Ux+K/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 41ms
41ms Fetch
text/plain 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=310950202407744&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1f1f00b42121402e607e95647655ef27&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: juNyJGE0P/KyR4Gq4ta8yGTIWnUI2JaT3UbasUAzZM9Mkp3UOdCxwVAD98QEO1VpY4XqY/E6/VQTkhd70h/Mxw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 11 Apr 2021 04:05:14 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotimes.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 212979636044164 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 15ms
15ms Script
application/x-javascript 2a03:2880:f050:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212979636044164?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f050:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d15ce93f61019de3595baca581f971fcc4089ce23ca6eac9e62ab215daf72f4e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70606
x-fb-rlafr: 0
pragma: public
x-fb-debug: 7KbfnvMetMqvFzj4whffarhknUS3h0VFoY5vJFbCFOVTt5FS/bNUmTqSA+7MOaRPa8U4VAYC9+1Y9V0Ci/Xl2g==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Sun, 11 Apr 2021 04:05:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4071097310-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame FF4C 112 KB
39 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 20:31:08 GMT
server: sffe
age: 52378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39191
x-xss-protection: 0
expires: Sun, 10 Apr 2022 13:32:16 GMT

GET
H3-Q050 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame FF4C 14 B
330 B 47ms
32ms XHR
application/json 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.metrotimes.com&client_id=368071155345-fr5a01rd2lpbd03le6ivqgfnbb1jmfak.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Sun, 11 Apr 2021 04:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 11 Apr 2021 05:05:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
237 B 15ms
14ms Image
image/gif 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212979636044164&ev=PageView&dl=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&rl=&if=false&ts=1618113914209&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1618113914206.1553834081&it=1618113914109&coo=false&rqm=GET

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 11 Apr 2021 04:05:14 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:14 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 18 Apr 2021 04:05:14 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 278 KB
77 KB 11ms
11ms Script
text/javascript 2600:9000:2182:9000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.metrotimes.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/ECpz7gxYXdCG2/www.metrotimes.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:9000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Apr 2021 04:05:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 17:11:22 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"814cf3c7bdd5dafb6ad642c1b52006c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-id: qhhQMaDnlI4jWC7EMi8HKQ7KUm3WiCyaKw_idEOGD6zB_rG7TsXiWQ==

GET
H2 200 rules-p-ECpz7gxYXdCG2.js Show response
rules.quantcount.com/ 2 KB
1 KB 48ms
15ms Script
application/x-javascript 2600:9000:2016:de00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ECpz7gxYXdCG2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38b12f1aa28e1ad8fb546894c0c412e2294d8e3ae7045c1af3c6b88de1665c5c

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 03:42:22 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2017 21:42:07 GMT
server: AmazonS3
age: 2011
etag: W/"28dcc805b9f121ac8bbd8c592e5fd8cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: oUDkdJp_L5pKh4kXRSoRWCqpFAUZU9p2olvEiHELdbrDMK-NwetasQ==

POST
H2 200 /
www.facebook.com/tr/ 0
39 B 15ms
14ms Other
text/plain 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypRWYBUfV87726a1z

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 11 Apr 2021 04:05:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.metrotimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK tap3.jpg
media1.fdncms.com/metrotimes/imager/u/story/2483283/ 19 KB
19 KB 586ms
154ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/story/2483283/tap3.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

52dfe1f368cd8f19e7c6ccf93c9f43fd5a5b7f999232ea83fd555afdbb8b1fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Tue, 31 Jan 2017 22:26:47 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 162098
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 19219
Expires: Fri, 07 May 2021 07:03:39 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 437ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=66c6c9f96f1a0f5b45a809aff8b4d333
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 23:24:36 GMT
Server: ECS (frb/67F2)
Age: 224
Etag: "c6906b2e1894558795b131fc4eee41cf+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28673

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 438ms
10ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/foundation/scripts/desktop-bundle.js?cb=66c6c9f96f1a0f5b45a809aff8b4d333

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 11 Apr 2021 04:05:15 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK email.gif
www.metrotimes.com/images/icons/article_tools/ 377 B
679 B 149ms
149ms Image
image/gif 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/icons/article_tools/email.gif
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/defaults.css?cb=19e7636692ab9da1915df37aa08e9653
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 48b0ee0e27c6f0858a216f72019329ef84eaf6c16b5088187da73c0067b497e6

Request headers

Referer: https://www.metrotimes.com/styles/defaults.css?cb=19e7636692ab9da1915df37aa08e9653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 23339
ETag: "179-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 377
Expires: Sat, 08 May 2021 21:36:18 GMT

GET
H/1.1 200
OK print.gif
www.metrotimes.com/images/icons/article_tools/ 256 B
558 B 155ms
154ms Image
image/gif 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/icons/article_tools/print.gif
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/defaults.css?cb=19e7636692ab9da1915df37aa08e9653
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 15bd44ded791bf9220dcd55602b962123be80784c7d3f7e40bdcaad56bbd4188

Request headers

Referer: https://www.metrotimes.com/styles/defaults.css?cb=19e7636692ab9da1915df37aa08e9653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 23398
ETag: "100-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 256
Expires: Sat, 08 May 2021 21:35:19 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Titillium+Web:400,700|Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.metrotimes.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 151297
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H/1.1 200
OK desktop.css
www.metrotimes.com/fdn-system/assets/pub/styles/ 511 KB
69 KB 155ms
154ms Stylesheet
text/css 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=e0d97b2159f0d5c00b052211cdf3d272
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 43c76003151abe11367e89fc9f00b30b1af86b5b2c9d20b75412db2c3425efcc

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Apr 2021 22:57:47 GMT
Server: Apache
Age: 298
ETag: "7fcee-5bf9217ae90c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 70522
Expires: Wed, 14 Apr 2021 04:00:16 GMT

GET
H/1.1 200
OK uikit.min.js Show response
www.metrotimes.com/fdn-system/assets/pub/scripts/ 131 KB
41 KB 154ms
153ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/fdn-system/assets/pub/scripts/uikit.min.js?cb=e0d97b2159f0d5c00b052211cdf3d272
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: bfbf3d9abff305b811e7799fc9d088efc092005fbdfa746abbe2517ecd543e0d

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Apr 2021 22:57:47 GMT
Server: Apache
Age: 298
ETag: "20c6a-5bf9217ae90c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 41813
Expires: Wed, 14 Apr 2021 04:00:16 GMT

GET
H/1.1 200
OK uikit-icons-fdn.min.js Show response
www.metrotimes.com/fdn-system/assets/pub/scripts/ 221 KB
88 KB 153ms
152ms Script
application/x-javascript 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/fdn-system/assets/pub/scripts/uikit-icons-fdn.min.js?cb=e0d97b2159f0d5c00b052211cdf3d272
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 1a707ebe79188b2e52b8ae9858b9866035b75aa5732efaa09967a4ed573cf3bd

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Apr 2021 22:57:47 GMT
Server: Apache
Age: 298
ETag: "37212-5bf9217ae90c0"
Vary: Accept-Encoding
X-DN-Cache-Control: max-age=259200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 89348
Expires: Wed, 14 Apr 2021 04:00:16 GMT

GET
H/1.1 200
OK fdn-lato-regular.woff2
www.metrotimes.com/foundation/fonts/ 24 KB
24 KB 154ms
153ms Font
application/octet-stream 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/fonts/fdn-lato-regular.woff2
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=e0d97b2159f0d5c00b052211cdf3d272
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: eee26a79a3555d648250b1054d10cf6ff3ce0610b6b3e0f99f38ea08a1420d21

Request headers

Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=e0d97b2159f0d5c00b052211cdf3d272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Tue, 18 Feb 2020 18:49:21 GMT
Server: Apache
Age: 1734
ETag: "602c-59ede213b0e40"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 24620

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 32ms
11ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:15 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24931
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H/1.1 200
OK MT_Redbkgd.png
www.metrotimes.com/binary/8e1e/ 2 KB
3 KB 152ms
151ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/binary/8e1e/MT_Redbkgd.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 09c0e7ca6a3b802c1833253354fe3fcc34bdb147a3c2928bd052946f923dcb51

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Sat, 10 Apr 2021 21:36:16 GMT
Server: Apache
Age: 23339
Vary: Host
X-DN-Cache-Control: max-age=2419202
Content-Type: image/png
Content-Length: 2296
Expires: Sat, 08 May 2021 21:36:18 GMT

GET
H/1.1 200
OK tmw2021-04-07printcolor-copy.jpg
media1.fdncms.com/metrotimes/imager/u/16x9-m/26838006/ 121 KB
122 KB 172ms
154ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/16x9-m/26838006/tmw2021-04-07printcolor-copy.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

a8b5f800ac1ed966c4752e71874193ab8a145dc8ea2f38185211c0cab3bf80dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Tue, 06 Apr 2021 18:05:35 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 168595
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 124091
Expires: Fri, 07 May 2021 05:15:22 GMT

GET
H/1.1 200
OK cjones04052021-copy.jpg
media2.fdncms.com/metrotimes/imager/u/16x9-m/26838012/ 200 KB
200 KB 506ms
156ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/16x9-m/26838012/cjones04052021-copy.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

75e808920512bed31b5e90fa2438167bc5bbd972f5a79d1183a5ffee1d0487d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Tue, 06 Apr 2021 18:08:26 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 168601
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 204732
Expires: Fri, 07 May 2021 05:15:16 GMT

GET
H/1.1 200
OK informed_dissent-shutterstock_527589781.jpg
media2.fdncms.com/metrotimes/imager/u/16x9-m/26809123/ 167 KB
168 KB 936ms
150ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/16x9-m/26809123/informed_dissent-shutterstock_527589781.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

a56496639ad05630327b7d4ab8b4ed90fba77bf10ba9a032638b3227f4ebb575

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Wed, 07 Apr 2021 12:06:28 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 139799
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 171261
Expires: Fri, 07 May 2021 13:15:19 GMT

GET
H/1.1 200
OK feature-a-ford-field.jpg
media2.fdncms.com/metrotimes/imager/u/16x9-m/26830555/ 288 KB
289 KB 951ms
154ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/16x9-m/26830555/feature-a-ford-field.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

6c4e51133ba62e7cdcde19397f519e6a0431ed30d488b5625cbfdd2309906f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Sat, 10 Apr 2021 13:57:18 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 50872
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 295070
Expires: Sat, 08 May 2021 13:57:26 GMT

GET
H/1.1 200
OK 040721_savage_concessions_wide.jpg
media1.fdncms.com/metrotimes/imager/u/16x9-m/26831728/ 267 KB
268 KB 447ms
149ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/16x9-m/26831728/040721_savage_concessions_wide.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

258626dda1ace17cb6474258ef6cac22e32f37225cacbd6082669f5331c5679e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Mon, 05 Apr 2021 22:27:00 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 168595
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 273544
Expires: Fri, 07 May 2021 05:15:22 GMT

GET
H/1.1 200
OK MT_Redbkgd.png
www.metrotimes.com/imager/b/tiny/808579/8e1e/ 647 B
991 B 152ms
151ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/imager/b/tiny/808579/8e1e/MT_Redbkgd.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8c4343145dc98656a76ffdd570f8e2fc13009f3acf9fbb520d6d8c39ebc5eae0

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Sun, 11 Apr 2021 03:30:15 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 1710
Vary: Host
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 647
Expires: Sun, 09 May 2021 03:36:47 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117138
x-xss-protection: 0
expires: Sun, 11 Apr 2021 04:05:15 GMT

GET
H/1.1 200
OK fdn-lato-bold.woff2
www.metrotimes.com/foundation/fonts/ 25 KB
25 KB 155ms
154ms Font
application/octet-stream 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/fonts/fdn-lato-bold.woff2
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=e0d97b2159f0d5c00b052211cdf3d272
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 9a58bbe9a737679707bdcbf60ab3239d554f6e06bd9bf613b509d9badfd88ed6

Request headers

Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=e0d97b2159f0d5c00b052211cdf3d272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Tue, 18 Feb 2020 18:49:21 GMT
Server: Apache
Age: 1776
ETag: "6244-59ede213b0e40"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 25156

GET
H/1.1 200
OK fdn-lato-black.woff2
www.metrotimes.com/foundation/fonts/ 24 KB
24 KB 154ms
153ms Font
application/octet-stream 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotimes.com/foundation/fonts/fdn-lato-black.woff2
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=e0d97b2159f0d5c00b052211cdf3d272
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 279e9aed3ee45e5c46cd06e98a998e2157d46dc91621e9d786f85e1bc7779e2d

Request headers

Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/fdn-system/assets/pub/styles/desktop.css?cb=e0d97b2159f0d5c00b052211cdf3d272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:15 GMT
Last-Modified: Tue, 18 Feb 2020 18:49:21 GMT
Server: Apache
Age: 1710
ETag: "5ee8-59ede213b0e40"
Content-Type: text/plain
Accept-Ranges: bytes
Content-Length: 24296

GET
H3-Q050 200 bridge3.450.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BEB2 574 KB
188 KB 35ms
21ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.450.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191926
date: Thu, 08 Apr 2021 02:43:30 GMT
expires: Fri, 08 Apr 2022 02:43:30 GMT
last-modified: Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 264105
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sun, 11 Apr 2021 04:05:15 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8FFB 36 KB
12 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 03:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2478
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sun, 11 Apr 2021 04:23:57 GMT

GET
H/1.1 200
OK shutterstock_364276379.jpg
media1.fdncms.com/metrotimes/imager/u/bigsquare/25417267/ 14 KB
14 KB 156ms
154ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/25417267/shutterstock_364276379.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

a0ba06c552e885443d584f35bbbd6a5f279b8cbe0b29b4fba424b7adb37d404b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Fri, 25 Sep 2020 14:21:23 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 106756
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 14241
Expires: Fri, 07 May 2021 22:26:01 GMT

GET
H/1.1 200
OK screen_shot_2020-04-27_at_9.36.53_am.png
media2.fdncms.com/metrotimes/imager/u/bigsquare/24419986/ 71 KB
71 KB 759ms
149ms Image
image/png 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/bigsquare/24419986/screen_shot_2020-04-27_at_9.36.53_am.png

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

df21751a7aead3f9ca513fcc34dc5c257b6efe3ddbfedacea2a2b50651dace05

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Mon, 27 Apr 2020 13:52:30 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 16438
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 72509
Expires: Sat, 08 May 2021 23:31:20 GMT

GET
H/1.1 200
OK detroit_axe_facebook.png
media2.fdncms.com/metrotimes/imager/u/bigsquare/21913103/ 72 KB
73 KB 783ms
156ms Image
image/png 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/bigsquare/21913103/detroit_axe_facebook.png

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

d90edda7a67718fc12463cc71bd9c808356409839b987b380383da699eb3b41b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Mon, 17 Jun 2019 14:52:22 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 76018
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 74011
Expires: Sat, 08 May 2021 06:58:20 GMT

GET
H/1.1 200
OK shutterstock_774009790_1_.jpg
media1.fdncms.com/metrotimes/imager/u/bigsquare/26783667/ 11 KB
12 KB 154ms
153ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/26783667/shutterstock_774009790_1_.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

2b186d6ac9501828aa01a595d7ce1c5d45088fc0e9f36250cfdd2151c3482772

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Fri, 02 Apr 2021 15:23:46 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 16437
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 11665
Expires: Sat, 08 May 2021 23:31:20 GMT

GET
H/1.1 200
OK food-louisiana-koneill_fhlouisianacreole_03.jpg
media1.fdncms.com/metrotimes/imager/u/bigsquare/26669756/ 15 KB
15 KB 308ms
153ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/26669756/food-louisiana-koneill_fhlouisianacreole_03.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

5a82eb4722ebf7a112165f1344e4fbeba3d10bf75e4b4dc0e71c26e06405bea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Sun, 21 Mar 2021 15:43:10 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 152678
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 15144
Expires: Fri, 07 May 2021 09:40:39 GMT

GET
H/1.1 200
OK culture-valentine.jpg
media1.fdncms.com/metrotimes/imager/u/bigsquare/26645492/ 17 KB
17 KB 310ms
153ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/26645492/culture-valentine.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

e2220a4b87c4fe33b87e20331d567f24b3c9d2199c2d75b691090cea85afad82

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Fri, 12 Mar 2021 17:22:22 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 24433
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 17413
Expires: Sat, 08 May 2021 21:18:05 GMT

GET
H/1.1 200
OK screen-shot-2021-04-09-at-2.19.49-pm.jpg
media1.fdncms.com/metrotimes/imager/u/bigsquare/26867607/ 18 KB
19 KB 158ms
154ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/26867607/screen-shot-2021-04-09-at-2.19.49-pm.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

9b9df56314a2a21d3816028befc52e765835a97f0f84a5f2ae48db2587235a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Sat, 10 Apr 2021 13:59:47 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 50396
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 18764
Expires: Sat, 08 May 2021 14:05:21 GMT

GET
H/1.1 200
OK shutterstock_1726888900.jpg
media2.fdncms.com/metrotimes/imager/u/bigsquare/26324941/ 10 KB
10 KB 634ms
156ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/bigsquare/26324941/shutterstock_1726888900.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

f5111ebc0ecbff66d842cce8bd71a0b88a91ce9ba373d223fdf4751bb5c9d196

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Last-Modified: Mon, 22 Mar 2021 16:29:37 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 168586
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 10266
Expires: Fri, 07 May 2021 05:15:32 GMT

GET
H/1.1 200
OK feature-meijer-cherry-tree-promenade_petemcdaniel_1.jpg
media1.fdncms.com/metrotimes/imager/u/bigsquare/26669419/ 15 KB
16 KB 161ms
160ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/bigsquare/26669419/feature-meijer-cherry-tree-promenade_petemcdaniel_1.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

3cbc39fb3ef6e187f47bd884106c84c2af99431f3b1ed4496a99f28113d9cb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Wed, 17 Mar 2021 13:16:24 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 146760
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 15761
Expires: Fri, 07 May 2021 11:19:17 GMT

GET
H/1.1 200
OK screen_shot_2019-11-21_at_10.57.20_am.png
media2.fdncms.com/metrotimes/imager/u/bigsquare/23174066/ 71 KB
71 KB 392ms
153ms Image
image/png 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/bigsquare/23174066/screen_shot_2019-11-21_at_10.57.20_am.png

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

25a63865564e00abd9e05fc65ed7d30131d803164ed89c1f63dc3bf78837d547

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Last-Modified: Mon, 25 Nov 2019 22:30:58 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 16438
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/png
Content-Length: 72412
Expires: Sat, 08 May 2021 23:31:20 GMT

GET
H/1.1 200
OK gray_45degLineFull.png
www.metrotimes.com/images/backgrounds/ 1 KB
1 KB 154ms
154ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/backgrounds/gray_45degLineFull.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/components.css?cb=19e7636692ab9da1915df37aa08e9653
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 166ffb156fe893d301169ee0023b387cf7e22535c89aa8112b0ed07e87d46928

Request headers

Referer: https://www.metrotimes.com/styles/components.css?cb=19e7636692ab9da1915df37aa08e9653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 1792
ETag: "456-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1110
Expires: Sun, 09 May 2021 03:35:26 GMT

GET
H/1.1 200
OK 25-01_Cover.jpg
www.metrotimes.com/imager/b/cover/26830546/67d4/ 11 KB
11 KB 158ms
155ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/imager/b/cover/26830546/67d4/25-01_Cover.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: b8f5b2909ccaefb9e93117f7efe5478f1a806c6c31bc6b61136ab3c3d152d4ca

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Wed, 07 Apr 2021 16:19:57 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 1771
Vary: Host
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 10879
Expires: Sun, 09 May 2021 03:35:47 GMT

GET
H2 200 embed.html Show response
e.issuu.com/ Frame ABBC 4 KB
2 KB 31ms
8ms Document
text/html 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96117e861a7bb5ac2b75e14eba59cb0f23289ad6d1fe7a74ec66f1b3487b1a3c

Request headers

:method: GET
:authority: e.issuu.com
:scheme: https
:path: /embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

x-amz-id-2: BniHIX72npsxsjEFjzjijkFjZE/NIGlnXjCClOa3p6Eu237v9V3v6LmN6YEM/oxxBnsrgvyYV3A=
x-amz-request-id: 5EZSNPFQWWADZ5SY
last-modified: Fri, 09 Apr 2021 09:20:36 GMT
etag: "8e101c66440b27dcba3d2a9898fbed2b"
cache-control: public, max-age=300
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Apr 2021 04:05:16 GMT
via: 1.1 varnish
age: 210
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 4
x-timer: S1618113917.592664,VS0,VE0
vary: Accept-Encoding
content-length: 1921

GET
H/1.1 200
OK mag20px.png
www.metrotimes.com/images/icons/ 2 KB
2 KB 153ms
152ms Image
image/png 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/icons/mag20px.png
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/components.css?cb=19e7636692ab9da1915df37aa08e9653
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8656a625a0d02ad7c895a5e8ceaeb3c0b6faf432f4ef2493a77854db114d7a0c

Request headers

Referer: https://www.metrotimes.com/styles/components.css?cb=19e7636692ab9da1915df37aa08e9653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 1791
ETag: "63d-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1597
Expires: Sun, 09 May 2021 03:35:26 GMT

GET
H2 200 react.production.min.js Show response
unpkg.com/react@16.14.0/umd/ Frame ABBC 12 KB
5 KB 41ms
16ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.14.0/umd/react.production.min.js

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4651013
vary: Accept-Encoding
cf-request-id: 0960b406e1000005fdb02e2000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 9cdffc233119365a6b0a22793ef49fc0
cache-control: public, max-age=31536000
cf-ray: 63e155eb0ada05fd-FRA

GET
H2 200 react-dom.production.min.js Show response
unpkg.com/react-dom@16.14.0/umd/ Frame ABBC 116 KB
36 KB 46ms
21ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 301069
fly-request-id: 01F2PJHVWKQ37S29ZFNBRTJWFA
content-encoding: br
vary: Accept-Encoding
cf-request-id: 0960b406e1000005fd1e22c000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63e155eb0adb05fd-FRA

GET
H2 200 iframe-embed.js Show response
e.issuu.com/issuu-reader3-embed-files/217/ Frame ABBC 1 MB
342 KB 12ms
12ms Script
application/javascript 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4fca4173a9186b75303d0c92cc2591005c289a17fdac7c1e3f3867084da5034

Request headers

Referer: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:16 GMT
content-encoding: gzip
age: 153876
via: 1.1 varnish
x-cache: HIT
content-length: 350025
x-amz-id-2: B6L1+fDMRliq1MHFl6IzpdrYrf7/gcg8ANea/O4cTWFTTT41qH24q6TL0z2KuPR+6FhzdZnPRXc=
x-served-by: cache-fra19163-FRA
last-modified: Fri, 09 Apr 2021 09:20:39 GMT
server: AmazonS3
x-timer: S1618113917.616671,VS0,VE0
etag: "e799920eae51f64cb017850ee80e3b1b"
vary: Accept-Encoding
x-amz-request-id: 038239C4EY3ZZHM5
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 124

GET
H2 200 iframe-embed.css
e.issuu.com/issuu-reader3-embed-files/217/ Frame ABBC 172 KB
77 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.css
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95d983f57f971d5aed3ac4f1376de3a67bf97918b8d88a4a8636fc856c140914

Request headers

Referer: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:16 GMT
content-encoding: gzip
age: 153875
via: 1.1 varnish
x-cache: HIT
content-length: 79072
x-amz-id-2: tn/dVW2Mq24bHqGRtOphLV4V3fAGhNcOs3OxPdpMwHVeSyHAMSpGgs7nOGDeXIl5P7KmLnmUF/E=
x-served-by: cache-fra19163-FRA
last-modified: Fri, 09 Apr 2021 09:20:39 GMT
server: AmazonS3
x-timer: S1618113917.615691,VS0,VE0
etag: "efa79a14a29eb07b8fcf2b125f9cf0f6"
vary: Accept-Encoding
x-amz-request-id: 038DNMSZ1Y9ABYNP
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: text/css
x-cache-hits: 5893

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame ABBC 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 977
date: Sun, 11 Apr 2021 03:48:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sun, 11 Apr 2021 05:48:59 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame ABBC 23 KB
9 KB 15ms
6ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:16 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 18 Apr 2021 04:05:16 GMT

GET
H2 200 reader3_4.json Show response
reader3.isu.pub/euclidmediagroup/_mt_040721/ Frame ABBC 9 KB
969 B 23ms
6ms XHR
application/json 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://reader3.isu.pub/euclidmediagroup/_mt_040721/reader3_4.json
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56545f5f019ae2189814354168bcde6929caa770b0456023c9dfff299b54b41f

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:16 GMT
content-encoding: gzip
age: 34799
via: 1.1 varnish
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000
content-length: 566
x-amz-id-2: WgbO17x8+IFgdcmfzWRhfBKgjfVJw4hUsX7+anvILm5PsQYJGRW9rk7Jwj1qO+nk+BwpwTv9f3s=
x-served-by: cache-hhn4048-HHN
last-modified: Wed, 07 Apr 2021 00:34:24 GMT
server: AmazonS3
x-timer: S1618113917.885235,VS0,VE0
etag: "3ce1d9a3242e62b2eae15292a9f0c1c8"
x-amz-request-id: 2VACKT6KT8Q15YYW
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-cache-hits: 1

GET
H2 200 _mt_040721 Show response
issuu.com/call/backend-reader3/dynamic/euclidmediagroup/ Frame ABBC 585 B
575 B 307ms
116ms XHR
application/json 34.193.232.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://issuu.com/call/backend-reader3/dynamic/euclidmediagroup/_mt_040721

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.232.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-232-123.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

48d600c40b42a7e3a007bdfedb3d650c3f270980d7858c96b95719548b5c25af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Cowboy
content-type: application/json
access-control-allow-origin: https://e.issuu.com
accept-ch: UA-Arch,UA-Full-Version,UA-Mobile,UA-Model,UA-Platform-Version,UA-Platform,UA,ECT,DPR,Downlink,Save-Data,Width,Viewport-Width
content-length: 308

GET
BLOB 200
OK dcb58784-f325-4f10-a133-afd37533b4df
https://e.issuu.com/ Frame ABBC 397 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://e.issuu.com/dcb58784-f325-4f10-a133-afd37533b4df
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/embed.html?d=_mt_040721&hideIssuuLogo=true&u=euclidmediagroup
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a547934f2bbf06d860e17a6e71cb1181669caf01f26fd67c1e55d0102ef077a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 397

GET
H/1.1 200
OK MT_Donate_150x150.jpg
www.metrotimes.com/binary/f24f/ 13 KB
13 KB 153ms
152ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/binary/f24f/MT_Donate_150x150.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: f4290d1b95415c63c669966c50246854e7cbe8375cec496639bb0555bb6e4119

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Fri, 19 Mar 2021 18:13:04 GMT
Server: Apache
Age: 1712
Vary: Host
X-DN-Cache-Control: max-age=2419202
Content-Type: image/jpeg
Content-Length: 13000
Expires: Sun, 09 May 2021 03:36:47 GMT

GET
H/1.1 200
OK UsersGuide_150x150__1_.jpg
www.metrotimes.com/binary/2041/ 18 KB
18 KB 154ms
153ms Image
image/jpeg 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/binary/2041/UsersGuide_150x150__1_.jpg
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 8b73cf59c6bef434696cec05f55ac95e2f0e464d74ce0b2bd02e6f11f7558f97

Request headers

Referer: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:16 GMT
Last-Modified: Fri, 19 Mar 2021 18:13:04 GMT
Server: Apache
Age: 1712
Vary: Host
X-DN-Cache-Control: max-age=2419202
Content-Type: image/jpeg
Content-Length: 18320
Expires: Sun, 09 May 2021 03:36:47 GMT

GET
H2 200 _mt_040721 Show response
issuu.com/call/reader/api/links/euclidmediagroup/ Frame ABBC 2 B
348 B 283ms
154ms XHR
application/json 34.193.232.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://issuu.com/call/reader/api/links/euclidmediagroup/_mt_040721

Requested by

Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.232.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-232-123.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Cowboy
content-type: application/json
access-control-allow-origin: https://e.issuu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ch: UA-Arch,UA-Full-Version,UA-Mobile,UA-Model,UA-Platform-Version,UA-Platform,UA,ECT,DPR,Downlink,Save-Data,Width,Viewport-Width

GET
H2 200 smartzoom.bin Show response
assets.isu.pub/smartzoom/210407000541-8d7dad7a31e76e31cb7558e120882213/v1/ Frame ABBC 9 KB
9 KB 8ms
6ms Fetch
application/octet-stream 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.isu.pub/smartzoom/210407000541-8d7dad7a31e76e31cb7558e120882213/v1/smartzoom.bin
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86368c141a45e1f09a2bc1a22ef8a51308a0e7575147b6647d695a16cf060841

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 4778
x-cache: HIT, HIT
content-length: 9390
x-amz-id-2: e3VeXxE809YhPCKs9lkHHJ38/xMy0CcvgfLdQrldQHVAtLWgPLnZakvJbcgWJzm0Wv5cy++E7ps=
x-served-by: cache-bwi5146-BWI, cache-hhn4048-HHN
last-modified: Wed, 07 Apr 2021 00:05:48 GMT
server: AmazonS3
x-timer: S1618113917.935058,VS0,VE0
etag: "1f25437eec8d318ef33b731f21af94f7"
x-amz-request-id: 6GQMR0K4NQFXAC2S
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 1

GET
H2 200 / Show response
photos.metrotimes.com/thumbnail-scroller-square/ Frame 94F3 8 KB
3 KB 797ms
769ms Document
text/html 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 809a151fb6c0aa53b9a7b79d2e7539b64a26d49298512eef1ed6b43024ed0ccb

Request headers

:method: GET
:authority: photos.metrotimes.com
:scheme: https
:path: /thumbnail-scroller-square/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _fbp=fb.1.1618113914711.1913616575
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d11ad033c9c9dc8cbfd193b84e83ebc3d1618113916; expires=Tue, 11-May-21 04:05:16 GMT; path=/; domain=.metrotimes.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.2.34
cf-edge-cache: cache,platform=wordpress
link: <https://photos.metrotimes.com/wp-json/>; rel="https://api.w.org/" <https://photos.metrotimes.com/wp-json/wp/v2/pages/14379>; rel="alternate"; type="application/json" <https://photos.metrotimes.com/?p=14379>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 0960b40829000053697e0b9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t%2BgjjsQNzAwTlhzoPUpeCZac2vplK9i%2FhegwUZmgzjRENPkYpOJKVuh5BesjIucEnoXUJB1t%2B9mGkd%2F71aRIu77ggD2CE89LkOZuLv63tZH2Rt5vaDruhH1oNxwm4%2B3UgME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63e155ed0eca5369-FRA
content-encoding: br

GET
H/1.1 200
OK vaccinecovid.jpg
media2.fdncms.com/metrotimes/imager/u/original/26324943/ 11 KB
11 KB 237ms
155ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/original/26324943/vaccinecovid.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

6e069a03fc94f1093687bd1dc24f5532070ca41b7c53ceb0137e1cfbcf9b4797

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Last-Modified: Wed, 27 Jan 2021 14:32:38 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 60593
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 11361
Expires: Sat, 08 May 2021 11:15:25 GMT

GET
H/1.1 200
OK musictowatch.jpg
media1.fdncms.com/metrotimes/imager/u/original/26324678/ 17 KB
18 KB 149ms
149ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/original/26324678/musictowatch.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

132d57a4a149305b69addae71121eede5194c86d26beec45d4395058bbafff63

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Last-Modified: Wed, 27 Jan 2021 13:52:51 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 60609
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 17868
Expires: Sat, 08 May 2021 11:15:09 GMT

GET
H/1.1 200
OK igloos.jpg
media1.fdncms.com/metrotimes/imager/u/original/26324944/ 16 KB
17 KB 153ms
152ms Image
image/jpeg 209.104.5.203
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/metrotimes/imager/u/original/26324944/igloos.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.203 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

e0ee9666e7a26d0e0b170585ea46784a25a8c9f31ee99ba6f1c9b375a00ff396

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Last-Modified: Wed, 27 Jan 2021 14:44:59 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 60570
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 16534
Expires: Sat, 08 May 2021 11:15:48 GMT

GET
H/1.1 200
OK best_of_2020.jpg
media2.fdncms.com/metrotimes/imager/u/original/25454369/ 20 KB
20 KB 157ms
157ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.fdncms.com/metrotimes/imager/u/original/25454369/best_of_2020.jpg

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Tucson, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

8c0d81307b185313dd128991d64e74fd9708f4730e236c3545e2da332c3b127a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Last-Modified: Wed, 30 Sep 2020 17:58:40 GMT
Server: Apache
X-Gyrobase-Publication: metrotimes
Age: 67765
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 20211
Expires: Sat, 08 May 2021 09:15:53 GMT

GET
H/1.1 200
OK rss-small.gif
www.metrotimes.com/images/ 558 B
859 B 149ms
148ms Image
image/gif 209.104.5.202
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotimes.com/images/rss-small.gif
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/styles/defaults.css?cb=19e7636692ab9da1915df37aa08e9653
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.104.5.202 Tucson, United States, ASN22772 (LOGIN, US),
Reverse DNS: fdncms.com
Software: Apache /
Resource Hash: 4c0f8cf23d4d87f037b07b227f64f35eefb1d51556c66250811ea732137bbb5c

Request headers

Referer: https://www.metrotimes.com/styles/defaults.css?cb=19e7636692ab9da1915df37aa08e9653
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Last-Modified: Wed, 18 Feb 2015 22:21:40 GMT
Server: Apache
Age: 1710
ETag: "22e-50f643e4e0500"
X-DN-Cache-Control: max-age=2419202
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 558
Expires: Sun, 09 May 2021 03:36:48 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 42ms
21ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 220
x-cache: Hit from cloudfront
cf-request-id: 0960b4088a00004ec203bd6000000001
last-modified: Mon, 22 Feb 2021 18:41:52 GMT
server: cloudflare
etag: W/"1e16152334c325a4abb81f1a8ee52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 955acc3fed5ff84789d05d4e8c15bf09.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: VIE50-C2
cf-ray: 63e155edab734ec2-FRA
x-amz-cf-id: 76o7J1504XoseVgWYx4j_v-5gjqjpxqQJoGdvXnjV3ZlnvBB32mzVA==

GET
H2 200 build.js Show response
gadget.pico.tools/load/ 479 B
1 KB 260ms
235ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/load/build.js
Requested by: Host: widget.pico.tools
URL: https://widget.pico.tools/wrapper.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9b7c9c828e72145f61491bc7422f325be7c3ec11f9e0b2aa06e887810da132

Request headers

Origin: https://www.metrotimes.com
Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CMWCEXT3P01T4ZNX
cf-polished: origSize=567
cf-ray: 63e155edfeab2c3a-FRA
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9YN5fAFVcwuDV7tQJBvophw3hPcZRUQPPNyUJ7s4D1Pad1uYX7EOLsihiAwIGEtwrAcwPXoqKj8=
last-modified: Fri, 26 Mar 2021 16:14:59 GMT
server: cloudflare
etag: W/"67478e7c5a4db86c7b5b7246735965a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LCIYhpuVtKDgxQb2eEEKhuNqMyNp2OMZVJtaoOhKiN0Fgc3TFL5lWwO07UBj5aCfULTNak28zl0gAuzihRZoDm4DHhzjYwr6ueCI6Iwog30fcgYdjjnwIGapd1c%2F6w%3D%3D"}]}
x-amz-version-id: ghplvav39Mo62.K.fLCvsj4apv.Me4BV
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: no-cache
cf-request-id: 0960b408b900002c3a022dc000000001
content-type: application/javascript
cf-bgj: minify

GET
H2 200 donate-button.v2.css
us.commitchange.com/css/ 3 KB
1 KB 34ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/css/donate-button.v2.css

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/js/donate-button.v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f6f6f6d18be8bf6359ce49cf949cd1f9e51d74f85550e5325e20517726a85d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58551
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b408c500002bf25329c000000001
x-content-digest: 0e6e010e7fb31dbbd34c3804889c122ed5d560d5
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yuPeYlnUo2AHEIuly5dOPcbVlKHFTvr%2FWtY2YNWx7f1iToLpEOf2tLn7EXJHynsdUUvLpdudM0a9UFZltN3%2FYtdpm7LTeK9YIydpkoCa2G7garztLy9cawtLZBk2%2Fapy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155ee0e722bf2-FRA
x-rack-cache: fresh

GET
H2 200 btn Show response
us.commitchange.com/nonprofits/5487/ Frame 7B6C 900 B
852 B 424ms
424ms Document
text/html 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/nonprofits/5487/btn

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/js/donate-button.v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26088efe57ff64e40bb35b16634f88dc069ab85ce3e64bedd6d347b6c1b628e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: us.commitchange.com
:scheme: https
:path: /nonprofits/5487/btn
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d2106607425a22cf8af0e9c453c082fd41618113917; expires=Tue, 11-May-21 04:05:17 GMT; path=/; domain=.commitchange.com; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=2592000; includeSubDomains
x-ua-compatible: IE=Edge,chrome=1
cache-control: max-age=0, private, must-revalidate
x-request-id: ac643e21-98dc-4d16-914b-6e078a6b04ba
x-runtime: 0.005732
vary: Accept-Encoding
x-rack-cache: miss
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 0960b408c700002bf2bd3a7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yCAj5xgkcaS%2FLadOL6BJvynoA8lSFK1kRdsVSFH2yZbziPnyXVh%2FNZD2GMqNiAnj0As5XBKH%2FqCDhphHFazMsZP6VXqx7%2F4JXAm7ABFwGISsInVP893pMpnhTLDWNmVw"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 63e155ee0e752bf2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET donate
us.commitchange.com/nonprofits/5487/ Frame EB1B 0
0

GET
H2 200 btn Show response
us.commitchange.com/nonprofits/5487/ Frame 980C 900 B
987 B 464ms
462ms Document
text/html 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/nonprofits/5487/btn?fixed=t

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/js/donate-button.v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26088efe57ff64e40bb35b16634f88dc069ab85ce3e64bedd6d347b6c1b628e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: us.commitchange.com
:scheme: https
:path: /nonprofits/5487/btn?fixed=t
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d2106607425a22cf8af0e9c453c082fd41618113917; expires=Tue, 11-May-21 04:05:17 GMT; path=/; domain=.commitchange.com; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=2592000; includeSubDomains
x-ua-compatible: IE=Edge,chrome=1
cache-control: max-age=0, private, must-revalidate
x-request-id: aeb75466-1aa1-4b81-937d-86c1d47ee0a6
x-runtime: 0.018349
vary: Accept-Encoding
x-rack-cache: miss
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 0960b408ca00002bf2b521d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yKslq7IuFfiPzWHZmjMJfSQ2jtI9ZRfQqoUd%2FAEPVvzCFexI0%2Fd2cbaRb8sHvH8%2BD%2FkrWiZu1VdQOlTqpSlHFQk8b1UpIeTzLCM7Hi65gn8MlmncFGc%2BwltubpTzJW7T"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 63e155ee1e812bf2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 donate Show response
us.commitchange.com/nonprofits/5487/ Frame 7415 13 KB
5 KB 453ms
452ms Document
text/html 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/js/donate-button.v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ffe2612271f116f827487906e09fae6278831ae2643d14f6dd6b908cbf4640

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: us.commitchange.com
:scheme: https
:path: /nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d2106607425a22cf8af0e9c453c082fd41618113917; expires=Tue, 11-May-21 04:05:17 GMT; path=/; domain=.commitchange.com; HttpOnly; SameSite=Lax; Secure _session_id=a849aa5dacaa2190f0773d18f823c2ac; path=/; expires=Sun, 11-Apr-2021 16:05:17 GMT; secure; HttpOnly
strict-transport-security: max-age=2592000; includeSubDomains
x-ua-compatible: IE=Edge,chrome=1
cache-control: max-age=0, private, must-revalidate
x-request-id: 2cb3b141-532c-4ca1-9123-8551af83a7a8
x-runtime: 0.056481
vary: Accept-Encoding
x-rack-cache: miss
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 0960b408cb00002bf2589ed000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZZYYf7MYHDEs7UZSvwg5rJtx1T3HiU3n0mTUAgRpJlyUw4EbGR8QhaaiTOpfiANn9DHncGYGWLOGPmgPGPQXihAKkjMrqphgeEhs09hfhYre2JiALop7pdgO%2BzIS36N1"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 63e155ee1e842bf2-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 like.php Show response
www.facebook.com/v3.2/plugins/ Frame DBFD 47 KB
15 KB 129ms
129ms Document
text/html 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df209ba6e9655f24%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff9963ec32caa88%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1f1f00b42121402e607e95647655ef27&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cccd2dc8559a4645a8704bd7eaf4128bdea5676630c5fe8a8a6253eca2e2eadc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df209ba6e9655f24%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff9963ec32caa88%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: ptvCH0rQ8SBFjraPy9FXrMB9Ccb/Wh5U/ZqK4pAXP36nPCq3UOb8guS2DO+4Z86kJYEZhdRy9/KFIfi0iTMf1Q==
date: Sun, 11 Apr 2021 04:05:17 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html Show response
platform.twitter.com/widgets/ Frame 4AA1 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fwww.metrotimes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6793) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.metrotimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 175888
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 11 Apr 2021 04:05:17 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Mon, 05 Apr 2021 23:22:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6793)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-51f9437a2abb7e86/ 1 KB
609 B 250ms
248ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-51f9437a2abb7e86/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e27725e64d6d9f8b0ffbf3f35f8fd0c986304e2a2102f52e123097d03b4f565

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
etag: 1132884162--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 433

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 23 KB
9 KB 8ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 18 Apr 2021 04:05:17 GMT

GET
H2 200 rules-p-a4LDpi_DEopn-.js Show response
rules.quantcount.com/ 147 B
522 B 24ms
24ms Script
application/x-javascript 2600:9000:2016:de00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a4LDpi_DEopn-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2019 16:40:34 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: "64852ad0768d254e4052f94f8b97011c"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 147
x-amz-cf-id: 0zvwlomr2SUwVd0lsH7yFkFf_cwFTnFjsn7OAhNK4WwMpbw7MoziPg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 7ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 18 Apr 2021 04:05:17 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 296ms
14ms Script
application/x-javascript 54.230.55.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHZV5V
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-228.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 19:27:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 34963
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 7eb78201dd5759c1d23b9ba1db9d8cd8.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HAM50-C1
X-Amz-Cf-Id: va4ruGxDGoWfCTHOjmW_71oiGq1mYPTbBlqBnf07G8Bj01Yb8K6zWg==

GET
DATA 200
OK truncated
/ Frame ABBC 122 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d14518724e7fc0ba99c1dc3d79d1e48dc8ca2ed08c83d967a17852bdbaf3703

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 page_1.bin Show response
layers.isu.pub/8d7dad7a31e76e31cb7558e120882213/210407000541/v2/ Frame ABBC 208 KB
205 KB 8ms
7ms XHR
application/octet-stream 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://layers.isu.pub/8d7dad7a31e76e31cb7558e120882213/210407000541/v2/page_1.bin
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8b68a0c533f80534ba39db48b7c2af1e8c81450bb0b308102765950e7618606

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 136658
x-cache: HIT, HIT
content-encoding: gzip
content-length: 209547
x-amz-id-2: 4avjixTAJUIF8FSx/NJkTi0XSahViKojkDmvkuh6nGEWLpgjfKEguerewnQNrv70LscLb1cpKww=
x-served-by: cache-bwi5134-BWI, cache-hhn4048-HHN
last-modified: Wed, 07 Apr 2021 00:05:47 GMT
server: AmazonS3
x-timer: S1618113917.264975,VS0,VE1
etag: "febe639b8180053f91fbc5965ba6e686"
x-amz-request-id: 99Q5626A2NZHA9VR
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 1

GET
H2 200 page_3.bin Show response
layers.isu.pub/8d7dad7a31e76e31cb7558e120882213/210407000541/v2/ Frame ABBC 164 KB
153 KB 18ms
18ms XHR
application/octet-stream 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://layers.isu.pub/8d7dad7a31e76e31cb7558e120882213/210407000541/v2/page_3.bin
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd3225db7f54e1adc3da516b35c61c5eaf872b7e48fbebc6d56fb964444452e5

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 136658
x-cache: HIT, HIT
content-encoding: gzip
content-length: 156656
x-amz-id-2: Gk/bzYSoag3wd/RdqK6ixm/8H3K5Wz6tj/sRY7Wvgdfcczqs4gJpgCfps9AE+ZGfaqgQGlcEHvg=
x-served-by: cache-bwi5132-BWI, cache-hhn4048-HHN
last-modified: Wed, 07 Apr 2021 00:05:47 GMT
server: AmazonS3
x-timer: S1618113917.269236,VS0,VE1
etag: "994b46fcbbe9d7fcf661d46576990ec6"
x-amz-request-id: 99Q1TN2S4MH03TE2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 1, 1

GET
H2 200 page_2.bin Show response
layers.isu.pub/8d7dad7a31e76e31cb7558e120882213/210407000541/v2/ Frame ABBC 141 KB
119 KB 18ms
18ms XHR
application/octet-stream 2a04:4e42:1b::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://layers.isu.pub/8d7dad7a31e76e31cb7558e120882213/210407000541/v2/page_2.bin
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 728e18a87209d9effd0e039984afda4b0e4ad04df1a33df0cdf748646ff18838

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 varnish, 1.1 varnish
age: 136658
x-cache: HIT, HIT
content-encoding: gzip
content-length: 122055
x-amz-id-2: blbhOXaR0ZS3mGiZfTunslw3ToK7nGgtvtsT+SvexPwMMJXkYcUV8l/gBBTUS0nLnOsDzpB1sgc=
x-served-by: cache-bwi5151-BWI, cache-hhn4048-HHN
last-modified: Wed, 07 Apr 2021 00:05:47 GMT
server: AmazonS3
x-timer: S1618113917.269290,VS0,VE1
etag: "20257007816ea99bf3dcb9e62f6bb8ee"
x-amz-request-id: 99QC5VS5T42Y3YPT
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/octet-stream
x-cache-hits: 19, 1

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
392 B 449ms
447ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=26668640&u=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 737e8eee5ba2327154de4eff16a6aff9ce47b7d83977dcca8f7b09f516293823

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 63e155ef2d3a4ec2-FRA
cf-request-id: 0960b4097900004ec22b0f6000000001

GET
DATA 200
OK truncated
/ Frame ABBC 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 060cc77f3ddf9a18e0eef5704ce771c7c4272788545a84bd752b3d7e7dcfb8b5

Request headers

Origin: https://e.issuu.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ABBC 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93d9e30c89ec182aaaf2330ba6f87a6cf9e97eb33df03c60f48288cb032e3b3e

Request headers

Origin: https://e.issuu.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ABBC 1012 B
1012 B Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2e1a9c311155d4e51bc92b14b3873efe85d84df6e928fe1cfa3f5cd55a1254d

Request headers

Origin: https://e.issuu.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame ABBC 952 B
952 B Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1fd97b046e4c07e0b7a7ce9ee65ef57aea3d259e89d4f5208d96916c4ecd3d6

Request headers

Origin: https://e.issuu.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame DBFD 400 B
670 B 14ms
14ms Image
image/png 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df209ba6e9655f24%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff9963ec32caa88%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df209ba6e9655f24%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff9963ec32caa88%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: hp9OJwALEpEuQOExQi6Omtc/1tmBQ//YVzqGH6wHfHNQBDBSPuyotAt/pDptKS8oF6MEXz9ak3QP76vBRuOS2g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 06 Apr 2021 03:02:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 06 Apr 2022 03:02:04 GMT

GET
H2 200 pq5PmZshFQQ.js Show response
www.facebook.com/rsrc.php/v3iEpO4/y9/l/en_US/ Frame DBFD 478 KB
124 KB 15ms
14ms XHR
application/x-javascript 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/y9/l/en_US/pq5PmZshFQQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

003fd10ced20a31ddee2cb8cd496fbd9c21efc94a2c35bfd61b6e02a004be62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df209ba6e9655f24%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff9963ec32caa88%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 07:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uNSM+VWGkFlmtcuM7oRDYA==
cross-origin-resource-policy: cross-origin
content-length: 126464
x-fb-rlafr: 0
x-fb-debug: Wi+stIT3e431BXsvA43hMaMSsrSwvNSp5DuLWP44r+QNFudgJTneygwUwkReOrK2D4Hiw+8Uz45tPdjmKaEtmQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 10 Apr 2022 07:48:26 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4AA1 183 B
411 B 142ms
125ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=47a2df1bf28aa129656037e52e746d73ce3152cb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e16c6ecf9d86005b77fc7c17beced5d8.html?origin=https%3A%2F%2Fwww.metrotimes.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 118
date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
last-modified: Sun, 11 Apr 2021 04:05:17 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bc721b83a5befe25fb5322326d81da4e
strict-transport-security: max-age=631138519
content-length: 152

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js Show response
gadget.pico.tools/ 181 KB
54 KB 22ms
20ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/load/build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57c1173c9e6e35bbd38667aced791f010536505c46fb05ce128b8e8bdf3dee

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1427102
cf-polished: origSize=185362
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VJXJNKEFR2TTF8W1
x-amz-id-2: RJ+zhYm8Y5k6780HeAeiu7ePcMNlNQIUnlIuqYZcXQxOQuIM/IH1rsZdgZgobV+WXs61oy/iDqo=
last-modified: Thu, 25 Mar 2021 15:40:08 GMT
server: cloudflare
etag: W/"b2c832eec174751dc375f949e90c456f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oENhpHM3xK6Ne5kl4rBYUqhYF7Qczt0IM32%2F%2FYvuhPd4zQEb2pt2Fzj2fSNd49rOyAIA516n%2FPob%2FiZlqz7U%2B%2BUuF2C57NL08kd%2F%2BGdK2fsKunWFzdofsLV5bsxwEw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: PIwBgsLhpX_f.JCQQ3mJqlfntLfpDrUX
cf-request-id: 0960b409e900004ab6879e0000000001
cf-ray: 63e155efdd3c4ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~wrapper.03ffa4c1575985c89bbe.js Show response
gadget.pico.tools/ 47 KB
13 KB 16ms
14ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~wrapper.03ffa4c1575985c89bbe.js
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/load/build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594e62753fc4706171d8d844b29bebc8810ca449cb54d02e4e29a76c1b3ab150

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1427102
cf-polished: origSize=47836
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: VJXK6EN95DE3SVRX
x-amz-id-2: AK7I1whpH+qjo92YWiYS0686OrMlpDGzrmuZyYw4RTZqVSTy5Fr3VRjz/Rq6PBA9ss8KEg2qHNI=
last-modified: Thu, 25 Mar 2021 15:40:08 GMT
server: cloudflare
etag: W/"a37514ff49f618d03aee98c0e038c959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9PEw1nWygdcWscvsoUZa4qRsEvpXfRvOHYehFlgRSzQsEDf3pgSXbTCvFEe0FAVw0dYhZqML4xF4c31whn6LtvsRXhQfnRyMX9373qAkJtLrCK5U9N%2B7Hwn%2FaSOSOg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: kYQhh0eyoOz2DLZlZpxJiPFj8oi5CryZ
cf-request-id: 0960b409e900004ab6da00e000000001
cf-ray: 63e155efdd3b4ab6-FRA
cf-bgj: minify

GET
H2 200 wrapper.0e8f04725153ed87383e.js Show response
gadget.pico.tools/ 36 KB
8 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/wrapper.0e8f04725153ed87383e.js
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/load/build.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3ae907f95114f07e77a7b04bda0a4db89bead93fbded29c96ae1816a744736

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=36708
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JGNFHZBCFBME1Q8R
x-amz-id-2: 6Sa5h3LxAkjkxxR4uRMhKPnDcJcbljFT5waqa3xkph4GUvSGX3SUAmvBRbMMg4AMUMvATxp1rwQ=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"9a45edd6c0f88a3c9aea8cd963e7e305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IfE9BdF8YtwlLiRU8Gq7TWgPk9owIoO5RK9qpdbA9bRZ5xjobhriBZmCx3MT%2FnNnSESTm0N3PNNwsPH4H%2FT4smZtg0g1fJt2LGvBpDktpq6Q3A2RreXNrmgNqiOuFQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 893BFRmv9IqsWyRziIEm4i5gvcUIBAfa
cf-request-id: 0960b409e900004ab6c11b3000000001
cf-ray: 63e155efdd3d4ab6-FRA
cf-bgj: minify

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame DBFD 67 B
766 B 42ms
42ms Image
image/png 2a03:2880:f150:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1618113917340&t_start=1618113917340&t_domcontent=1618113917375&t_layout=1618113917426&t_onload=1618113917426&t_paint=1618113917426&t_creport=1618113917426&t_tti=1618113917375&lid=6949746355235572622-0

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f150:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=310950202407744&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df209ba6e9655f24%26domain%3Dwww.metrotimes.com%26origin%3Dhttps%253A%252F%252Fwww.metrotimes.com%252Ff9963ec32caa88%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=tahoma&href=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: nfI9UYoNSpNyohopYYr9YS9g9HaqW1bubNXaLej00CxR7u7hUL6ZNiRp0FdhzmpKeYopTgi1kgOT7zSXcLmxnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 11 Apr 2021 04:05:17 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 9ms
8ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 11 Apr 2021 04:05:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 rules-p-5cvC4NOeGmtNA.js Show response
rules.quantcount.com/ Frame ABBC 2 KB
1 KB 15ms
15ms Script
application/x-javascript 2600:9000:2016:de00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-5cvC4NOeGmtNA.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1f188cc2029e3681b0fca2423b30cc81d88883200558e5024be6154a0c6329

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:03:31 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2017 18:55:25 GMT
server: AmazonS3
age: 161
etag: W/"de9ad2472a0105d59ab5d8792a1a1f40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: tBEV78MxnG1Wt-Rqejhwta9FpUn7dvI3za2mFatyTC5P1G7Gz_CTIQ==

GET
H2 200 pixel;r=1903915995;rf=3;a=p-5cvC4NOeGmtNA;url=https%3A%2F%2Fe.issuu.com%2Fembed.html%3Fd%3D_mt_040721%26hideIssuuLogo%3Dtrue%26u%3Deuclidmediagroup;ref=https%3A%2F%2Fwww.metrotimes.com%2F;uht=2;fpa...
pixel.quantserve.com/ Frame ABBC 35 B
371 B 10ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1903915995;rf=3;a=p-5cvC4NOeGmtNA;url=https%3A%2F%2Fe.issuu.com%2Fembed.html%3Fd%3D_mt_040721%26hideIssuuLogo%3Dtrue%26u%3Deuclidmediagroup;ref=https%3A%2F%2Fwww.metrotimes.com%2F;uht=2;fpan=1;fpa=P0-1786216536-1618113917444;ns=1;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;d=e.issuu.com;je=0;sr=1600x1200x24;dst=1;et=1618113917444;tzo=-120;ogl=

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 index.1616775193557.html Show response
gadget.pico.tools/arbiter/ Frame A647 500 B
841 B 243ms
242ms Document
text/html 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/arbiter/index.1616775193557.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b76ac660e24481b74351762f637a45949ba983c119c295d34a514f97e57a69

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /arbiter/index.1616775193557.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-type: text/html
set-cookie: __cfduid=d97ede14ccd99f80d07db3235142845d11618113917; expires=Tue, 11-May-21 04:05:17 GMT; path=/; domain=.pico.tools; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: +7NGmKM0RgCdshEVvlGT/JSt+fC96/8+kVHFi4zPVbk91lCWsoI8y5i8vgeXyGkXFk/mNdSJWAA=
x-amz-request-id: TQE64CGFJ2WQZMD4
cache-control: max-age=2592000
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
x-amz-version-id: gG0nSLhtbaF_uBpnbHmBimil6VtrtAp_
cf-cache-status: DYNAMIC
cf-request-id: 0960b40a5f00004ab680aec000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TJGLS4YUJymFGSCy40B9Vcll8Lhys2LB6h24h1E22A%2Fvy36kkYG9aT1Gto%2BYECPgdx8GqdSJ2E9eglhQDknv9WIa%2FISjUqwtzLQISrvKhMvNrw%2FwZXAYpFTMIOh1Gg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63e155f09e2e4ab6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK button.84602d1d1d7dcc0d1c7520f9f1559833.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.84602d1d1d7dcc0d1c7520f9f1559833.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 0224b1ee7c624b2ee170b0325b8ad8e9c7e5459a83c32ef1f3b5e73549723a01

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Apr 2021 23:22:17 GMT
Server: ECS (frb/67F2)
Age: 183354
Etag: "37e3d50877a4cab058a588d9fa0a0c61+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2293

GET
H2 200 page-75fae2385caeaae323383d6ac821890f.css
d2e5we1j08b82a.cloudfront.net/assets/ Frame 7B6C 326 KB
48 KB 66ms
15ms Stylesheet
text/css 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/btn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

780905ac863ac271412b2dbf1a68c56d5f8a7200c8673d7733e25a2e4194ea4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 20:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 25553
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains
content-length: 48509
cf-request-id: 095f2e1efe000040a18911a000000001
x-content-digest: fdff8b6f1fa98c9b26cf0945ab6cd09592d7109b
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VTBUma%2FPU7sYdmGNXH0Xy32ciVGYTbBOobss52xI6lZ3QRIvBblpQxnbxXHgfL14A7dqGtQ4Dc9GQd1xMZMBp0DObIHk3FNHziwja30T6gPUXmmN"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
via: 1.1 vegur, 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63dee6119bea40a1-LHR
x-amz-cf-id: CpdLfwM1DXfjTBNYsNbywSPNvPpnfdEOrVNSwpfPUjQF_5QVzfQArw==
x-rack-cache: fresh

GET
H2 200 page-2f7c28c55df4a9df601e2b9665fcb128.css
d2e5we1j08b82a.cloudfront.net/assets/nonprofits/btn/ Frame 7B6C 3 KB
1 KB 79ms
28ms Stylesheet
text/css 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/nonprofits/btn/page-2f7c28c55df4a9df601e2b9665fcb128.css

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/btn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5650c77caa911f5647e0950bcd5e01e5e081dbee902c324fce263b7f53b84339

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id: 095a38c47a00005470cf0cd000000001
via: 1.1 vegur, 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 26348
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
content-length: 475
x-content-digest: 26aa5bfe2fda0f79d3f90a0ec224772c7ba3fbf4
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sat, 10 Apr 2021 20:46:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zC43fPkuIVGyg081Si%2BvtY1jb%2BZyHx%2FJVVrqVS13ei8Eka6UqWf8vZeGy3UZLYAefrTbPngEuotu3U8F9Hk9hFU0adsSqx%2FZy5qAtUQzBkgZTjIt"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=86400, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63d6f71a5c295470-LHR
x-amz-cf-id: hPZiVrhCozM9H6H9HJc0s_KghFbrM0r44B-Oj_He00-OWCjryBX4lQ==
x-rack-cache: miss, store

GET
H2 200 page.js Show response
us.commitchange.com/client/js/nonprofits/btn/ Frame 7B6C 304 KB
72 KB 29ms
28ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/client/js/nonprofits/btn/page.js?v=145

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/btn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb6bf625da74679162523872665fdd4e95ebd7f067929e36dbe41e334636d499

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/nonprofits/5487/btn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47675
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b40a7500002bf23f3b0000000001
x-content-digest: 73ad8a9fd0b7ba83a3a39a69306b64c5c2c0501d
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yR6EIRETeT6ysQMfKUXWJO88f4UlCKtA71HepEW%2FJVivYtkVHiymAn6Dj3JrCZ0%2FgVS7z4k583xciPC7tRqrzkMrw%2FwHjfqJTwKOw3mkzR4UlHE7YwxHaEsIpKLR%2FOc2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155f0b9b42bf2-FRA
x-rack-cache: fresh

GET
H/1.1 200
OK tweet_button.e16c6ecf9d86005b77fc7c17beced5d8.en.html Show response
platform.twitter.com/widgets/ Frame 093E 32 KB
12 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.e16c6ecf9d86005b77fc7c17beced5d8.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 89f7685698d5d08607f42378368dae63e8b808c5eec563cde372017c560dd466

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.metrotimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 183354
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 11 Apr 2021 04:05:17 GMT
Etag: "c5f982b41865557ebf72cbc4281b4559+gzip"
Last-Modified: Mon, 05 Apr 2021 23:22:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12210

GET
H2 200 page-75fae2385caeaae323383d6ac821890f.css
d2e5we1j08b82a.cloudfront.net/assets/ Frame 7415 326 KB
48 KB 49ms
29ms Stylesheet
text/css 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

780905ac863ac271412b2dbf1a68c56d5f8a7200c8673d7733e25a2e4194ea4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id: 09499483f3000053e07e0aa000000001
via: 1.1 vegur, 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25553
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
content-length: 48509
x-content-digest: fdff8b6f1fa98c9b26cf0945ab6cd09592d7109b
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sun, 11 Apr 2021 01:16:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FIDOMSHXWtSCPCHKKgvl%2FPnfDWhQiJGmedTNaLPxOdJiy0PDieI9B32vf4beWh65eRPQbqFjV3uwAlMo61uIl4rMNdFRWviyv5F%2BFqRSF6%2F2r0uC"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=86400, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63bc56b31bda53e0-LHR
x-amz-cf-id: 9C2NUAV_uATuALlgCrIzF8yQAyVChTy_qVCDiGElnAd6h2DatSa8Vw==
x-rack-cache: fresh

GET
H2 200 page-5498cbdea10e117ad6140501109afc4f.css
d2e5we1j08b82a.cloudfront.net/assets/nonprofits/donate/ Frame 7415 3 KB
2 KB 48ms
29ms Stylesheet
text/css 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/nonprofits/donate/page-5498cbdea10e117ad6140501109afc4f.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1fb8184804805ddfbc5dbfc8ffcf9f6a8e3f161a9e3f55468163bf13fa1b1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id: 0959ce3a20000040d8debc4000000001
via: 1.1 vegur, 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33680
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
content-length: 1124
x-content-digest: baeeaaa6c9d8374bc322b9394c5597a5c8537379
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sat, 10 Apr 2021 18:43:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IVsoCLWdQ7Hj03pMTyLuD2meT7W4imj86gedz911WFRzsOymfCfsjXlMuArwmL6LyJNbtjT38JVMoj5iP17giANGuUd6qf1YL%2BAodZ0CJT5jKoeq"}]}
content-type: text/css
cache-control: public, max-age=86400, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63d64ca36ff340d8-LHR
x-amz-cf-id: 80pbu0HqDjQQA52miTeFo_jT9A-XYX_AeoR37JMFL6pd_n_FPYPY6w==
x-rack-cache: fresh

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ Frame 7415 884 B
1003 B 38ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b8e88d8a01107425c46ecab9b37059edf74fa766e001f0a13543ad38cf0c82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Sun, 11 Apr 2021 04:05:17 GMT

GET
H2

200

polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 7415
Redirect Chain

https://cdn.polyfill.io/v1/polyfill.min.js
https://cdn.polyfill.io/v2/polyfill.min.js

222 B
580 B

7ms
6ms

Script
text/javascript

2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 5703761
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 05:28:20 GMT
date: Sun, 11 Apr 2021 04:05:17 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: /v2/polyfill.min.js
date: Sun, 11 Apr 2021 04:05:17 GMT
deprecation-notice: API version 1 has been decommissioned - see the body of this response for more information.
server-timing: HIT-SYNTH, fastly;desc="Edge time";dur=0
accept-ranges: bytes
content-length: 372
retry-after: 0

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 7415 221 KB
53 KB 42ms
9ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

289c4192a734479377e0d05781ab4337712ec0e7f10c614653d8130dc26184d3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 92
via: 1.1 varnish
x-cache: HIT
content-length: 53341
x-amz-id-2: 9enV2dA+CuLKyT7zAAx+E7gzoh4v63o0WAG0hYbDkY1g9+8f44k6SydJkAIIMHiGHjNE/WWyswQ=
x-served-by: cache-hhn4035-HHN
timing-allow-origin: *
last-modified: Thu, 08 Apr 2021 23:22:56 GMT
server: AmazonS3
etag: "dfadc844b08420a5e54fe313c3fed4fa"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: SA0XDHH7J63S2GT5
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 11

GET
H2 200 page.js Show response
us.commitchange.com/client/js/ Frame 7415 664 KB
154 KB 49ms
47ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/client/js/page.js?v=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634c0dd94c32f079ff2c30cbe7292dd1ce8bece634723cab4fabb0f1d36d1d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60712
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b40a9700002bf24b18c000000001
x-content-digest: 5bb453299201f9a0d394ffb3173eab113964f06f
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fSJ13P2I9QSjySeJVv1ntjDlom8NyeiqBHuJs%2BRW4ms7tgLOMy6jDaGRMO%2BYegTQby%2FOgkzVY4xl7l0UpEGxIiHDyQpzfoHyFFUcFI63jUzgkBjNMiEDXut2bSthJN6D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155f0f9e42bf2-FRA
x-rack-cache: fresh

GET
H2 200 i18n.js Show response
us.commitchange.com/client/js/ Frame 7415 31 KB
10 KB 21ms
19ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/client/js/i18n.js?v=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f160a1586a50b7867d2e2c86b0f459139280d68c55b70c7f0b4f93d61ab50611

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 60712
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b40a9700002bf2a4087000000001
x-content-digest: 5018e69067b13f98bc329112f22dad14684e76a9
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xn2QbHbgPqlzRtkvYATD3afZjBD8mcG1itqsS1R73PWbsF5argIDxhIg4f7WOEK9sVOfaLza8WVIAPVToLthYH5kj27QdWcduyatOdkf2CAiNOK0OJzYII3CzL7dZRD1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155f0f9e52bf2-FRA
x-rack-cache: fresh

GET
H2 200 page.js Show response
us.commitchange.com/client/js/nonprofits/donate/ Frame 7415 698 KB
191 KB 42ms
40ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/client/js/nonprofits/donate/page.js?v=145

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2457a792e7ce0c226930f4c74b8c4f4beaea1895536fcc4ed388cd0f8fcd3188

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 62395
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b40a9800002bf2c2b6a000000001
x-content-digest: 20e3135b2035b800d6f4c0516ab9ce8bb33e677e
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YXmmliSN0uWts0dm7ETkJl03Q3WPqq4nDqaAQ9BgVhzzutUhO88gatCIc66ANQUpfTSx%2F4JQ0Cizp7uqqPE2NB8pC%2BQyTqdXWEl1wtHwhHIUC5y%2F5wdqpZCu0mcodVAQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155f0f9e62bf2-FRA
x-rack-cache: fresh

GET
DATA 200
OK truncated
/ Frame 093E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 page-75fae2385caeaae323383d6ac821890f.css
d2e5we1j08b82a.cloudfront.net/assets/ Frame 980C 326 KB
48 KB 24ms
23ms Stylesheet
text/css 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/btn?fixed=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

780905ac863ac271412b2dbf1a68c56d5f8a7200c8673d7733e25a2e4194ea4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id: 09499483f3000053e07e0aa000000001
via: 1.1 vegur, 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25553
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
content-length: 48509
x-content-digest: fdff8b6f1fa98c9b26cf0945ab6cd09592d7109b
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sun, 11 Apr 2021 01:16:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FIDOMSHXWtSCPCHKKgvl%2FPnfDWhQiJGmedTNaLPxOdJiy0PDieI9B32vf4beWh65eRPQbqFjV3uwAlMo61uIl4rMNdFRWviyv5F%2BFqRSF6%2F2r0uC"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=86400, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63bc56b31bda53e0-LHR
x-amz-cf-id: C8KAgkHG5zfv5MEeiH3V0GfMM2zufbCKBGXi8uPyN_DOmzVJPdK84Q==
x-rack-cache: fresh

GET
H2 200 page-2f7c28c55df4a9df601e2b9665fcb128.css
d2e5we1j08b82a.cloudfront.net/assets/nonprofits/btn/ Frame 980C 3 KB
1 KB 28ms
28ms Stylesheet
text/css 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/nonprofits/btn/page-2f7c28c55df4a9df601e2b9665fcb128.css

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/btn?fixed=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5650c77caa911f5647e0950bcd5e01e5e081dbee902c324fce263b7f53b84339

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id: 095a38c47a00005470cf0cd000000001
via: 1.1 vegur, 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 26348
x-cache: Hit from cloudfront
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
content-length: 475
x-content-digest: 26aa5bfe2fda0f79d3f90a0ec224772c7ba3fbf4
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sat, 10 Apr 2021 20:46:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zC43fPkuIVGyg081Si%2BvtY1jb%2BZyHx%2FJVVrqVS13ei8Eka6UqWf8vZeGy3UZLYAefrTbPngEuotu3U8F9Hk9hFU0adsSqx%2FZy5qAtUQzBkgZTjIt"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=86400, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63d6f71a5c295470-LHR
x-amz-cf-id: WLtbARx-BPW1d2e0ios7NEXRtko2Gn5c3Z2HvxQASSL5N701X-dAUA==
x-rack-cache: miss, store

GET
H2 200 page.js Show response
us.commitchange.com/client/js/nonprofits/btn/ Frame 980C 304 KB
72 KB 48ms
48ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us.commitchange.com/client/js/nonprofits/btn/page.js?v=145

Requested by

Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/btn?fixed=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb6bf625da74679162523872665fdd4e95ebd7f067929e36dbe41e334636d499

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/nonprofits/5487/btn?fixed=t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47675
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b40ab800002bf23c95c000000001
x-content-digest: 73ad8a9fd0b7ba83a3a39a69306b64c5c2c0501d
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gVtrC7a2PiL4tehIzwMCGXKjZoF%2F9Q1KSzxyvIult6%2BR%2FunBWfukZ9oLjR4FD8bTRCXCo%2FE2c%2FfR4cknvOJUKWi4%2B7QfKjet7zxSnAh8hV%2BMUqRNYEooes8xEPJxHjmi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155f12a322bf2-FRA
x-rack-cache: fresh

GET
H2 200 opensans-bold-webfont-919ad83990b74bf9f69bf241169b8e5f.woff
d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/ Frame 7B6C 25 KB
26 KB 43ms
15ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/opensans-bold-webfont-919ad83990b74bf9f69bf241169b8e5f.woff

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b0ba8ac2888f7d915560aaf97cf1087545240c039e7bbe7ad98aedebb4e2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 20:59:25 GMT
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
age: 25552
x-cache: Hit from cloudfront
access-control-allow-methods: GET
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-request-id: 095f2e223a00002d130e3ef000000001
x-content-digest: 521e6ba8d69df2d8e299f5845e50f4f1f338da8d
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AkChz5eQoVqdLRNQR8Qw8kj4M4MrcZiPOX5JprjAveLCkWr0kR1B%2F3f1Eylk9wzHp0pUNnOivHP2rH8HX3TklsKrMyiIIaIY2YmAJFjrdNa%2Bvjga"}],"group":"cf-nel"}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
cf-ray: 63dee616ce642d13-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: ZFA14Wz93qjIOyW7U66NeFMUU7Dw1r3elXk7cV_W1FKG-MNX9W42Jw==
x-rack-cache: fresh

GET
H2 200 opensans-regular-webfont-1dbd8d5f0b8caafe319a627b4e7225cf.woff
d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/ Frame 7B6C 24 KB
25 KB 36ms
26ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/opensans-regular-webfont-1dbd8d5f0b8caafe319a627b4e7225cf.woff

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704853ae58ea060d04030888f1b5fb3c8f1912e9e1eb28d047c8b69e1450953c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 20:59:25 GMT
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 25552
x-cache: Hit from cloudfront
access-control-allow-methods: GET
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
cf-request-id: 095f2e221c000040a164130000000001
x-content-digest: f1eebc40f21d4faf09fca84dab27691ab3eec990
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vm4bbjmar3OX02pKZFsx6g0rpwtRbnWizm%2BuhnCDyXLUFaSUP3fhmX3qZvMXCKkAOrR%2BEPIpKpd7TqeIh6aiXm5fp1skDsEy5avQ9jRj%2FTbJX7Iw"}],"max_age":604800,"group":"cf-nel"}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
cf-ray: 63dee6169fff40a1-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: RKgUmPExIktiylp-7gFQqG-8rFt8hO4x-ap0-LHGQZy4ROCmjvHfcw==
x-rack-cache: miss, store

GET
H2 200 opensans-bold-webfont-919ad83990b74bf9f69bf241169b8e5f.woff
d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/ Frame 980C 25 KB
26 KB 14ms
14ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/opensans-bold-webfont-919ad83990b74bf9f69bf241169b8e5f.woff

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b0ba8ac2888f7d915560aaf97cf1087545240c039e7bbe7ad98aedebb4e2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25552
x-cache: Hit from cloudfront
access-control-max-age: 3628800
access-control-allow-methods: GET
content-length: 25481
cf-request-id: 0949709744000007227ca95000000001
access-control-allow-origin: *
x-content-digest: 521e6ba8d69df2d8e299f5845e50f4f1f338da8d
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sun, 11 Apr 2021 01:58:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=17iY24UQ7oLCOZcKTSgCq5lPggJlSZOEy87jKjYcF%2B4I1Buszi7usxy%2FQgFmPdgbklKsPTdAsByxO7tXKuzE%2BufM6SgzPaZnXRYqHDsDrm33PTyY"}],"max_age":604800,"group":"cf-nel"}
content-type: application/font-woff
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63bc1d386b2b0722-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: m-bpHU3Zt5wMKvNCHnHz-34p1VRaiGPtXmIOAy1oiF2XJkY-pygLDQ==
x-rack-cache: fresh

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ Frame 7415 333 KB
130 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c650e4060b014920f3496b56f6fc1ba0ea77ea1bfd25e4d172e5d265879d552a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://us.commitchange.com
Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 16:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42052
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132831
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 16:24:25 GMT

GET
H2 200 controller-22f002eb280b64f732fda40420e2915a.html Show response
js.stripe.com/v3/ Frame F3C8 299 B
357 B 7ms
7ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

44551d5533bfb798d32df83a8cba77b33e327124b73d30e6fd65077a0f8dc7fb

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-22f002eb280b64f732fda40420e2915a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://us.commitchange.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.commitchange.com/

Response headers

x-amz-id-2: drVlUs8uMjPZpyCy2FRwhvMb8Yn479yhDgh0zNEm0TwtmzMKNCJsnYyUGKt27OU4DHJnzr8gpLE=
x-amz-request-id: BQSD32C0A1B1JARY
last-modified: Thu, 08 Apr 2021 23:04:04 GMT
etag: "22f002eb280b64f732fda40420e2915a"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 varnish
age: 37
x-served-by: cache-hhn4035-HHN
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 159

GET
H2 200 css Show response
fonts.googleapis.com/ Frame 7415 8 KB
1 KB 33ms
14ms XHR
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 03:59:56 GMT
server: ESF
date: Sun, 11 Apr 2021 04:05:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Apr 2021 04:05:17 GMT

GET
H2 200 close.svg
us.commitchange.com/assets/ui_components/ Frame 7415 1 KB
1 KB 15ms
14ms Image
image/svg+xml 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.commitchange.com/assets/ui_components/close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc68e21dc2904429f9527c3ca0accef4cb1d595fae7e6bb6dfee9861f82af1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 74926
access-control-allow-methods: GET
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0960b40bb600002bf2a4094000000001
x-content-digest: f13ac9e88e849944276f5f9d968cac70113ccf4d
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3628800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1LbMta7Nk3jDedWxee%2B6IjKXPHrFqv%2Fkt0vaevbhfEMZM0PdcTq4JdD%2BLVaJH4qyZXIOlH00l1cl3vjBAUvv0NGUds3RtL330j3SPV4tOtsAR2pUFBV9QRB4VefXBr%2F0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 63e155f2bbca2bf2-FRA
access-control-allow-headers: x-requested-with
x-rack-cache: miss, store

GET
H/1.1 200
OK normal_metro-square1.jpg
commitchange.s3.amazonaws.com/uploads/npo/logo/5487/ Frame 7415 2 KB
2 KB 674ms
173ms Image
image/jpeg 52.219.116.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://commitchange.s3.amazonaws.com/uploads/npo/logo/5487/normal_metro-square1.jpg
Requested by: Host: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.35 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cf585d3ef2d31bb7f5d58b8706855be0c9d4bf392c62fe7018f8a96e098b6bd2

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:19 GMT
Last-Modified: Mon, 16 Mar 2020 17:54:12 GMT
Server: AmazonS3
x-amz-request-id: SPR86DQEYZWE7GD3
ETag: "711f3c42337174d01d0ebee56fc61edf"
Content-Type: image/jpeg
x-amz-version-id: b.Tn3bUInpqPo7y4axwRb4h2KVbN2u8x
Accept-Ranges: bytes
Content-Length: 2074
x-amz-id-2: AODw+N1sJKNUqYCiZPu2Uz7JcaHLCbIz5GcH5v7J7e34U3Z9+lk2L/Wm8OFd1Va5req805E7bFU=

GET
H2 200 m-outer-0cba8a995d163797499ab006bbb6b889.html Show response
js.stripe.com/v3/ Frame EF85 215 B
491 B 8ms
8ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://us.commitchange.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.commitchange.com/

Response headers

x-amz-id-2: +bgLMgwyiJm0+mUdohDL9Fsw6S2SiIzVxugUUDEYVB3MagR2B/VrdVCSYtzqWl8cY0j2R48bykg=
x-amz-request-id: 3SCTE2G18P0BYFVX
last-modified: Tue, 09 Mar 2021 20:21:15 GMT
etag: "0cba8a995d163797499ab006bbb6b889"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Sun, 11 Apr 2021 04:05:17 GMT
via: 1.1 varnish
age: 46
x-served-by: cache-hhn4035-HHN
x-cache: HIT
x-cache-hits: 20
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 129

GET
H2 200 opensans-regular-webfont-1dbd8d5f0b8caafe319a627b4e7225cf.woff
d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/ Frame 7415 24 KB
25 KB 28ms
27ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/opensans-regular-webfont-1dbd8d5f0b8caafe319a627b4e7225cf.woff

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704853ae58ea060d04030888f1b5fb3c8f1912e9e1eb28d047c8b69e1450953c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-C1
x-cache: Hit from cloudfront
access-control-max-age: 3628800
access-control-allow-methods: GET
content-length: 24667
cf-request-id: 094b48087100004251fc21e000000001
access-control-allow-origin: *
x-content-digest: f1eebc40f21d4faf09fca84dab27691ab3eec990
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sun, 11 Apr 2021 04:05:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4zQtEnhlowTdvmfPHnJaJ%2BzmXo1j994cE2ioKbpryzywmuKfSFm0D4If1ONf8Qe%2FVgjq%2Bj%2BiP0tmaZRTxXTJDityb4DED6rlEI%2BWovjZzDWUhdeq"}],"max_age":604800}
content-type: application/font-woff
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 63bf0f8718e44251-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: Z5LINaaU0bxJt8ORC80mwpYszij3CYeEk3tjcgjsOQLJMh3bkflhsw==
x-rack-cache: fresh

GET
H2 200 fontawesome-webfont.woff
d2e5we1j08b82a.cloudfront.net/assets/FontAwesome/ Frame 7415 82 KB
83 KB 15ms
15ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/FontAwesome/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 84986
x-cache: Hit from cloudfront
access-control-max-age: 3628800
access-control-allow-methods: GET
content-length: 83845
cf-request-id: 095335be58000040b3909e1000000001
access-control-allow-origin: *
x-content-digest: e599501ed952214484b0261e8c6b7da5906bba30
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sat, 10 Apr 2021 04:28:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zO4AmxXxxHmf%2BPZkyX%2FuPZu%2FRp%2FC0p21gSKDwcWP%2BIMc0ZtPQDFmqBLFAC9yYxtcB14WIipGBtPNVe14W3RooB6AqHENt8dHdXUjUuDUG4RqvGFe"}],"max_age":604800,"group":"cf-nel"}
content-type: application/font-woff
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63cbbf108f8440b3-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: faSoF_LBQzI-wCWl48lhJQscJZOuXes8wraTmGA5qDXDGFxymN6tOw==
x-rack-cache: fresh

GET
H2 200 opensans-bold-webfont-919ad83990b74bf9f69bf241169b8e5f.woff
d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/ Frame 7415 25 KB
26 KB 15ms
14ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/opensans-bold-webfont-919ad83990b74bf9f69bf241169b8e5f.woff

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b0ba8ac2888f7d915560aaf97cf1087545240c039e7bbe7ad98aedebb4e2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25552
x-cache: Hit from cloudfront
access-control-max-age: 3628800
access-control-allow-methods: GET
content-length: 25481
cf-request-id: 0949709744000007227ca95000000001
access-control-allow-origin: *
x-content-digest: 521e6ba8d69df2d8e299f5845e50f4f1f338da8d
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sun, 11 Apr 2021 01:58:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=17iY24UQ7oLCOZcKTSgCq5lPggJlSZOEy87jKjYcF%2B4I1Buszi7usxy%2FQgFmPdgbklKsPTdAsByxO7tXKuzE%2BufM6SgzPaZnXRYqHDsDrm33PTyY"}],"max_age":604800,"group":"cf-nel"}
content-type: application/font-woff
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63bc1d386b2b0722-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: 2Rca8dCxzpG3WHALs2F1o96Q3te4CTWzTc9NVMcCGjurTeWVM1R_EQ==
x-rack-cache: fresh

GET
H2 200 opensans-light-webfont-d8ef98400cc7a0519bb4f781f4b3242a.woff
d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/ Frame 7415 24 KB
24 KB 30ms
30ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/opensans-light-webfont-d8ef98400cc7a0519bb4f781f4b3242a.woff

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be1766b58276dda7b342922f8a71939e76eb00353fb0f044b1a76694d4583dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 25069
x-cache: Hit from cloudfront
access-control-max-age: 3628800
access-control-allow-methods: GET
content-length: 24034
cf-request-id: 095a676f7d00004065082c2000000001
access-control-allow-origin: *
x-content-digest: d93c67b3b5e48759f81e110dda330acf82b25c51
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sat, 10 Apr 2021 21:09:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hsgrjC5evvf6N4u9WmCkoJiEt7IhsJLTfQpikgy0B5h%2FN9k5U3aOCisPCgdqZExWgjNfurhWtopt6VHppqO42ReyZ8Rj9Q0yVbl4NgocyAWZmcb7"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 63d741c59fe54065-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: Wx-_ogA91SQFhdUMu2tH28NKIyH3ItKmtcnTh6ROKehc8mxdK6O8rQ==
x-rack-cache: miss, store

GET
H2 200 opensans-regular-webfont-1dbd8d5f0b8caafe319a627b4e7225cf.woff
d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/ Frame 980C 24 KB
25 KB 14ms
14ms Font
application/font-woff 2600:9000:2104:5c00:0:6fdd:6480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2e5we1j08b82a.cloudfront.net/assets/Open_Sans/opensans-regular-webfont-1dbd8d5f0b8caafe319a627b4e7225cf.woff

Requested by

Host: d2e5we1j08b82a.cloudfront.net
URL: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:5c00:0:6fdd:6480:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704853ae58ea060d04030888f1b5fb3c8f1912e9e1eb28d047c8b69e1450953c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://us.commitchange.com
Referer: https://d2e5we1j08b82a.cloudfront.net/assets/page-75fae2385caeaae323383d6ac821890f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-C1
x-cache: Hit from cloudfront
access-control-max-age: 3628800
access-control-allow-methods: GET
content-length: 24667
cf-request-id: 094b48087100004251fc21e000000001
access-control-allow-origin: *
x-content-digest: f1eebc40f21d4faf09fca84dab27691ab3eec990
last-modified: Sat, 27 Mar 2021 21:17:22 GMT
server: cloudflare
date: Sun, 11 Apr 2021 04:05:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4zQtEnhlowTdvmfPHnJaJ%2BzmXo1j994cE2ioKbpryzywmuKfSFm0D4If1ONf8Qe%2FVgjq%2Bj%2BiP0tmaZRTxXTJDityb4DED6rlEI%2BWovjZzDWUhdeq"}],"max_age":604800}
content-type: application/font-woff
via: 1.1 vegur, 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 63bf0f8718e44251-LHR
access-control-allow-headers: x-requested-with
x-amz-cf-id: bLe7H5gwjn4WKJci1pnfe5bLRurOBkQOnC3JgZvhNJ6VvulVpuqywg==
x-rack-cache: fresh

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
384 B 126ms
126ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3Anull%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1618113917933%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221ead0c7%3A1617660954974%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Sun, 11 Apr 2021 04:05:18 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bc721b83a5befe25fb5322326d81da4e
x-transaction: 0068f06800a1b753
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

polyfill.min.js
cdn.polyfill.io/v2/ Frame 7415
Redirect Chain

https://cdn.polyfill.io/v1/polyfill.min.js
https://cdn.polyfill.io/v2/polyfill.min.js

222 B
192 B

6ms
6ms

Other
text/javascript

2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 5703761
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Feb 2021 05:28:20 GMT
date: Sun, 11 Apr 2021 04:05:18 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

location: /v2/polyfill.min.js
date: Sun, 11 Apr 2021 04:05:17 GMT
deprecation-notice: API version 1 has been decommissioned - see the body of this response for more information.
server-timing: HIT-SYNTH, fastly;desc="Edge time";dur=0
accept-ranges: bytes
content-length: 372
retry-after: 0

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
271 B 299ms
102ms Script
text/javascript 184.73.71.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=26668640&prismid=82db9bf9-074d-4df6-9c4b-7ce3c89e3cda&url=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.71.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-71-44.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
server: Apache/2.4.46 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 69AD 19 KB
11 KB 28ms
27ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r&co=aHR0cHM6Ly91cy5jb21taXRjaGFuZ2UuY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=invisible&cb=42i7uxvjmp1p

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d17c742fafb2251c09b0a4807d00e0f1f12da2b7b0bcbf546bd931c48998c021

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Man/h3QDtortaWlkCYGhJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r&co=aHR0cHM6Ly91cy5jb21taXRjaGFuZ2UuY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=invisible&cb=42i7uxvjmp1p
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://us.commitchange.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://us.commitchange.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Apr 2021 04:05:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-Man/h3QDtortaWlkCYGhJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10445
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ Frame 94F3 82 KB
29 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://photos.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 14:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47819
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Apr 2022 14:48:19 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ Frame 94F3 235 KB
63 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://photos.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 21:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23352
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Apr 2022 21:36:06 GMT

GET
H2 200 jquery.thumbnailScroller.js Show response
photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/js/ Frame 94F3 6 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/js/jquery.thumbnailScroller.js
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf01eca5e7392e4b6438d6d55f859532d9466c70c22e6dbae67dec7cbd9e5a4

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1747116
cf-polished: origSize=7954
cf-bgj: minify
cf-request-id: 0960b40c86000053699c9fa000000001
last-modified: Fri, 23 Sep 2016 16:37:10 GMT
server: cloudflare
etag: W/"1f12-53d2f63c27980-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lgp7DOn2onVOWhJGoSuIVqAnJvxL7nI92cGxOYdrFfnclUYbJkeidz1kVXbo9JgKKcoBpy6BOSFnMO4T1Ib5iwtvqS29oXwE%2FIArS4w4XsR0c3Moyv8hYxAH0tzoRT%2F9kok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 63e155f40f845369-FRA
expires: Tue, 20 Apr 2021 22:46:42 GMT

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js Show response
gadget.pico.tools/ Frame A647 181 KB
54 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/arbiter/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57c1173c9e6e35bbd38667aced791f010536505c46fb05ce128b8e8bdf3dee

Request headers

Referer: https://gadget.pico.tools/arbiter/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=185362
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC1PNES5N6EBBVS
x-amz-id-2: YOOIDJERXJ1gXP1b0efPk7ZgY1M1GZzsQ1wcp/JqrGOpZQVTIuthutVxA6JKAoQRnhRYzZ1vKnc=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"b2c832eec174751dc375f949e90c456f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pg%2Bs%2FgcLY3hy%2FnkGvxxNcbBG6I3RgADCgUCwtN3ellyEFQL8Qmm0sqYmlizStv8%2FsV1iZlY1sIAebn3EvhBeLSwgjmrfzQZgDmEo9DtS1rxO6tew9QYDKlYBcWPgdw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: H.Gn9JRUrO6.cfZYzF4w6KjzkvQwRJeU
cf-request-id: 0960b40c8700004ab6b3829000000001
cf-ray: 63e155f40a544ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js Show response
gadget.pico.tools/ Frame A647 750 KB
175 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/arbiter/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfcce2eb34573cd2674f4f9b1be763356c4c980569ea3a4e597e50649a3b4a1

Request headers

Referer: https://gadget.pico.tools/arbiter/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=767649
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC9NXPFPF57EH8T
x-amz-id-2: viBYc0vdI0uZtS9+WDmQjLvJaLHuuw3ts+FSNGi4MT0vmWsITCmTHpXju76bDHlHx98OpKb91Qw=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"622141892b01873212154a97abc2e0f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W0WeA94tzlf6D9ECZj8SVQ8pQwFe9rYksTKEaaddX%2BnMvUodiBGwLn5KmZzr0yV2FCH%2Fvmf6LMitB1Dg9ClKKTsDjRdt4Qvx84My%2Fptxd1QzUMYmLsz9pygcqoje1Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 052hiqmA1bfIwyN0cLDsgthNb2AzIEU_
cf-request-id: 0960b40c8700004ab6da030000000001
cf-ray: 63e155f40a564ab6-FRA
cf-bgj: minify

GET
H2 200 arbiter.72b5a4583ff480620a9a.js Show response
gadget.pico.tools/ Frame A647 89 KB
19 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/arbiter.72b5a4583ff480620a9a.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/arbiter/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45851a27a10e65475a900ecac16e2b83013465a38c8a377328b667073cc64fb1

Request headers

Referer: https://gadget.pico.tools/arbiter/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=90829
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC1YFZ0KWTXGAYE
x-amz-id-2: MipxBvM/AwcER4hHo7YMA8akcR6+OXziMuGdNQ19XguRxzJzEA6//KGhppYA7wvz8qSGguKj9es=
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
server: cloudflare
etag: W/"f1756809304caad3a1468c3406367ab5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=56FIaaxn0YuoHmh0O9YwLbA0KmkshsGNJziZAx%2B5G3yAx4ptjHsBL6QablZqcA6Tl3HytzGga0NmtENtlVa0PgFyE%2FQZOOjfiDlmVvs7BRLTkC6f0%2FEQtoLzm5ZUZQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: KNYjIGVfw3A.JS9Zpize7p5OmIUcOixo
cf-request-id: 0960b40c8800004ab69e0a2000000001
cf-ray: 63e155f40a574ab6-FRA
cf-bgj: minify

GET
H2 200 shared-688386271f923a2425915117098dd3fb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F3C8 121 KB
32 KB 7ms
7ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-688386271f923a2425915117098dd3fb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96ae38ff7d58d9add5e90b368cfac5eafbc6fa83b3349b744ab17a72af09d51b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
vary: Accept-Encoding
age: 42
via: 1.1 varnish
x-cache: HIT
content-length: 32311
x-amz-id-2: icWPsD5plOSlzGnDkgFTVqMbojGCbpGGSK35sdi2ZQKPkfc/3KDzHCTTSj7BId0mZrQugst3cUM=
x-served-by: cache-hhn4035-HHN
timing-allow-origin: *
last-modified: Thu, 08 Apr 2021 23:04:08 GMT
server: AmazonS3
etag: "1aae4e96f40189ae6834e88f8cc4b1e9"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: FEZZCCVFPQPJ86G3
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 4

GET
H2 200 controller-f49df78201cdba873f8e70e8dc3fc22a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F3C8 94 KB
21 KB 12ms
11ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-f49df78201cdba873f8e70e8dc3fc22a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5f557f40390d9f214dff3e4b0bb4de1ecc2136561baaa0851ba3903ad186fdc

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
vary: Accept-Encoding
age: 42
via: 1.1 varnish
x-cache: HIT
content-length: 21465
x-amz-id-2: cIHNYX6b7grJAdYIEzwyRzmVYUCRJdRpwfZHLAGH2a2q1kN1RmFaDN2IkWarZba1R5JV1GvwfOs=
x-served-by: cache-hhn4035-HHN
timing-allow-origin: *
last-modified: Thu, 08 Apr 2021 23:04:04 GMT
server: AmazonS3
etag: "082f029ba1343a7a4c3ce35285142f58"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: FEZS85N0R23VANBN
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3

GET
H2 200 m-outer-a7fed991536d116dae496abb616e06f8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EF85 1 KB
2 KB 13ms
13ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
via: 1.1 varnish
vary: Accept-Encoding
age: 42
x-cache: HIT
content-length: 1438
x-amz-id-2: m6kvxYvhpaK9ZS326s83K7Sa0cT5wpc+akBnAPZ4ApuOVZQf+PEPB/68cWRfbo82lZ0uYwyN0hY=
x-served-by: cache-hhn4035-HHN
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 20:21:16 GMT
server: AmazonS3
etag: "356a16407e7a019ffdf35f454b7438a9"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: JE7YKP8RJMFGP3PJ
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 15

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 518B 33 KB
12 KB 8ms
7ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
etag: W/"5fca8b5d-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 11 Apr 2021 04:05:18 GMT
age: 279
x-served-by: cache-sea4443-SEA, cache-hhn4035-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 141
x-timer: S1618113918.114432,VS0,VE0
vary: Accept-Encoding
content-length: 12226

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
286 B 497ms
164ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.controller.load&event_count=1&timestamp=1618113918126&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 467ms
167ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1618113918160&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 465ms
166ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.elements&event_count=3&timestamp=1618113918160&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406&options-fonts=%5Bobject+Object%5D&options-betas=

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 465ms
166ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=4&timestamp=1618113918161&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 465ms
167ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.font.loaded&event_count=5&timestamp=1618113918161&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406&load_time=142&font_count=28&css_src=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DOpen%2BSans%3A400%2C600%2C700%2C300

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 464ms
167ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.update_css_fonts&event_count=6&timestamp=1618113918162&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-22f002eb280b64f732fda40420e2915a.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 prevArrow.png
photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/ Frame 94F3 140 B
574 B 14ms
14ms Image
image/png 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/prevArrow.png
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2f1e7e082d75ba1a052dabfe84dc16b855c1a1afe0a67857b91261cbf4099f

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4478431
cf-polished: origSize=287, status=vary_header_present
content-length: 140
cf-request-id: 0960b40ce20000536979367000000001
last-modified: Fri, 23 Sep 2016 16:37:10 GMT
server: cloudflare
etag: "11f-53d2f63c27980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CLg5SI5FRNrBrdVDZuRr3KJhTJlfeGvxvgT9bzbjn9yRriIUCRZfv6pZXZrfWLdSQYheeYs3jPG2mmZCXg%2Fvs%2Bf60JQJ36Jyxlq7wZ2534%2B4cy4trstc6OxseFbscWhLFNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Fri, 18 Feb 2022 08:04:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 63e155f4983b5369-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 nextArrow.png
photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/ Frame 94F3 144 B
496 B 18ms
17ms Image
image/png 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/themes/euclid-slideshows-new/css/img/nextArrow.png
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992851e6a109ef096e17ece547dd681abfb670a12691cd141b329d4fc54935f0

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6931455
cf-polished: origSize=280
content-length: 144
cf-request-id: 0960b40ce3000053695cbc7000000001
last-modified: Fri, 23 Sep 2016 16:37:10 GMT
server: cloudflare
etag: "118-53d2f63c27980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AtIr2ou4r4ToTxmrAzeAovhbb3t9hfo3Bg9k4eRYqqCkc%2FiPKe5FMOKIa%2BmH7c%2FKecnv9cN45PdE1KGr5LhuJyeKmzWpUDqWMcIZRDChV0iIdsARlT2laOS0b29oPNFGFUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Thu, 20 Jan 2022 22:41:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 63e155f4983f5369-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Screen-Shot-2021-04-09-at-2.19.49-PM-1-150x150.jpg
photos.metrotimes.com/wp-content/uploads/2021/04/ Frame 94F3 9 KB
9 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2021/04/Screen-Shot-2021-04-09-at-2.19.49-PM-1-150x150.jpg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0d189929be726440ffa3ea6d5261a50f698f458fb224aea6bff8a55dff02e6

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 103155
cf-polished: origSize=9738, status=vary_header_present
content-length: 8828
cf-request-id: 0960b40ceb00005369a1264000000001
last-modified: Fri, 09 Apr 2021 23:07:52 GMT
server: cloudflare
etag: "260a-5bf923bc6294f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xP7RMPN40Arao8bzbFar%2BL6ePi19bByu8jZPzhdSpmo%2BqO0hpgUxN26U4iIKiOlJrYKPSqZow17xfunAkNMjk6zyxNpgNaMPA2vevXfxdz%2BK1GvX1Ct9V92fRMAjqkvTVRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 09 Apr 2022 23:26:03 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 63e155f4a8505369-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Riverview-palace-with-koi-pond-1-e1603826319599-150x150.jpg
photos.metrotimes.com/wp-content/uploads/2020/10/ Frame 94F3 9 KB
9 KB 16ms
16ms Image
image/jpeg 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2020/10/Riverview-palace-with-koi-pond-1-e1603826319599-150x150.jpg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e50590590aac4d7811a65db688b8dfa154d207fe4dc7c94df9b7f517faae47

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 112030
cf-polished: origSize=9706, status=vary_header_present
content-length: 8911
cf-request-id: 0960b40ceb0000536973985000000001
last-modified: Tue, 27 Oct 2020 19:18:39 GMT
server: cloudflare
etag: "25ea-5b2abea14cf07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M2ut8F224PC%2Fg1jyBe2J3SeFKf5wKZbALako%2BxwmTpjobpaN3hZWC6DA6QQNm%2Bw7lp9gnTVsXPjxJeKWhqVicAdJnbka145AlFOyZ42txVzY450X62s%2B0oBgCxscZLZTllM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 09 Apr 2022 20:58:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 63e155f4a8515369-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 45ironwood-highway-log-dome-cabin--150x150.jpg
photos.metrotimes.com/wp-content/uploads/2021/04/ Frame 94F3 8 KB
8 KB 15ms
15ms Image
image/jpeg 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2021/04/45ironwood-highway-log-dome-cabin--150x150.jpg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6564fc8a5fb83d8ff12067fc809c7c092a43545f4a266fda8bc5f1141a8d6ee

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 303492
cf-polished: origSize=8571, status=vary_header_present
content-length: 7865
cf-request-id: 0960b40cec0000536943256000000001
last-modified: Wed, 07 Apr 2021 14:33:36 GMT
server: cloudflare
etag: "217b-5bf62d0f0c404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cnat2E4s6W7sVCSYz2X2fRm1UyZZ6ekBLBRMcovvAlJfjwLL8si67sXcN3P5p5bBsc5W6niJYmLdjEXUi8lqBzthDDvk9NEuFixKl52mI9plZmv%2FoLTfAoaphOFZs8ksftQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 07 Apr 2022 15:47:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 63e155f4a8525369-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 La-Dolce-Vita-150x150.jpeg
photos.metrotimes.com/wp-content/uploads/2021/04/ Frame 94F3 8 KB
9 KB 22ms
22ms Image
image/jpeg 2606:4700:20::681a:78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.metrotimes.com/wp-content/uploads/2021/04/La-Dolce-Vita-150x150.jpeg
Requested by: Host: photos.metrotimes.com
URL: https://photos.metrotimes.com/thumbnail-scroller-square/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a98d2aeac444e811f992f351abd99028b0234469f3ba0d0b5c1b5bba17252bdf

Request headers

Referer: https://photos.metrotimes.com/thumbnail-scroller-square/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 140566
cf-polished: origSize=9092, status=vary_header_present
content-length: 8290
cf-request-id: 0960b40cec000053699eaf2000000001
last-modified: Thu, 01 Apr 2021 17:02:47 GMT
server: cloudflare
etag: "2384-5beec336ca166"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZC4WVo01ZT4Qj%2BqFuirQNJnpKCKHthhgxe1TTiX%2F6F5cSQsDmIf3vEVngw%2FJ5bmtDKbf%2F3O%2BpDtB%2B9tfHBTDmp5GTm1l1B%2F%2B355MBYleAdOGf1PcabXJDFUsLaeMO6QcdDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 09 Apr 2022 13:02:32 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 63e155f4a8535369-FRA
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ Frame 69AD 50 KB
25 KB 35ms
21ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r&co=aHR0cHM6Ly91cy5jb21taXRjaGFuZ2UuY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=invisible&cb=42i7uxvjmp1p

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fcb26c87712320932ea7fb2434ba2737af71b6e96dd238dbcb312e454992837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 14:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
age: 134384
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25506
x-xss-protection: 0
expires: Sat, 09 Apr 2022 14:45:34 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ Frame 69AD 333 KB
130 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c650e4060b014920f3496b56f6fc1ba0ea77ea1bfd25e4d172e5d265879d552a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 16:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42053
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132831
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 16:24:25 GMT

GET
H2 200 index.1616775193557.html Show response
gadget.pico.tools/launcher/ Frame DEDA 1 KB
1 KB 240ms
237ms Document
text/html 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/launcher/index.1616775193557.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acecb302110ba2c93e5e17b283916a92da7a30feb1f9b101a030ba54e14125b

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /launcher/index.1616775193557.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-type: text/html
set-cookie: __cfduid=dac7069ce9890ba86d0e97b2f234ee9ce1618113918; expires=Tue, 11-May-21 04:05:18 GMT; path=/; domain=.pico.tools; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: wOEGfXjTq2YjMo6xjR0A1aDH3LkhVOpF8A7rp56npfJDkrLMKKvb0DH3p3SLwuIBW7bllSI5Pas=
x-amz-request-id: SPR1YN2ZN67VHB7V
cache-control: max-age=2592000
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
x-amz-version-id: NRnkzBrxZsSXPf7RM0rbbD7vUtwHgDeY
cf-cache-status: DYNAMIC
cf-request-id: 0960b40dc500004ab699209000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NUwjrqBXmDm8bZOSFbUsh4IVtWDKSE07cV%2F0%2FZB8t5Ry8geTEuBOFNYqiIG77vAXSL4XfOCWE1TIqOnoXUbu%2BHboe9G0clw8Uy%2BfYVHuimjseppy8YxSOcZJpGRJJw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63e155f60cec4ab6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 index.1616775193557.html Show response
gadget.pico.tools/menu/ Frame 6A08 1 KB
870 B 232ms
232ms Document
text/html 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/menu/index.1616775193557.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62c09ad56c9aa55a82df55f5d3e8690f71b42b9b3389262b51bf0e7ed7d8f8fc

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /menu/index.1616775193557.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-type: text/html
set-cookie: __cfduid=dac7069ce9890ba86d0e97b2f234ee9ce1618113918; expires=Tue, 11-May-21 04:05:18 GMT; path=/; domain=.pico.tools; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: dXzs6YzKHgz/ptDek/nvNIKyiAow/P75UJecBYLhF2zu0pcIjX9PiCl/OKKIhCWbDzNoWWzO+8Q=
x-amz-request-id: SPR2DK40GWQNVZQ3
cache-control: max-age=2592000
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
x-amz-version-id: Sfmd4FZxBW4b31V6X4VWzC9Dxz.tchz4
cf-cache-status: DYNAMIC
cf-request-id: 0960b40dd800004ab6dc159000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WB58pnI958b4QRUtuYL%2FI4xrY%2BvIQyqpDzaCYkVaGnej7EfhLZ8N44PasQU4XwdQGDnck3tEaAE%2FqUawKLyTCYld5HZYz29Npiz9rWm%2F6RiMp1XpRSO66CChkZb4QQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63e155f62d164ab6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 index.1616775193557.html Show response
gadget.pico.tools/prompt/ Frame B445 1 KB
837 B 237ms
237ms Document
text/html 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/prompt/index.1616775193557.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a553b2112ba12b9a7abe295410947f8a45889fef87b04fd16b34643ec9e6f6b8

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /prompt/index.1616775193557.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-type: text/html
set-cookie: __cfduid=dac7069ce9890ba86d0e97b2f234ee9ce1618113918; expires=Tue, 11-May-21 04:05:18 GMT; path=/; domain=.pico.tools; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: blC23+Aj7JH1c5VJ8dJ6kNWSNU+HpEqlnrs+VSFA5Ni5na5xvxFp/WOtwKHYfE6euTNz0A7bgX8=
x-amz-request-id: SPR3QWEPEF0320TK
cache-control: max-age=2592000
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
x-amz-version-id: h8wLbJpAazdY4MXNzKs0jMG5Eu8s1ObF
cf-cache-status: DYNAMIC
cf-request-id: 0960b40dec00004ab6eb310000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Y965wfkSTUv%2Bh96k4zXCzbaySEei903pfCzwejU%2Bkns%2FE5gFsC25AF8yW%2FPIX%2FwWqxBXHifDVcAHuXBQ%2BxDKX5wX5Bbej6GsvAfXYlVwSXEuX2SmWSq4o5WTEF03Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63e155f64d404ab6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 index.1616775193557.html Show response
gadget.pico.tools/header/ Frame 340E 1 KB
861 B 243ms
243ms Document
text/html 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/header/index.1616775193557.html
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d7c8e9c51b464522b90331811e0a269031976409dd737de9cd4205e587f28e

Request headers

:method: GET
:authority: gadget.pico.tools
:scheme: https
:path: /header/index.1616775193557.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-type: text/html
set-cookie: __cfduid=dac7069ce9890ba86d0e97b2f234ee9ce1618113918; expires=Tue, 11-May-21 04:05:18 GMT; path=/; domain=.pico.tools; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: iWJOeDKqDLd7z/0URt95BIxvNgiDDDfqwkLRbewFaQdAdlE4T7VvdN/Wuf8qg+H0+P162F6zLxc=
x-amz-request-id: SPRETX30G53VEEY1
cache-control: max-age=2592000
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
x-amz-version-id: gkq6bpjWttEUSw_5_39_FVdix6j9KG7h
cf-cache-status: DYNAMIC
cf-request-id: 0960b40dff00004ab6ce2f6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FSqN63QTB%2FEXpFuMiN9XsEk6naaPIXUjlVpkgkMZj%2BajvuMUE07zTunxJD3CVKvxo059I3QQ0aLreAddsM6Z6L2kBBMLffshtMggImqnvQkd5KqxM%2Fbpw2J1o%2BwS9A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63e155f66d664ab6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js Show response
www.google.com/js/bg/ Frame 69AD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r&co=aHR0cHM6Ly91cy5jb21taXRjaGFuZ2UuY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=invisible&cb=42i7uxvjmp1p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 15:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 131508
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
expires: Sat, 09 Apr 2022 15:33:30 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 69AD 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 16:01:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 389011
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 13 Apr 2021 16:01:47 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69AD 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 151301
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69AD 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 266536
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 69AD 102 B
261 B 16ms
15ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=539Evs44yecoSf-lkJBQzKKj

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

323a404da27563a474e80ef101218c27d83d425c4a3390b18e9b4cda31cc926e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldt9rkUAAAAAIvwuGSE5uyewGUrYIXbDh_hZm8r&co=aHR0cHM6Ly91cy5jb21taXRjaGFuZ2UuY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=invisible&cb=42i7uxvjmp1p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 11 Apr 2021 04:05:18 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 518B 156 B
518 B 508ms
178ms XHR
text/plain 34.208.10.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.10.33 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-10-33.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bfd087116b2837334ac083c460216382cbd5b7f68fb943ccd74a036afb05830a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Apr 2021 04:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

OPTIONS
H2 204 guest
api.pico.tools/loader/ Frame 0
0 410ms
401ms Preflight 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Protocol

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
Origin: https://gadget.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 11 Apr 2021 04:05:19 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://gadget.pico.tools
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
cf-cache-status: DYNAMIC
cf-request-id: 0960b40f0900002c3a2c116000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BNgjcfJvFMdhQGMl8jJsPLOx1pwT8y6CrxyWikgeSoXPLaZEU7Qx0kNiQQ%2FnFFqxrpHOhbVvuqKLoPXU5rQ7%2F940jAHl4BcDZocMeGcRbeeoZMIXmE%2B4ns1H1w%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63e155f80fb12c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 422 guest Show response
api.pico.tools/loader/ Frame A647 171 B
600 B 400ms
400ms XHR
application/json 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b730fb0e44727ac5dcd87181f7325f04a8376cc7971634214e72c96c3e38639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

adBlockling: false
Session-ID: 62b604a4-0f99-4bfd-ae1f-87182e570448
current-page: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
from-domain: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json
prev-page
Referer: https://gadget.pico.tools/
publisherId: 4d564b43-6ec3-41fc-848b-40716e6a5bfd

Response headers

date: Sun, 11 Apr 2021 04:05:19 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p4uyEiq9nQbJbz4AOsameszDuW32IWyN9QTp8ghdFTNtDXeP7MmU6tW44gpK7%2Bh1FfPOyfWBxZCsBsS0pQlIZNOd1qiCgFGkbHVni%2FsUB8IqRqanOYlLFQObAg%3D%3D"}]}
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171
cf-request-id: 0960b4109b00002c3a4ba18000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
x-download-options: noopen
content-type: application/json
access-control-allow-origin: https://gadget.pico.tools
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
cf-ray: 63e155fa99eb2c3a-FRA
version: 1.10.12

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 164ms
164ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=7&timestamp=1618113918744&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406&element=ControllerApp&dom_loading=141&dom_interactive=276&dom_complete=892&since_sjs_load=386&since_stripe_create=383&since_create=383&mount_duration=302&since_fetch=273&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=32897&resource_timings-shared.js-duration=12&resource_timings-controller.js-transfer_size=21653&resource_timings-controller.js-duration=14

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 ping Show response
pingback.issuu.com/ Frame ABBC 0
187 B 114ms
95ms XHR
text/plain 2600:1901:0:a175::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pingback.issuu.com/ping
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a175:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-max-age: 86400
access-control-allow-methods: POST
access-control-allow-origin: https://e.issuu.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 launcher.e3b2aa44e05636176539.css
gadget.pico.tools/ Frame DEDA 74 KB
13 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/launcher.e3b2aa44e05636176539.css?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1624ea9c3e84876c1434a9ccc8a546ea83a8b9235e3a392a9d0e55e9eeef3cc7

Request headers

Referer: https://gadget.pico.tools/launcher/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=89417
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB8413WDC1PASRNA
x-amz-id-2: qHPA6jK1zYW67v2BLbCsopxbzFxVwDfA8UarE0q6c2i/g30uYVVE6V2ebVN6aXqeRqHnkTBhLN4=
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
server: cloudflare
etag: W/"791c4c99ece350973b1d2931755c520b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Eb2NPNiGfVF%2BHwRtsi%2BvoA9lqs7a0D7yuBBVtgqydToQ%2BQqTh3gtz2%2BjE5177S5Pr%2FbZ6EUoCr4z4PqEv%2F3Lda5qMW8XjGgCCs03Wqczhj7p5OchRz5PJSonSIH45g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: kgWt5RUcDUdO49X822Ki6GkF_si60OHz
cf-request-id: 0960b40f4c00004ab6c5162000000001
cf-ray: 63e155f878544ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js Show response
gadget.pico.tools/ Frame DEDA 181 KB
54 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57c1173c9e6e35bbd38667aced791f010536505c46fb05ce128b8e8bdf3dee

Request headers

Referer: https://gadget.pico.tools/launcher/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=185362
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC1PNES5N6EBBVS
x-amz-id-2: YOOIDJERXJ1gXP1b0efPk7ZgY1M1GZzsQ1wcp/JqrGOpZQVTIuthutVxA6JKAoQRnhRYzZ1vKnc=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"b2c832eec174751dc375f949e90c456f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4hJ8LwRshxDR7EjBwZuJpKbZNV%2FDryAL2%2B5wNjnnbmjURwg25n8CSVZmpnpHWZ9RzLUItMhTduHQwhoxOXGXSBuNuhDibCghK%2ByEPuFRpQ1E%2FrV7Ohhix5vCVJ3zMg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: H.Gn9JRUrO6.cfZYzF4w6KjzkvQwRJeU
cf-request-id: 0960b40f4c00004ab67c04a000000001
cf-ray: 63e155f878594ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js Show response
gadget.pico.tools/ Frame DEDA 750 KB
175 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfcce2eb34573cd2674f4f9b1be763356c4c980569ea3a4e597e50649a3b4a1

Request headers

Referer: https://gadget.pico.tools/launcher/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=767649
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC9NXPFPF57EH8T
x-amz-id-2: viBYc0vdI0uZtS9+WDmQjLvJaLHuuw3ts+FSNGi4MT0vmWsITCmTHpXju76bDHlHx98OpKb91Qw=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"622141892b01873212154a97abc2e0f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AuEQ2IPiC2JZuR9wuxZuk6gpprYDZz5QSdFWmpWjef1KzCyVRxLTAbMhnilNDKN8PaHt%2FpL8x28%2FcGjqEIY2bujtPkBzcHluJw3e%2FDWRsFPJFY%2FnsxlX3BQUwuc5DQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 052hiqmA1bfIwyN0cLDsgthNb2AzIEU_
cf-request-id: 0960b40f4c00004ab6cf137000000001
cf-ray: 63e155f8785a4ab6-FRA
cf-bgj: minify

GET
H2 200 launcher.dc276e546a10545c3f37.js Show response
gadget.pico.tools/ Frame DEDA 319 KB
58 KB 31ms
30ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/launcher.dc276e546a10545c3f37.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb848bf948e2089812b678a2a9549af79c88ba869bb1d6f096aed85ed47b5699

Request headers

Referer: https://gadget.pico.tools/launcher/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=326223
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB8AT708RAB3T84Q
x-amz-id-2: f36/g+MHEI5ONS5HCFVCVxoWpeG+FWwSBV6t9e5wUwpPdbfmX0dH4v5lCDm89Tb8dEL+e9ZKf4k=
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
server: cloudflare
etag: W/"b15fe12025cb28fd36fc71e139fd2e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4%2BihQhuFz8DthhlEpC1w5rlfPi0S3s4xv5e1hl7W%2BTRAw%2BaVZfharXVFDR8nJeY66KyTYwZ9BRwrN01QjvESHpKfl9neTM2qMCi3tHdm7AlNfV%2BCY0Dm%2FAIQinu1BA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 621ha8HpADiMJZE92xmpb8rnziNv3_Lq
cf-request-id: 0960b40f4c00004ab6bd2ec000000001
cf-ray: 63e155f8785d4ab6-FRA
cf-bgj: minify

GET
H2 200 menu.fb367f5bbc63423ddc88.css
gadget.pico.tools/ Frame 6A08 4 MB
502 KB 32ms
32ms Stylesheet
text/css 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/menu.fb367f5bbc63423ddc88.css?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 530f249bd7f75b238193ca111f7d4a0c42e5670a94667bffe560700362293e30

Request headers

Referer: https://gadget.pico.tools/menu/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=4554369
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB81YYXBX3RYDYX4
x-amz-id-2: r6fUSLQ78ND0P40lYy7pKNIJdQpReFdT41Sn9eyquPMvZnPVCCZDfYiTbIEJg/UL+1+dqnXAw9s=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"5a8aa1616fae122c2ef1c76306527120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dvCVq7X9Aulum0b7wWLDkQjiCtAcGAYfAg8m4ylmCBHENtQ7u%2BbsWjXeDvBkmDx4wpjaqVRmDipVfNCXOvrQFTmuYRWv9W%2FteJXmDwwS%2FPMJAn04xzwhYuI65D0MIw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: RuNa4EadRe.guS76juxDTkDXjEG0Kunn
cf-request-id: 0960b40f4d00004ab68ebdb000000001
cf-ray: 63e155f8785f4ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js Show response
gadget.pico.tools/ Frame 6A08 181 KB
54 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57c1173c9e6e35bbd38667aced791f010536505c46fb05ce128b8e8bdf3dee

Request headers

Referer: https://gadget.pico.tools/menu/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=185362
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC1PNES5N6EBBVS
x-amz-id-2: YOOIDJERXJ1gXP1b0efPk7ZgY1M1GZzsQ1wcp/JqrGOpZQVTIuthutVxA6JKAoQRnhRYzZ1vKnc=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"b2c832eec174751dc375f949e90c456f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C35cvn%2FghHsVd4AJHfkGB4ZL2XUD93EDpGfZ1vUsv7C5SaqgpM6UTmnEh8uzVEJlWdJXvGZlQ3p6lyT%2B0vI9BOvSYWhm9phVd4%2FKVDpQJh3XcR9Wh7Nfequ0uGT%2BxA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: H.Gn9JRUrO6.cfZYzF4w6KjzkvQwRJeU
cf-request-id: 0960b40f4c00004ab6980d5000000001
cf-ray: 63e155f8785e4ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js Show response
gadget.pico.tools/ Frame 6A08 750 KB
175 KB 53ms
52ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfcce2eb34573cd2674f4f9b1be763356c4c980569ea3a4e597e50649a3b4a1

Request headers

Referer: https://gadget.pico.tools/menu/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=767649
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC9NXPFPF57EH8T
x-amz-id-2: viBYc0vdI0uZtS9+WDmQjLvJaLHuuw3ts+FSNGi4MT0vmWsITCmTHpXju76bDHlHx98OpKb91Qw=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"622141892b01873212154a97abc2e0f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CimuPVGSHhhGmFh%2FEWl%2Fj0qV8VmJDYX4t12y%2F%2FEhV%2Fvqcq01ofHDCOKMC8cuCeDtScLqcflZJa3fIOfIQX7skiARbUvPKCqg8xjnJqNlM9uXqkUmmgdtVxfqOlD0Rw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 052hiqmA1bfIwyN0cLDsgthNb2AzIEU_
cf-request-id: 0960b40f4d00004ab6d4019000000001
cf-ray: 63e155f878614ab6-FRA
cf-bgj: minify

GET
H2 200 menu.fdd2ffd5323dce79347b.js Show response
gadget.pico.tools/ Frame 6A08 2 MB
470 KB 43ms
42ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/menu.fdd2ffd5323dce79347b.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3edfed9de3dfb87e9518c483f29e6714fe5b9b6f8f482abcaba995c78ae979ee

Request headers

Referer: https://gadget.pico.tools/menu/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=2120397
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB8DS464EMJ7WQZN
x-amz-id-2: snctKgAMMrWNyi0DvrEGfpHiYGn6DOH9gi4+Fw9ip3ZfwL4v/FpAPPOaczAFgw8zDpUPpRioN7A=
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
server: cloudflare
etag: W/"ca06343538d3f44ee32e289479c9a797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PpjTOpvvW%2Fed1tLf%2FuTNEL5iFRyM6At0zdgO999yOGwCOq3NFoYKfHAGaoVDTgSnClHJjuE6mMsmC%2B7Up04odYn%2BMTumhipN1ZokxuBJjL8b2QEyZtN7ezCwkx61cg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: JG6qsQWUd8tFgnb.PSJ6VzGy3Be0HQL4
cf-request-id: 0960b40f4e00004ab6e48f1000000001
cf-ray: 63e155f878624ab6-FRA
cf-bgj: minify

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 164ms
164ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=8&timestamp=1618113918803&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406&element=outer&dom_loading=455&dom_interactive=747&dom_complete=1657&since_fetch=609&load_count=1&load_before_dom_content_loaded=true&load_ready_state=loading&first_create_ready_state=loading&first_mount_readyState=loading&until_first_create=3&until_first_mount=84&until_first_load=402&resource_timings-stripe.js-transfer_size=53979&resource_timings-stripe.js-duration=59&resource_timings-controller.html-transfer_size=357&resource_timings-controller.html-duration=8&resource_timings-m-outer.html-transfer_size=491&resource_timings-m-outer.html-duration=9

Requested by

Host: www.metrotimes.com
URL: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 prompt.946f347ceb6833679e54.css
gadget.pico.tools/ Frame B445 4 MB
543 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/prompt.946f347ceb6833679e54.css?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b68a0ac8609ab3ef0effe6d46405540fa245b0d44649f1552b7b99b0712982

Request headers

Referer: https://gadget.pico.tools/prompt/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=4911788
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB80823A6PDHR2TQ
x-amz-id-2: yq9BntSNjNjgg60WKI189r5dJ41R/gDO2E88U/Bm3bNoF+uQIaT+3OXsDCUhYouWBD4EG/myEuA=
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
server: cloudflare
etag: W/"28805f3370766dac0bf1ca6353dd88f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yDTwpiVY%2BOBswvCfqVUk%2Ff7%2BW5xqsOd7Ax4rZ3t3kSBgTaexoLv%2FtS1loaAS%2BhCYXQbANjuipH71b6LUpUJXSL2lu%2BDp3QT0DsgmOj6NjZLvUYX5DnsXpVVNg5iJIQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: AUv5TZjud1Xwb68bKQi47Sdn31UWl2Gp
cf-request-id: 0960b40f5700004ab6eb325000000001
cf-ray: 63e155f888764ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js Show response
gadget.pico.tools/ Frame B445 181 KB
54 KB 66ms
66ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57c1173c9e6e35bbd38667aced791f010536505c46fb05ce128b8e8bdf3dee

Request headers

Referer: https://gadget.pico.tools/prompt/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=185362
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC1PNES5N6EBBVS
x-amz-id-2: YOOIDJERXJ1gXP1b0efPk7ZgY1M1GZzsQ1wcp/JqrGOpZQVTIuthutVxA6JKAoQRnhRYzZ1vKnc=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"b2c832eec174751dc375f949e90c456f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JhY1U2uLX1fZFy7XOtNNVcBnUEzKOSWCndr2vCyC7vp9xZr2v7PXrdXv256yYeD05JBLIKb8RAx673lRVwbciAnr7OANDHyKey2OkHcAXIby2tNw3fUDlYLuZVMiPw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: H.Gn9JRUrO6.cfZYzF4w6KjzkvQwRJeU
cf-request-id: 0960b40f5700004ab69921c000000001
cf-ray: 63e155f888744ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js Show response
gadget.pico.tools/ Frame B445 750 KB
175 KB 48ms
47ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfcce2eb34573cd2674f4f9b1be763356c4c980569ea3a4e597e50649a3b4a1

Request headers

Referer: https://gadget.pico.tools/prompt/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=767649
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC9NXPFPF57EH8T
x-amz-id-2: viBYc0vdI0uZtS9+WDmQjLvJaLHuuw3ts+FSNGi4MT0vmWsITCmTHpXju76bDHlHx98OpKb91Qw=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"622141892b01873212154a97abc2e0f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XEF3zkqdh7HxSJp2f0iaevJmX0jUDNygX8Yg4KQdMY%2F%2FlitZGz3v30BOqcqgwegkQSJbr03lrhcD3D8GGFmDBAoqGblSJIbgawjmI%2FXQmuian4ZMWbE2KQJUPeBbKg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 052hiqmA1bfIwyN0cLDsgthNb2AzIEU_
cf-request-id: 0960b40f5800004ab6d4b1c000000001
cf-ray: 63e155f888774ab6-FRA
cf-bgj: minify

GET
H2 200 prompt.638677ee189704b0198b.js Show response
gadget.pico.tools/ Frame B445 3 MB
576 KB 54ms
54ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/prompt.638677ee189704b0198b.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c92af3433b010e27586ee624b0ee1f9300555784a65cebf51f860c98d5ebfbd

Request headers

Referer: https://gadget.pico.tools/prompt/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=2627250
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB85ZJ9084W4WC1B
x-amz-id-2: KnZagew7S16lTFktxX0IUQCXFb6GzF4zLjMVpr4W2LbhZOTs6i0QTAmpNRcOQh9wnrCYhjjhxvI=
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
server: cloudflare
etag: W/"7b5425dffd1083ca939ed7963134c02f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xkDSvRLnR5mGZvQJNdXCZA26iNVShldKdU%2B8FZvcgPpkSRREz9xx%2B1%2FPjU55fIwt%2FES7UM7fXNDs%2BPVWXhamyO6UrL%2FAa2V6V9hSJKaTX8cuKC8l4%2BnAbWo0TtKwvw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: PI__RUwYgCIwjXxZV709DNxSnMyRSIct
cf-request-id: 0960b40f5800004ab6e734d000000001
cf-ray: 63e155f888784ab6-FRA
cf-bgj: minify

GET
H2 200 header.bb78a92b9f52dbb8102c.css
gadget.pico.tools/ Frame 340E 339 KB
47 KB 49ms
46ms Stylesheet
text/css 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/header.bb78a92b9f52dbb8102c.css?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3062ba063ff339e424114dc317f295d355cc1908cd69c4c6248c181c1d092ab0

Request headers

Referer: https://gadget.pico.tools/header/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=412610
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB806S3QHR56G2VH
x-amz-id-2: D7Gn2Bhkd5Z00SSFSsY5j+XctZdBCpxSspEFoA7iQD9UsSaXz2IT7z4z+t/Va915hcvgPNYTQ4k=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"c90ac851cbdf6cadc5a712763f2e70e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DPWG%2BkohGN%2FAkAaewj5%2F%2B1JEpeHPP7frsvK3Xav3ql7FuQ%2BbE1Dr0bBNJD2FtfM34hlvZNeoCeZ58pt0dgwNJY9Kgz5BQpXr0ckR2esogXnm2jjzZUZD8sXzauFo7A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2592000
x-amz-version-id: UXjtZSGxjrZnj3clHRRXrs95ZB0fxtOZ
cf-request-id: 0960b40f5e00004ab6b3852000000001
cf-ray: 63e155f898934ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js Show response
gadget.pico.tools/ Frame 340E 181 KB
54 KB 42ms
39ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57c1173c9e6e35bbd38667aced791f010536505c46fb05ce128b8e8bdf3dee

Request headers

Referer: https://gadget.pico.tools/header/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=185362
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC1PNES5N6EBBVS
x-amz-id-2: YOOIDJERXJ1gXP1b0efPk7ZgY1M1GZzsQ1wcp/JqrGOpZQVTIuthutVxA6JKAoQRnhRYzZ1vKnc=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"b2c832eec174751dc375f949e90c456f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HZ8UmWeGZVyi7RtYWkl3CQ2t1VaBTy9sJ0KTj9I4R1zqytURSTbYpskwOc2kezd%2B0z%2B9NYRnSPGMr%2FcJrRpE%2FuxwKDXCdZKer1kfo6fj6w3VU4ZsdVUHGIeG%2FeU4GA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: H.Gn9JRUrO6.cfZYzF4w6KjzkvQwRJeU
cf-request-id: 0960b40f5e00004ab6c98dc000000001
cf-ray: 63e155f8988e4ab6-FRA
cf-bgj: minify

GET
H2 200 vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js Show response
gadget.pico.tools/ Frame 340E 750 KB
175 KB 64ms
62ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bfcce2eb34573cd2674f4f9b1be763356c4c980569ea3a4e597e50649a3b4a1

Request headers

Referer: https://gadget.pico.tools/header/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338617
cf-polished: origSize=767649
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AYC9NXPFPF57EH8T
x-amz-id-2: viBYc0vdI0uZtS9+WDmQjLvJaLHuuw3ts+FSNGi4MT0vmWsITCmTHpXju76bDHlHx98OpKb91Qw=
last-modified: Fri, 26 Mar 2021 16:14:56 GMT
server: cloudflare
etag: W/"622141892b01873212154a97abc2e0f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y13iOnHSj4j22%2F%2FyyIUhxtCtZ%2FH9%2F6%2FJVuvuBbk1macEQl8rYrFNL2A1Rzs2QZ6SH55DMeJcJBz8X9fifzNJXvwYqFZ2CuecDVEONAhZ1NpFkO72FAsksHGf5xgztg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 052hiqmA1bfIwyN0cLDsgthNb2AzIEU_
cf-request-id: 0960b40f5e00004ab67687b000000001
cf-ray: 63e155f898914ab6-FRA
cf-bgj: minify

GET
H2 200 header.5a30cf214fee9a0242a7.js Show response
gadget.pico.tools/ Frame 340E 409 KB
77 KB 59ms
58ms Script
application/javascript 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadget.pico.tools/header.5a30cf214fee9a0242a7.js?b5601f239caa7ff9c004
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fed91c9fafee5b3a740b9996f1dc2372ad0a8684832575e2b75387a1c1ecec6

Request headers

Referer: https://gadget.pico.tools/header/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1338616
cf-polished: origSize=418624
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZB8865KD3Z3F2E67
x-amz-id-2: zQ0KlTuzpQURrGe+FGJZcijIsSQvnirtRjrMpk+1+0RDIT+V2E3yk32Zx0yes5UU2IHc3oUgFlw=
last-modified: Fri, 26 Mar 2021 16:14:55 GMT
server: cloudflare
etag: W/"41c1c57f912264dc567e48f5f45d4c16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CBXx484aS1QXmsx3DRvc4Q1Z%2BSZrR%2FhYMXamXarAQmC8DXHfeJorx9BnePQ11J%2F8YQJq2%2Fl1MOc1QTsesArSnj7xdjE6R8XBsuMlTbTdTSEUOtug92TeqWVHPh0pJA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=2592000
x-amz-version-id: 1.eMt.8pMwkFNCaxsQ4Tc3t3j1iXM47x
cf-request-id: 0960b40f5f00004ab6db38f000000001
cf-ray: 63e155f898944ab6-FRA
cf-bgj: minify

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame DEDA 9 KB
1 KB 42ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1616775193557.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 03:11:52 GMT
server: ESF
date: Sun, 11 Apr 2021 04:05:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Apr 2021 04:05:18 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame DEDA 27 KB
28 KB 396ms
111ms Stylesheet
text/css 52.217.12.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/launcher/index.1616775193557.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.12.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2702ac7ec6b0afc2f61a367433acbd7bc22a51845261c7efdebb5feab8155ee0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:20 GMT
Last-Modified: Thu, 01 Apr 2021 13:55:32 GMT
Server: AmazonS3
x-amz-request-id: CV8NVG16CPMXVV0R
ETag: "22637440aec6cfffd6f0e5584afcac29"
Content-Type: text/css
x-amz-version-id: 3zHsfDYEOtHshGsSVeaf3ZgRiATh0tuX
Accept-Ranges: bytes
Content-Length: 27906
x-amz-id-2: eCr5Ep5mI7j1yfSkOoojryz1i7gvvCyYTHpv+2yIZTV5wabbi5UpzNbpcoI8EPV4ZK3EfCBKXcA=

POST
H2 200 ping Show response
pingback.issuu.com/ Frame ABBC 0
43 B 93ms
93ms XHR
text/plain 2600:1901:0:a175::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pingback.issuu.com/ping
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a175:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Apr 2021 04:05:19 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-max-age: 86400
access-control-allow-methods: POST
access-control-allow-origin: https://e.issuu.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 340E 9 KB
823 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1616775193557.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 02:53:05 GMT
server: ESF
date: Sun, 11 Apr 2021 04:05:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Apr 2021 04:05:19 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame 340E 27 KB
28 KB 321ms
105ms Stylesheet
text/css 52.217.12.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/header/index.1616775193557.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.12.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2702ac7ec6b0afc2f61a367433acbd7bc22a51845261c7efdebb5feab8155ee0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:20 GMT
Last-Modified: Thu, 01 Apr 2021 13:55:32 GMT
Server: AmazonS3
x-amz-request-id: CV8VH5J6XD0RHPEP
ETag: "22637440aec6cfffd6f0e5584afcac29"
Content-Type: text/css
x-amz-version-id: 3zHsfDYEOtHshGsSVeaf3ZgRiATh0tuX
Accept-Ranges: bytes
Content-Length: 27906
x-amz-id-2: dNHuMsFOVAl2kfnwCprvQm9QRDK3vWhylHW6UGwSAygOKFsRx02YLR5BPlOrpx1J5eeo6mkGCZE=

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6A08 9 KB
777 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1616775193557.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 02:57:15 GMT
server: ESF
date: Sun, 11 Apr 2021 04:05:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Apr 2021 04:05:19 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame 6A08 27 KB
28 KB 127ms
116ms Stylesheet
text/css 52.217.12.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/menu/index.1616775193557.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.12.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2702ac7ec6b0afc2f61a367433acbd7bc22a51845261c7efdebb5feab8155ee0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:20 GMT
Last-Modified: Thu, 01 Apr 2021 13:55:32 GMT
Server: AmazonS3
x-amz-request-id: CV8QX6AF4C92NH88
ETag: "22637440aec6cfffd6f0e5584afcac29"
Content-Type: text/css
x-amz-version-id: 3zHsfDYEOtHshGsSVeaf3ZgRiATh0tuX
Accept-Ranges: bytes
Content-Length: 27906
x-amz-id-2: Ak5mNOg2Yzkdji8BkIaHjTm4nFJHP7TXpBcWUCapmvk93xINglG1wy/+hJg6HNi+3HxDzgeYyrk=

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame B445 9 KB
777 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700&display=swap

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1616775193557.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Apr 2021 02:32:19 GMT
server: ESF
date: Sun, 11 Apr 2021 04:05:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Apr 2021 04:05:19 GMT

GET
H/1.1 200
OK style.css
development-cms-assets.s3.amazonaws.com/icons/common/ Frame B445 27 KB
28 KB 106ms
105ms Stylesheet
text/css 52.217.12.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://development-cms-assets.s3.amazonaws.com/icons/common/style.css
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1616775193557.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.12.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2702ac7ec6b0afc2f61a367433acbd7bc22a51845261c7efdebb5feab8155ee0

Request headers

Referer: https://gadget.pico.tools/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:20 GMT
Last-Modified: Thu, 01 Apr 2021 13:55:32 GMT
Server: AmazonS3
x-amz-request-id: CV8R4001BM857Y2R
ETag: "22637440aec6cfffd6f0e5584afcac29"
Content-Type: text/css
x-amz-version-id: 3zHsfDYEOtHshGsSVeaf3ZgRiATh0tuX
Accept-Ranges: bytes
Content-Length: 27906
x-amz-id-2: OvLr1KLzMMgRNCW4Ve5kJsMUEqhQIkiuHsubWlCrfZPwX7X2beqjCbBYsH8fMMtN/6vFKj4gn80=

GET
H2 404 null
gadget.pico.tools/prompt/ Frame B445 540 B
540 B 125ms
125ms Image
text/html 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadget.pico.tools/prompt/null
Requested by: Host: gadget.pico.tools
URL: https://gadget.pico.tools/prompt/index.1616775193557.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 343f299dd37a8ea8f879300d85ce9c9001feee4edb4ca06cbe79098878aca8f7

Request headers

Referer: https://gadget.pico.tools/prompt/index.1616775193557.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-amz-request-id: CV8HJJ6TQD9FXWDC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cQDDwirIiTGVawimFbyd4IH7ot0jxqR2MX%2FKx2V5nzeRyM%2BsYnqb7i09Lf%2Bh1TIFQD0Va0n2PrGG3KH9I%2F%2BdoGa%2Bl2RHnfpNLfE8kUbrTMIqirYMcoRoGs6Yk4wYRg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=utf-8
cf-request-id: 0960b4134000004ab6dfb03000000001
cf-ray: 63e155fec8534ab6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 23MskoXTKmJxhB4YW3L1Xoz1cijro8+/LP9Esmq75BHNBLzR+PVv0Gq1CUZnINHLUsr40dIW1BQ=

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 6856 0
182 B 118ms
55ms Document
text/html 52.30.177.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&upid=6zt9zkh&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.177.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.metrotimes.com%2Fdetroit%2F18-bars-where-you-can-watch-the-big-game-in-metro-detroit%2FContent%3Foid%3D2483284&upid=6zt9zkh&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.metrotimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.metrotimes.com/

Response headers

date: Sun, 11 Apr 2021 04:05:20 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 422 guest Show response
api.pico.tools/loader/ Frame A647 171 B
571 B 414ms
413ms XHR
application/json 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b730fb0e44727ac5dcd87181f7325f04a8376cc7971634214e72c96c3e38639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

adBlockling: false
Session-ID: 62b604a4-0f99-4bfd-ae1f-87182e570448
current-page: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
from-domain: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json
prev-page
Referer: https://gadget.pico.tools/
publisherId: 4d564b43-6ec3-41fc-848b-40716e6a5bfd

Response headers

date: Sun, 11 Apr 2021 04:05:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YF5T7NxMwxPL7i54HF6D2wS1bmuXWRt9Eb8eknc%2B2Dcr9ssoJipwiWWK7cPRc%2F4glMt9VcfxlrjM7evH5XXrH0kLnKYjunbybfXfcmGvRjXPB3cZF%2FckVSYmCQ%3D%3D"}]}
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171
cf-request-id: 0960b4157100002c3a01289000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
x-download-options: noopen
content-type: application/json
access-control-allow-origin: https://gadget.pico.tools
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
cf-ray: 63e1560249282c3a-FRA
version: 1.10.12

OPTIONS
H2 204 guest
api.pico.tools/loader/ Frame 0
0 373ms
372ms Preflight 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Protocol

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
Origin: https://gadget.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 11 Apr 2021 04:05:20 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://gadget.pico.tools
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
cf-cache-status: DYNAMIC
cf-request-id: 0960b413fb00002c3a42924000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eka3jye%2BBFQyo%2FU0uE%2BCTN3%2FulJ1SxnkPTj%2BQ999R7FHorXdBQ27BmyYOKjLCGsDhHsqZIEQ7hHba86L4%2B4vXgbWngW6oc6L%2FKjToO7uf1L0XwWiDQ4S9fXbQg%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63e155fffec02c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 422 guest Show response
api.pico.tools/loader/ Frame A647 171 B
485 B 129ms
129ms XHR
application/json 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b730fb0e44727ac5dcd87181f7325f04a8376cc7971634214e72c96c3e38639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

adBlockling: false
Session-ID: 62b604a4-0f99-4bfd-ae1f-87182e570448
current-page: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
from-domain: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json
prev-page
Referer: https://gadget.pico.tools/
publisherId: 4d564b43-6ec3-41fc-848b-40716e6a5bfd

Response headers

date: Sun, 11 Apr 2021 04:05:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G4c2FpJWpir8%2FdMvYuZfpnLEGWgcKUJNoGrlwvTh3mR7ip8Ohxb9MYgVDjaJafpJEni9YZXWx7xg%2FdS0sWEENMR3riXI1K3WCm7kNUzufGqa%2B2RGlG7pMUgBNw%3D%3D"}]}
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171
cf-request-id: 0960b417b300002c3af6835000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
x-download-options: noopen
content-type: application/json
access-control-allow-origin: https://gadget.pico.tools
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
cf-ray: 63e15605ed092c3a-FRA
version: 1.10.12

OPTIONS
H2 204 guest
api.pico.tools/loader/ Frame 0
0 106ms
105ms Preflight 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Protocol

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
Origin: https://gadget.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 11 Apr 2021 04:05:20 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://gadget.pico.tools
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
cf-cache-status: DYNAMIC
cf-request-id: 0960b4174800002c3a4ba5d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b22ZFJ%2BWSUJAM0FR9c%2FPyXgaPGt9b0qlZ432Avovao48%2FD4NXz8kroec5REiLboL%2F6ojJySuC29e0pWmNxS4V9eBKQqn6VNq6srcgAMw08Qvl%2FQKcRHogDLa3w%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63e156054c5e2c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 422 guest Show response
api.pico.tools/loader/ Frame A647 171 B
495 B 117ms
117ms XHR
application/json 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Requested by

Host: gadget.pico.tools
URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt~wrapper.7ce09f7076336081b464.js?b5601f239caa7ff9c004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b730fb0e44727ac5dcd87181f7325f04a8376cc7971634214e72c96c3e38639

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

adBlockling: false
Session-ID: 62b604a4-0f99-4bfd-ae1f-87182e570448
current-page: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
from-domain: https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json
prev-page
Referer: https://gadget.pico.tools/
publisherId: 4d564b43-6ec3-41fc-848b-40716e6a5bfd

Response headers

date: Sun, 11 Apr 2021 04:05:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HEN%2FE9G3BcCNugYYsDU5%2Bvot%2FP%2BP2fuUzAsbA1It9FQ0DTHkisEvkTzvnh5j5Q7wOYpUnr4MHTWCelm%2BupOXmdS2J9nKnqokDsD0hzWcSdmPnIbBPnmjoOjDUg%3D%3D"}]}
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171
cf-request-id: 0960b419fa00002c3afca89000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
x-download-options: noopen
content-type: application/json
access-control-allow-origin: https://gadget.pico.tools
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
cf-ray: 63e15609882b2c3a-FRA
version: 1.10.12

OPTIONS
H2 204 guest
api.pico.tools/loader/ Frame 0
0 411ms
411ms Preflight 2606:4700:20::681a:3c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pico.tools/loader/guest

Protocol

Server

2606:4700:20::681a:3c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
Origin: https://gadget.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 11 Apr 2021 04:05:21 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://gadget.pico.tools
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: adblockling,content-type,current-page,from-domain,prev-page,publisherid,session-id
cf-cache-status: DYNAMIC
cf-request-id: 0960b4185f00002c3adf9d8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OyyVjNO%2F%2BstRIAfxzIgX4P9JhcUhO%2BmDeA9S8g5TAOx7KGNZYTM6owqONhgWMcKa6DKc8lNhM4cUawgg5h2qFdhIaNZqBSoSGdoRP13zyNDBOo%2FHGpUDv2mtkw%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63e15606fde92c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 trusted-types-checker-6fb661259290eb5fd6c6c0bb32ab0d8c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7415 170 B
683 B 7ms
7ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-6fb661259290eb5fd6c6c0bb32ab0d8c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cc531716f962faef2f83fd9aefd9c2f421dd49fa1ba6ab3683780ce2e6c7404f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://us.commitchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:23 GMT
content-encoding: br
vary: Accept-Encoding
age: 241
via: 1.1 varnish
x-cache: HIT
content-length: 116
x-amz-id-2: M6Hb3UkMmATMSYkGbGBQAQ3flZGyU5CMZc+sAiO9KHDq4gjokuJyvAkMTiotsUId0HzWqXUTu0M=
x-served-by: cache-hhn4035-HHN
timing-allow-origin: *
last-modified: Mon, 05 Apr 2021 21:33:36 GMT
server: AmazonS3
etag: "6be3b689f488530559c294b84d56e953"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 5C3B5EYGX5K2C2BV
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2

GET
H2 200 /
q.stripe.com/ Frame F3C8 43 B
285 B 164ms
163ms Image
image/gif 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.trusted_types_check&event_count=9&timestamp=1618113923797&version=62cba5d3b&key=pk_live_rNeLAp3gKE2hrZ7NrD4XszcA&referrer=https%3A%2F%2Fus.commitchange.com%2F&stripe_js_id=e0c4b63e-2238-4f0e-8c1a-11386de1118e&controller_load_time=1618113918123&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_cm=false&flag_pc=false&flag_gp=true&frame_width=406&result=ALLOWED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 ping Show response
pingback.issuu.com/ Frame ABBC 0
43 B 94ms
93ms XHR
text/plain 2600:1901:0:a175::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pingback.issuu.com/ping
Requested by: Host: e.issuu.com
URL: https://e.issuu.com/issuu-reader3-embed-files/217/iframe-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a175:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://e.issuu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Apr 2021 04:05:24 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-max-age: 86400
access-control-allow-methods: POST
access-control-allow-origin: https://e.issuu.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 33ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.metrotimes.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Apr 2021 04:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ Frame BEB2 9 KB
5 KB 53ms
28ms XHR
application/xml 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20971543&cb=1618113925013&referrer=https://www.metrotimes.com&kw_publication=metrotimes&kw_page=article&vwidth=426&vheight=240&vcontext=4&vframeworks=1,2&vv=2,3,4&mimes=video/mp4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d1656f95d247cdd53198a4203def5a836555ec11b2b88f8a0907766562d273dd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 195.181.170.200; 195.181.170.200; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.138:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 56214091-5af1-4b6d-af10-f26614089d56
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BEB2 0
331 B 439ms
147ms Other
image/gif 2607:f8b0:400e:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kncn8w9b&c=8051234790475&slotId=4025617395237.5&fb=ima-html5&sdkv=h.3.450.0&ppt=fdncms%2Ftop-stories&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44729227%2C44740339
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400e:c09::5e The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader20.html Show response
tpc.googlesyndication.com/pagead/js/ Frame 1B55 51 KB
19 KB 25ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /pagead/js/loader20.html?https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 10 Apr 2021 11:42:00 GMT
expires: Sun, 11 Apr 2021 11:42:00 GMT
content-type: text/html; charset=UTF-8
etag: 15578078210308968909
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 18563
x-xss-protection: 0
cache-control: public, max-age=86400
age: 59005
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK anwrapper-1.995.0.js Show response
acdn.adnxs.com/vx/static/w/ Frame 1B55 167 KB
47 KB 29ms
7ms Script
application/javascript 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: eb9a238a3269bc2de5de1764998b73502da6dfa97ca3d186d5631372662ea9a2

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Apr 2021 04:05:25 GMT
Content-Encoding: gzip
Age: 13157300
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 47450
X-Served-By: cache-lga21923-LGA, cache-fra19165-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 04 Nov 2020 15:26:49 GMT
Server: nginx/1.13.10
X-Timer: S1618113925.183028,VS0,VE0
ETag: W/"5fa2c839-29d6a"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Tue, 09 Nov 2021 21:17:05 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 113438, 118177

POST
H2 204 pack
rb.adnxs.com/ Frame 1B55 0
278 B 56ms
13ms Other
text/plain 37.252.167.197
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.197 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Sun, 11 Apr 2021 04:05:25 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H/1.1 200
OK sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34= Show response
ads.adaptv.advertising.com/a/h/ Frame 1B55 2 KB
1 KB 38ms
8ms XHR
text/xml 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=?cb=289415510&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=EMBEDDING_PAGE_URL&scpid=[scpid]&hp=[hp]&eov=eov

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

56d474d8db9a1a4745ce4db1b7daac26eaf92c99c16e21aec49a1d68953e8ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 972
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B154 52 KB
17 KB 7ms
7ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tpc.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: anj=dTM7k!M4/8CxrEQF']wIg2HaQH2vd!!1yIE'Yg-$0y=/d!!'#[$N>%>; icu=ChgI5rZxEAoYASABKAEwhevJgwY4AUABSAEQhevJgwYYAA..; uuid2=8118114154728924276
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 08 Apr 2021 05:51:50 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 11 Apr 2021 04:05:25 GMT
Age: 80011
X-Served-By: cache-lga21934-LGA, cache-fra19165-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 445853
X-Timer: S1618113925.217681,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame CC68 15 KB
7 KB 103ms
30ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=65dbf3b8-caf6-46e2-a326-e6425e22d447&pblob=
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ab3f190a1ef8f9d5291fc76e1dcd3d0c33a7773d014089ece08533dba0bad79a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:25 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6611

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame CC68 317 KB
102 KB 38ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1274816&orgId=28860&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=&vrid=65dbf3b8-caf6-46e2-a326-e6425e22d447&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 31 Mar 2021 05:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 945632
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: rAPzhX7OsP7m1yCTPHes1nfDNFtwgERo4exf0QxsKqCFWAJDoiL2pjV53ckbEGrQuqB5DNySYZ8=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: DSH70BY9Z9SKDEZ3
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame CC68 43 B
246 B 35ms
7ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5f981d4f17a15a0001a55286&s=true&pv=10.2.63&ifr=true&cb=0.65012603335589&pt=o2unit&sid=cee8dd04-1f05-48f0-b826-2b66359f6206&r=https%3A%2F%2Fwww.metrotimes.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:25 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Sun, 11 Apr 2021 04:05:25 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 1B55 133 KB
44 KB 7ms
7ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:25 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: F29A41BD806DA4A7
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24823
accept-ranges: bytes
content-length: 44266
x-amz-id-2: Fr1vTZ/5WfsBwz7hhTigZ0nr9sydzjAEpivNc4F31sJjpAfdcD2qqsCWuQ0lT/CqHpzIJCCLCFk=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame 1541 2 KB
781 B 7ms
6ms Document
text/html 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tpc.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

x-amz-id-2: ErSgGxp0ehGlPPwT+CCYnQ9LZINYuYCQkSBAdOXaW7AKrtNKGJyEJzCsZZNweId6m6zTKj1IxRo=
x-amz-request-id: AMZT0M17T21FWSQV
date: Sat, 10 Apr 2021 12:03:08 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 57739
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=
ads.adaptv.advertising.com/a/h/ Frame CC68 249 B
0 418ms
417ms XHR
text/xml 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/sM8Oz6kwvWgo737nVts8z3ZvqlYD4_Kz4yeb0A1QQ34=?cb=289415510&gdpr=&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fwww.metrotimes.com&scpid=[scpid]&hp=[hp]&eov=eov&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.metrotimes.com&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=2&height=0&moatViewableOpportunity=100&p.vw.active=1&p.vw.psize=-1&p.vw.viewable=1&p.vw.viewableOpportunity=1&referrerUrl=https%3A%2F%2Fimasdk.googleapis.com%2F&width=0

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://tpc.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame CC68 43 B
245 B 7ms
7ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=cee8dd04-1f05-48f0-b826-2b66359f6206&vvuid=baff46fe-5f33-4077-ae44-d63841d74779&orgId=28860&plcid=1274816&vrid=65dbf3b8-caf6-46e2-a326-e6425e22d447&ab=0&dt=90&h=0&spaceid=793604934&w=0&cb=0.9669516040867328
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:25 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Sun, 11 Apr 2021 04:05:25 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame CC68 43 B
245 B 8ms
7ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=cee8dd04-1f05-48f0-b826-2b66359f6206&vvuid=baff46fe-5f33-4077-ae44-d63841d74779&orgId=28860&plcid=1274816&vrid=65dbf3b8-caf6-46e2-a326-e6425e22d447&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&cb=0.0921306204326584
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:25 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Sun, 11 Apr 2021 04:05:25 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame CC68 43 B
245 B 8ms
7ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=cee8dd04-1f05-48f0-b826-2b66359f6206&vvuid=baff46fe-5f33-4077-ae44-d63841d74779&orgId=28860&plcid=1274816&vrid=65dbf3b8-caf6-46e2-a326-e6425e22d447&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=100&vwm=-1&h=0&cb=0.6455868805544627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 04:05:25 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Sun, 11 Apr 2021 04:05:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 1B55 43 B
260 B 8ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1618113925482&de=229499703060&d=162%3A-%3A-%3A-&bo=metrotimes.com&bd=metrotimes.com&f=1&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Apr 2021 04:05:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 11 Apr 2021 04:05:25 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame CC68 0
0

POST
H2 204 pack
rb.adnxs.com/ Frame 1B55 0
277 B 14ms
13ms Other
text/plain 37.252.167.197
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_rb_vpaid_wrapper_signals&format=json
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/vx/static/w/anwrapper-1.995.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.197 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tpc.googlesyndication.com
date: Sun, 11 Apr 2021 04:05:25 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS, GET

GET
H/1.1 200
OK v2
ams1-ib.adnxs.com/vast_track/ Frame BEB2 0
821 B 53ms
25ms Image
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/vast_track/v2?info=ZgAAAAMArgAFAQmFdXJgAAAAABEzpTsS8oGpKhmFdXJgAAAAACDds9V5KAAww0Y4w0ZA5rZxSJmg0AJQl4CAClgBYgJERWgBcAF4AIABAogBBJABqgOYAfABoAEAqAHds9V5sAEB&s=22ecb97ddff54a643b3527d1a0477c207678eb95&event_type=4&error_code=901

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Apr 2021 04:05:25 GMT
X-Proxy-Origin: 195.181.170.200; 195.181.170.200; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: b7a9df79-bce1-4bab-8dad-341710f69247
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us.commitchange.com
URL: https://us.commitchange.com/nonprofits/5487/donate?offsite=t&oid=2483284&offsite=t&custom_amounts=5,10,25,50,100,200&custom_fields=Join%20Metro%20Times%20Press%20Club%20Emails%20(Y/N)&redirect=https://www.metrotimes.com/detroit/NewsletterSignup/Page&designation=Article%20Donation&hide_dedication=true&origin=https://www.metrotimes.com/detroit/18-bars-where-you-can-watch-the-big-game-in-metro-detroit/Content?oid=2483284

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5f981d4f17a15a0001a55286&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fwww.metrotimes.com&s=true&sid=cee8dd04-1f05-48f0-b826-2b66359f6206&vvuid=baff46fe-5f33-4077-ae44-d63841d74779&orgId=28860&plcid=1274816&vrid=65dbf3b8-caf6-46e2-a326-e6425e22d447&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=426&ar=no&fo=0&ft=0&h=0&cb=0.4900855792922627

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.issuu.com/	1970-01-19 21:47:45	Name: iutk Value: f49e02c2-0206-43d1-b3b7-e46f6c3b670d
www.metrotimes.com/	1970-01-19 17:28:35	Name: __atuvs Value: 6072757b2d5fc10e000
.metrotimes.com/	1970-01-19 18:11:45	Name: prism_26668640 Value: 82db9bf9-074d-4df6-9c4b-7ce3c89e3cda
.metrotimes.com/	1970-01-19 18:11:45	Name: __cfduid Value: d11ad033c9c9dc8cbfd193b84e83ebc3d1618113916
www.metrotimes.com/	1970-01-20 02:57:21	Name: __atuvc Value: 1%7C15
.metrotimes.com/	1970-01-19 19:38:09	Name: _fbp Value: fb.1.1618113914711.1913616575

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://widget.pico.tools/wrapper.min.js(Line 1) Message: Local storage not available
console-api	error	URL: https://widget.pico.tools/wrapper.min.js(Line 1) Message: Local storage not available
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.metrotimes.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: Error: Request failed with status code 422
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: console.group
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: The current URL, is /popup-menu
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: The last navigation action was REPLACE
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: console.groupEnd
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: Error: Request failed with status code 422
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: Error: Request failed with status code 422
console-api	log	URL: https://gadget.pico.tools/vendors~appError~arbiter~header~launcher~menu~prompt.79a0cb327081407b581a.js?b5601f239caa7ff9c004(Line 1) Message: Error: Request failed with status code 422
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 06:05:25.885 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 06:05:25.885 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
acdn.adnxs.com
acds.prod.vidible.tv
ads.adaptv.advertising.com
adservice.google.com
ajax.googleapis.com
ams1-ib.adnxs.com
api.pico.tools
apis.google.com
assets.isu.pub
cdn-ssl.vidible.tv
cdn.polyfill.io
commitchange.s3.amazonaws.com
connect.facebook.net
csi.gstatic.com
d2e5we1j08b82a.cloudfront.net
development-cms-assets.s3.amazonaws.com
diffuser-cdn.app-us1.com
e.issuu.com
fonts.googleapis.com
fonts.gstatic.com
gadget.pico.tools
ib.adnxs.com
imasdk.googleapis.com
insight.adsrvr.org
issuu.com
js.adsrvr.org
js.stripe.com
layers.isu.pub
m.stripe.com
m.stripe.network
media1.fdncms.com
media2.fdncms.com
pagead2.googlesyndication.com
photos.metrotimes.com
pingback.issuu.com
pixel.quantserve.com
platform.twitter.com
prism.app-us1.com
px.moatads.com
q.stripe.com
quantcast.mgr.consensu.org
rb.adnxs.com
reader3.isu.pub
rules.quantcount.com
s0.2mdn.net
s7.addthis.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssl.gstatic.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
trackcmp.net
trk.vidible.tv
unpkg.com
us.commitchange.com
v1.addthisedge.com
widget.pico.tools
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.metrotimes.com
www.recaptcha.net
z.moatads.com
trk.vidible.tv
us.commitchange.com
104.244.42.200
151.101.112.176
151.101.13.108
184.73.71.44
185.33.221.14
185.33.221.87
209.104.5.202
209.104.5.203
209.104.5.204
216.58.212.162
23.210.248.44
23.218.209.154
2600:1901:0:a175::
2600:9000:2016:de00:6:44e3:f8c0:93a1
2600:9000:2104:5c00:0:6fdd:6480:93a1
2600:9000:2182:9000:9:46dc:4700:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:3c0
2606:4700:20::681a:78
2606:4700:20::ac43:4771
2606:4700::6810:7baf
2606:4700::6811:925b
2607:f8b0:400e:c09::5e
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:810::200d
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2006
2a00:1450:400c:c0b::9b
2a03:2880:f050:f:face:b00c:0:3
2a03:2880:f150:82:face:b00c:0:25de
2a04:4e42:1b::622
2a04:4e42:3::621
2a04:4e42:3::622
34.193.232.123
34.208.10.33
35.156.201.148
37.252.167.197
52.217.12.36
52.219.116.35
52.29.183.32
52.30.177.128
54.187.159.182
54.195.94.143
54.230.55.228
003fd10ced20a31ddee2cb8cd496fbd9c21efc94a2c35bfd61b6e02a004be62e
0224b1ee7c624b2ee170b0325b8ad8e9c7e5459a83c32ef1f3b5e73549723a01
0415e74653c5d504014b3ebdca883f24e8ea39dde95644da11981adcbe2492db
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
060cc77f3ddf9a18e0eef5704ce771c7c4272788545a84bd752b3d7e7dcfb8b5
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
09c0e7ca6a3b802c1833253354fe3fcc34bdb147a3c2928bd052946f923dcb51
0acecb302110ba2c93e5e17b283916a92da7a30feb1f9b101a030ba54e14125b
0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
132d57a4a149305b69addae71121eede5194c86d26beec45d4395058bbafff63
15bd44ded791bf9220dcd55602b962123be80784c7d3f7e40bdcaad56bbd4188
1624ea9c3e84876c1434a9ccc8a546ea83a8b9235e3a392a9d0e55e9eeef3cc7
166ffb156fe893d301169ee0023b387cf7e22535c89aa8112b0ed07e87d46928
1683bf67bf7e9ed81d1b1d42e95f3c58d7c292e0e20e88b101f7dde8ce3a9799
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
16ffe2612271f116f827487906e09fae6278831ae2643d14f6dd6b908cbf4640
1a707ebe79188b2e52b8ae9858b9866035b75aa5732efaa09967a4ed573cf3bd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2457a792e7ce0c226930f4c74b8c4f4beaea1895536fcc4ed388cd0f8fcd3188
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
258626dda1ace17cb6474258ef6cac22e32f37225cacbd6082669f5331c5679e
25a63865564e00abd9e05fc65ed7d30131d803164ed89c1f63dc3bf78837d547
2702ac7ec6b0afc2f61a367433acbd7bc22a51845261c7efdebb5feab8155ee0
278d81f885ab79e32863fac9141dc46f77a97166f1c5d2d275b654a18d7d2df7
279e9aed3ee45e5c46cd06e98a998e2157d46dc91621e9d786f85e1bc7779e2d
289c4192a734479377e0d05781ab4337712ec0e7f10c614653d8130dc26184d3
29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8
2b186d6ac9501828aa01a595d7ce1c5d45088fc0e9f36250cfdd2151c3482772
2b83c2bd6fddd39afe7a082916b2c6a1b9e11cd18157192740d4140a68d23d3e
2cc68e21dc2904429f9527c3ca0accef4cb1d595fae7e6bb6dfee9861f82af1c
2ce628395376a2e6978400c6ae017defeb1423c4c458ec3f02de01d187beecd0
2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc
2f786e9379d7e8f9e59c1c85b8e238252d881a58c54142493f710f0aa0c85558
3062ba063ff339e424114dc317f295d355cc1908cd69c4c6248c181c1d092ab0
323a404da27563a474e80ef101218c27d83d425c4a3390b18e9b4cda31cc926e
343f299dd37a8ea8f879300d85ce9c9001feee4edb4ca06cbe79098878aca8f7
38b12f1aa28e1ad8fb546894c0c412e2294d8e3ae7045c1af3c6b88de1665c5c
3a547934f2bbf06d860e17a6e71cb1181669caf01f26fd67c1e55d0102ef077a
3cbc39fb3ef6e187f47bd884106c84c2af99431f3b1ed4496a99f28113d9cb41
3cce1287e6ab9f29e1a8404a6ec0dedd41c0f0e9d9abadabf45b91e3923d1400
3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3edfed9de3dfb87e9518c483f29e6714fe5b9b6f8f482abcaba995c78ae979ee
43c76003151abe11367e89fc9f00b30b1af86b5b2c9d20b75412db2c3425efcc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44414085ed386f969ca7756aa87092dad7128dbd17df5b1de8af2b080d957875
44551d5533bfb798d32df83a8cba77b33e327124b73d30e6fd65077a0f8dc7fb
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
45851a27a10e65475a900ecac16e2b83013465a38c8a377328b667073cc64fb1
4804eeb4c4abffc4e7e36b96935ccb9e3ea97651dfbf522589e5c85be933f4e8
48b0ee0e27c6f0858a216f72019329ef84eaf6c16b5088187da73c0067b497e6
48d600c40b42a7e3a007bdfedb3d650c3f270980d7858c96b95719548b5c25af
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4bfcce2eb34573cd2674f4f9b1be763356c4c980569ea3a4e597e50649a3b4a1
4c0f8cf23d4d87f037b07b227f64f35eefb1d51556c66250811ea732137bbb5c
52dfe1f368cd8f19e7c6ccf93c9f43fd5a5b7f999232ea83fd555afdbb8b1fa4
530f249bd7f75b238193ca111f7d4a0c42e5670a94667bffe560700362293e30
5650c77caa911f5647e0950bcd5e01e5e081dbee902c324fce263b7f53b84339
56545f5f019ae2189814354168bcde6929caa770b0456023c9dfff299b54b41f
56d474d8db9a1a4745ce4db1b7daac26eaf92c99c16e21aec49a1d68953e8ff1
57ba81b65998bca856d531df13c24697e3dfdb6c22dca26e0d278b7723dabacc
594e62753fc4706171d8d844b29bebc8810ca449cb54d02e4e29a76c1b3ab150
5a82eb4722ebf7a112165f1344e4fbeba3d10bf75e4b4dc0e71c26e06405bea2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5d0d189929be726440ffa3ea6d5261a50f698f458fb224aea6bff8a55dff02e6
5e27725e64d6d9f8b0ffbf3f35f8fd0c986304e2a2102f52e123097d03b4f565
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
6289a67bc4acdbdafbc49c8db8bee69deaca8a0a5a9321011b96e2cc9c242eba
62c09ad56c9aa55a82df55f5d3e8690f71b42b9b3389262b51bf0e7ed7d8f8fc
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
634c0dd94c32f079ff2c30cbe7292dd1ce8bece634723cab4fabb0f1d36d1d9d
6644f530646a94a44f175707fb76af875cdbdc199ed89565508f440427a943a9
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
69b76ac660e24481b74351762f637a45949ba983c119c295d34a514f97e57a69
6b730fb0e44727ac5dcd87181f7325f04a8376cc7971634214e72c96c3e38639
6c4e51133ba62e7cdcde19397f519e6a0431ed30d488b5625cbfdd2309906f1e
6d14518724e7fc0ba99c1dc3d79d1e48dc8ca2ed08c83d967a17852bdbaf3703
6e069a03fc94f1093687bd1dc24f5532070ca41b7c53ceb0137e1cfbcf9b4797
704853ae58ea060d04030888f1b5fb3c8f1912e9e1eb28d047c8b69e1450953c
728e18a87209d9effd0e039984afda4b0e4ad04df1a33df0cdf748646ff18838
737e8eee5ba2327154de4eff16a6aff9ce47b7d83977dcca8f7b09f516293823
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
75e808920512bed31b5e90fa2438167bc5bbd972f5a79d1183a5ffee1d0487d7
780905ac863ac271412b2dbf1a68c56d5f8a7200c8673d7733e25a2e4194ea4f
795b08ccf6fd23c27eb3eb01f10bfed422c2af7c25be6475c4cb7866f2263f09
7b57c1173c9e6e35bbd38667aced791f010536505c46fb05ce128b8e8bdf3dee
7e2f1e7e082d75ba1a052dabfe84dc16b855c1a1afe0a67857b91261cbf4099f
7ef936f2adb36ad65a54af6f588cb755c8e7eaa81cbeda60b8922e1ec635f705
7f6f6f6d18be8bf6359ce49cf949cd1f9e51d74f85550e5325e20517726a85d7
809a151fb6c0aa53b9a7b79d2e7539b64a26d49298512eef1ed6b43024ed0ccb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b0ba8ac2888f7d915560aaf97cf1087545240c039e7bbe7ad98aedebb4e2db
86368c141a45e1f09a2bc1a22ef8a51308a0e7575147b6647d695a16cf060841
8656a625a0d02ad7c895a5e8ceaeb3c0b6faf432f4ef2493a77854db114d7a0c
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
89f7685698d5d08607f42378368dae63e8b808c5eec563cde372017c560dd466
8a36bd6ed9dcbb6fc741e7e5833901d1f5c39a4d4ee8a4c5886d0d925cd6e61e
8b73cf59c6bef434696cec05f55ac95e2f0e464d74ce0b2bd02e6f11f7558f97
8c0d81307b185313dd128991d64e74fd9708f4730e236c3545e2da332c3b127a
8c4343145dc98656a76ffdd570f8e2fc13009f3acf9fbb520d6d8c39ebc5eae0
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8fed91c9fafee5b3a740b9996f1dc2372ad0a8684832575e2b75387a1c1ecec6
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
93d9e30c89ec182aaaf2330ba6f87a6cf9e97eb33df03c60f48288cb032e3b3e
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
95d983f57f971d5aed3ac4f1376de3a67bf97918b8d88a4a8636fc856c140914
96117e861a7bb5ac2b75e14eba59cb0f23289ad6d1fe7a74ec66f1b3487b1a3c
96ae38ff7d58d9add5e90b368cfac5eafbc6fa83b3349b744ab17a72af09d51b
992851e6a109ef096e17ece547dd681abfb670a12691cd141b329d4fc54935f0
9a58bbe9a737679707bdcbf60ab3239d554f6e06bd9bf613b509d9badfd88ed6
9b9df56314a2a21d3816028befc52e765835a97f0f84a5f2ae48db2587235a6f
9c92af3433b010e27586ee624b0ee1f9300555784a65cebf51f860c98d5ebfbd
9fb16385a3573013d1274831f25277f2f657c0732f61c79ef9923d2d5042176a
9fcb26c87712320932ea7fb2434ba2737af71b6e96dd238dbcb312e454992837
a0ba06c552e885443d584f35bbbd6a5f279b8cbe0b29b4fba424b7adb37d404b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa
a2e1a9c311155d4e51bc92b14b3873efe85d84df6e928fe1cfa3f5cd55a1254d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e5713d7c16b8aeb4dcb33dff0c3f12c952a47d72bc6c7d495e8ebe77542603
a553b2112ba12b9a7abe295410947f8a45889fef87b04fd16b34643ec9e6f6b8
a56496639ad05630327b7d4ab8b4ed90fba77bf10ba9a032638b3227f4ebb575
a8b5f800ac1ed966c4752e71874193ab8a145dc8ea2f38185211c0cab3bf80dc
a98d2aeac444e811f992f351abd99028b0234469f3ba0d0b5c1b5bba17252bdf
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab3f190a1ef8f9d5291fc76e1dcd3d0c33a7773d014089ece08533dba0bad79a
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
abf113495892c5e90e509edd9ae2711bec6fa2348772aa231e44f2c696d28148
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9
b1fd97b046e4c07e0b7a7ce9ee65ef57aea3d259e89d4f5208d96916c4ecd3d6
b8f5b2909ccaefb9e93117f7efe5478f1a806c6c31bc6b61136ab3c3d152d4ca
b9b68a0ac8609ab3ef0effe6d46405540fa245b0d44649f1552b7b99b0712982
bb848bf948e2089812b678a2a9549af79c88ba869bb1d6f096aed85ed47b5699
bd3225db7f54e1adc3da516b35c61c5eaf872b7e48fbebc6d56fb964444452e5
be1766b58276dda7b342922f8a71939e76eb00353fb0f044b1a76694d4583dbd
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bfbf3d9abff305b811e7799fc9d088efc092005fbdfa746abbe2517ecd543e0d
bfd087116b2837334ac083c460216382cbd5b7f68fb943ccd74a036afb05830a
c1fb8184804805ddfbc5dbfc8ffcf9f6a8e3f161a9e3f55468163bf13fa1b1d0
c2e6aa1b0b6927af38461acbc15575103d3f1f0f15b8af6f2c31e16a73cd2466
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c650e4060b014920f3496b56f6fc1ba0ea77ea1bfd25e4d172e5d265879d552a
c7e50590590aac4d7811a65db688b8dfa154d207fe4dc7c94df9b7f517faae47
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc531716f962faef2f83fd9aefd9c2f421dd49fa1ba6ab3683780ce2e6c7404f
cccd2dc8559a4645a8704bd7eaf4128bdea5676630c5fe8a8a6253eca2e2eadc
cd9b7c9c828e72145f61491bc7422f325be7c3ec11f9e0b2aa06e887810da132
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf585d3ef2d31bb7f5d58b8706855be0c9d4bf392c62fe7018f8a96e098b6bd2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d15ce93f61019de3595baca581f971fcc4089ce23ca6eac9e62ab215daf72f4e
d1656f95d247cdd53198a4203def5a836555ec11b2b88f8a0907766562d273dd
d17c742fafb2251c09b0a4807d00e0f1f12da2b7b0bcbf546bd931c48998c021
d2d7c8e9c51b464522b90331811e0a269031976409dd737de9cd4205e587f28e
d4fca4173a9186b75303d0c92cc2591005c289a17fdac7c1e3f3867084da5034
d53796fa295c1a584c75c03e30c1497fcaaeb3ab78244add2d8b6bd377e406d4
d5f557f40390d9f214dff3e4b0bb4de1ecc2136561baaa0851ba3903ad186fdc
d8b68a0c533f80534ba39db48b7c2af1e8c81450bb0b308102765950e7618606
d90edda7a67718fc12463cc71bd9c808356409839b987b380383da699eb3b41b
daf01eca5e7392e4b6438d6d55f859532d9466c70c22e6dbae67dec7cbd9e5a4
dc3ae907f95114f07e77a7b04bda0a4db89bead93fbded29c96ae1816a744736
df21751a7aead3f9ca513fcc34dc5c257b6efe3ddbfedacea2a2b50651dace05
e0ee9666e7a26d0e0b170585ea46784a25a8c9f31ee99ba6f1c9b375a00ff396
e2220a4b87c4fe33b87e20331d567f24b3c9d2199c2d75b691090cea85afad82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8e88d8a01107425c46ecab9b37059edf74fa766e001f0a13543ad38cf0c82
e40856d91053685f1a0064622843157bb5d0fe60f5dd8a59f1bb53d5d1678dae
e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a
e6564fc8a5fb83d8ff12067fc809c7c092a43545f4a266fda8bc5f1141a8d6ee
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
e92b2de70cc9b8a5613929428f90f57e24bc18364522b9b4c73ccdb91e516283
eb6bf625da74679162523872665fdd4e95ebd7f067929e36dbe41e334636d499
eb9a238a3269bc2de5de1764998b73502da6dfa97ca3d186d5631372662ea9a2
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eee26a79a3555d648250b1054d10cf6ff3ce0610b6b3e0f99f38ea08a1420d21
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f160a1586a50b7867d2e2c86b0f459139280d68c55b70c7f0b4f93d61ab50611
f26088efe57ff64e40bb35b16634f88dc069ab85ce3e64bedd6d347b6c1b628e
f427108a3bb3749fe663df4b7ae84de3a12794354a6c3398a26d6d32f652a8db
f4290d1b95415c63c669966c50246854e7cbe8375cec496639bb0555bb6e4119
f5111ebc0ecbff66d842cce8bd71a0b88a91ce9ba373d223fdf4751bb5c9d196
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fc1f188cc2029e3681b0fca2423b30cc81d88883200558e5024be6154a0c6329

www.metrotimes.com Open in urlscan Pro 209.104.5.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

256 Requests

99 %HTTPS

61 %IPv6

37 Domains

68 Subdomains

60 IPs

6 Countries

9897 kBTransfer

35000 kBSize

6 Cookies

42 Outgoing links

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.metrotimes.com Open in urlscan Pro
209.104.5.202 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

99 %
HTTPS

61 %
IPv6

37
Domains

68
Subdomains

60
IPs

6
Countries

9897 kB
Transfer

35000 kB
Size

6
Cookies

256 HTTP transactions
6 data transactions