upbeatnews.com Open in urlscan Pro
54.146.143.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi/
Effective URL:
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Submission: On June 19 via api (June 19th 2020, 5:55:29 pm UTC) from US

Summary HTTP 250 Redirects Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 43 domains to perform 250 HTTP transactions. The main IP is 54.146.143.64, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is upbeatnews.com.
TLS certificate: Issued by Amazon on November 3rd 2019. Valid for: a year.

This is the only time upbeatnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 10	54.146.143.64 54.146.143.64	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.250.13 23.210.250.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21f... 2600:9000:21f3:aa00:11:9a35:5280:21	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
10 12	91.228.74.226 91.228.74.226	27281 (QUANTCAST) (QUANTCAST)
2	52.36.30.197 52.36.30.197	16509 (AMAZON-02) (AMAZON-02)
15	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 3	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.58.202.213 52.58.202.213	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
1	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-) (VCLK-EU-)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	52.58.195.54 52.58.195.54	16509 (AMAZON-02) (AMAZON-02)
19 32	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:c600:6:266a:9940:21	16509 (AMAZON-02) (AMAZON-02)
7	13.226.157.199 13.226.157.199	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4	54.194.116.156 54.194.116.156	16509 (AMAZON-02) (AMAZON-02)
2	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
4	2606:4700:10:... 2606:4700:10::ac43:bac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:d200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
2	3.21.65.150 3.21.65.150	16509 (AMAZON-02) (AMAZON-02)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1		() ()
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
4 10	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
56	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
2	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.210.248.12 23.210.248.12	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.226.154.111 13.226.154.111	16509 (AMAZON-02) (AMAZON-02)
1	52.59.125.145 52.59.125.145	16509 (AMAZON-02) (AMAZON-02)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	52.59.74.203 52.59.74.203	16509 (AMAZON-02) (AMAZON-02)
1	54.154.51.227 54.154.51.227	16509 (AMAZON-02) (AMAZON-02)
10	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-) (VCLK-EU-)
4	34.234.137.236 34.234.137.236	14618 (AMAZON-AES) (AMAZON-AES)
1	72.247.226.107 72.247.226.107	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
250	54

10 54.146.143.64 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-143-64.compute-1.amazonaws.com

upbeatnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2s.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-13.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:aa00:11:9a35:5280:21 (United States)

ASN16509 (AMAZON-02, US)

d10ttgjjowsnd6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.228.74.226 (United Kingdom) 10 redirects

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.36.30.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-30-197.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.14 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.202.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.209.131.220 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.195.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 19 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c600:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02, US)

dw7nrwnn2bkh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.226.157.199 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-157-199.dus51.r.cloudfront.net

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.116.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com

stats3.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)

rx-stats3.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:bac (United States)

ASN13335 (CLOUDFLARENET, US)

images.upbeatnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.21.65.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-65-150.us-east-2.compute.amazonaws.com

lo3trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

upbeatnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c57b54d3eaf190e69d6e322e2c750191.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-12.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.111 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-111.dus51.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.125.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-125-145.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.59.74.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.51.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-51-227.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:fa8:8806:12::1370 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.234.137.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-137-236.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.226.107 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-107.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	advertising.com 19 redirects adserver-us.adtech.advertising.com pixel.advertising.com	20 KB
45	googlesyndication.com c57b54d3eaf190e69d6e322e2c750191.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	1 MB
25	ampproject.org cdn.ampproject.org	534 KB
24	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	167 KB
15	upbeatnews.com 3 redirects upbeatnews.com images.upbeatnews.com	2 MB
13	google.com 4 redirects adservice.google.com www.google.com	1 KB
13	unrulymedia.com video.unrulymedia.com stats3.unrulymedia.com rx-stats3.unrulymedia.com rx.targeting.unrulymedia.com Failed	77 KB
12	quantserve.com 10 redirects secure.quantserve.com pixel.quantserve.com	11 KB
11	dotomi.com web.hb.ad.cpe.dotomi.com aol-match.dotomi.com	2 KB
6	proper.io global.proper.io bids.proper.io s2s.proper.io	57 KB
5	sharethrough.com btlr.sharethrough.com	560 B
5	outbrain.com widgets.outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	49 KB
4	postrelease.com jadserve.postrelease.com	2 KB
4	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	3 KB
3	googletagservices.com www.googletagservices.com	82 KB
3	google.de www.google.de adservice.google.de	937 B
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
3	pubmatic.com 2 redirects image6.pubmatic.com ads.pubmatic.com	1 KB
3	3lift.com 1 redirects tlx.3lift.com ib.3lift.com eb2.3lift.com	975 B
3	googletagmanager.com www.googletagmanager.com	98 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	744 B
2	gstatic.com fonts.gstatic.com	22 KB
2	lo3trk.com lo3trk.com	5 KB
2	serverbid.com 1 redirects e.serverbid.com sync.serverbid.com	267 B
2	lijit.com ap.lijit.com Failed	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	cloudfront.net d10ttgjjowsnd6.cloudfront.net dw7nrwnn2bkh1.cloudfront.net	38 KB
1	adsrvr.org match.adsrvr.org	264 B
1	brealtime.com biddr.brealtime.com
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	google.be adservice.google.be	1009 B
1	quantcount.com rules.quantcount.com	345 B
1	googleadservices.com www.googleadservices.com	12 KB
1	clean.gg i.clean.gg	104 B
1	sonobi.com apex.go.sonobi.com	860 B
1	districtm.io dmx.districtm.io Failed cdn.districtm.io
1	casalemedia.com as-sec.casalemedia.com	3 KB
1	1rx.io tag.1rx.io	269 B
1	teads.tv a.teads.tv Failed sync.teads.tv
1	ntv.io s.ntv.io	94 KB
0	33across.com Failed ssc.33across.com Failed
0	emxdgt.com Failed hb.emxdgt.com Failed
0	openx.net Failed propermedia-d.openx.net Failed
250	43

	Domain	Requested by
32	adserver-us.adtech.advertising.com	19 redirects upbeatnews.com
31	tpc.googlesyndication.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com securepubads.g.doubleclick.net
25	cdn.ampproject.org	d10ttgjjowsnd6.cloudfront.net
20	pixel.advertising.com	upbeatnews.com
15	securepubads.g.doubleclick.net	global.proper.io d10ttgjjowsnd6.cloudfront.net securepubads.g.doubleclick.net upbeatnews.com
13	pagead2.googlesyndication.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
11	pixel.quantserve.com	10 redirects upbeatnews.com
11	upbeatnews.com	3 redirects upbeatnews.com d10ttgjjowsnd6.cloudfront.net
10	aol-match.dotomi.com	upbeatnews.com
10	www.google.com	4 redirects upbeatnews.com
8	googleads.g.doubleclick.net	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
7	video.unrulymedia.com	upbeatnews.com d10ttgjjowsnd6.cloudfront.net ajax.googleapis.com
5	btlr.sharethrough.com	global.proper.io
4	jadserve.postrelease.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
4	images.upbeatnews.com	upbeatnews.com
4	stats3.unrulymedia.com	upbeatnews.com
3	www.googletagservices.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
3	adservice.google.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
3	s2s.proper.io	upbeatnews.com
3	ib.adnxs.com	1 redirects global.proper.io
3	www.googletagmanager.com	upbeatnews.com www.googletagmanager.com
2	fonts.gstatic.com	upbeatnews.com
2	adservice.google.de	upbeatnews.com
2	lo3trk.com	d10ttgjjowsnd6.cloudfront.net lo3trk.com
2	fonts.googleapis.com	upbeatnews.com d10ttgjjowsnd6.cloudfront.net
2	rx-stats3.unrulymedia.com	upbeatnews.com
2	image6.pubmatic.com	2 redirects
2	ap.lijit.com	global.proper.io
2	bids.proper.io	global.proper.io
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	widgets.outbrain.com	upbeatnews.com d10ttgjjowsnd6.cloudfront.net
1	log.outbrainimg.com	widgets.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	match.adsrvr.org	upbeatnews.com
1	biddr.brealtime.com	d10ttgjjowsnd6.cloudfront.net
1	eb2.3lift.com	d10ttgjjowsnd6.cloudfront.net
1	ib.3lift.com	1 redirects
1	sync.teads.tv	d10ttgjjowsnd6.cloudfront.net
1	cdn.districtm.io	d10ttgjjowsnd6.cloudfront.net
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	d10ttgjjowsnd6.cloudfront.net
1	sync.serverbid.com	1 redirects
1	acdn.adnxs.com	d10ttgjjowsnd6.cloudfront.net
1	amplifypixel.outbrain.com	upbeatnews.com
1	tr.outbrain.com	upbeatnews.com
1	c57b54d3eaf190e69d6e322e2c750191.safeframe.googlesyndication.com	d10ttgjjowsnd6.cloudfront.net
1	www.google.de	upbeatnews.com
1	ajax.googleapis.com	d10ttgjjowsnd6.cloudfront.net
1	ads.pubmatic.com	d10ttgjjowsnd6.cloudfront.net
1	adservice.google.be	d10ttgjjowsnd6.cloudfront.net
1	rules.quantcount.com	d10ttgjjowsnd6.cloudfront.net
1	stats.g.doubleclick.net	upbeatnews.com
1	amplify.outbrain.com	d10ttgjjowsnd6.cloudfront.net
1	www.googleadservices.com	d10ttgjjowsnd6.cloudfront.net
1	dw7nrwnn2bkh1.cloudfront.net	d10ttgjjowsnd6.cloudfront.net
1	i.clean.gg	d10ttgjjowsnd6.cloudfront.net
1	apex.go.sonobi.com	global.proper.io
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	e.serverbid.com	global.proper.io
1	as-sec.casalemedia.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	tlx.3lift.com	global.proper.io
1	secure.quantserve.com	global.proper.io
1	d10ttgjjowsnd6.cloudfront.net	upbeatnews.com
1	s.ntv.io	upbeatnews.com
1	global.proper.io	upbeatnews.com
0	rx.targeting.unrulymedia.com Failed	upbeatnews.com
0	ssc.33across.com Failed	global.proper.io
0	hb.emxdgt.com Failed	global.proper.io
0	dmx.districtm.io Failed	global.proper.io
0	propermedia-d.openx.net Failed	global.proper.io
0	a.teads.tv Failed	global.proper.io
250	71

This site contains no links.

Subject Issuer	Validity	Valid
upbeatnews.com Amazon	`2019-11-03` - `2020-12-03`	a year	crt.sh
proper.io CloudFlare Inc ECC CA-2	`2019-12-10` - `2020-10-09`	10 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2019-01-22` - `2021-01-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
e.serverbid.com Let's Encrypt Authority X3	`2020-03-24` - `2020-06-22`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
i.clean.gg GTS CA 1D2	`2020-05-04` - `2020-08-02`	3 months	crt.sh
*.unrulymedia.com DigiCert SHA2 Secure Server CA	`2017-08-30` - `2020-11-27`	3 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
lo3trk.com Amazon	`2019-12-08` - `2021-01-08`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-04-14`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2020-02-25` - `2020-10-09`	7 months	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-05-12` - `2020-08-10`	3 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-03-11` - `2020-09-07`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Frame ID: A00FCBB81CDE48621E4A8A4301F150E6
Requests: 135 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Frame ID: 86CC026AE7D16472663F5BB6D240F5F2
Requests: 1 HTTP requests in this frame

Frame: blob://https://upbeatnews.com/1acdd411-ef5b-4d43-a3de-eeebd7d9cd9c
Frame ID: 18F7762D7C91F1FBCD650BEEAACF80FD
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 618ED9F053B9753E26C62ED1D56CE416
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: C846BEF29478D3C3FE6B530072824E9C
Requests: 16 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1669-0-ge7ea92e&siteId=1120340
Frame ID: EED660EAB22CB1FE4CA54A67D8E19808
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: EE7E1E5714D56275D27DCEDC0E128890
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 973F27101BB592B7354A802F5C5A906C
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAOluF2n2y9zsvy2NWWMMr1kAJmmQwikj19wj9cTtAv4SiPa-XHcu3CmyVHjHykLimZhnn_Am9Rv9hwT0QINVPwKaaXcakV_X9q8ry7x3lBPA2mqqx03y6OdJAGB_IsANd7rPLTVk91327MUWLEUWWD9J7LICbnbDYrYTulhbprheLl5txneihVQt-f4UXOjpH_Z4l3Ewqg3GVDPIPhf0l6CdvtBwqRO5ajF-ejrvotHO_y2YRHjZiyG3J-5HJG0UTjy60qDHymcPQW1sV&sig=Cg0ArKJSzH8s6Ymcc6_dEAE&urlfix=1&adurl=
Frame ID: C68FA08A108C94E972501EE99892AE48
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 78E7BBCEF009AF4144208061C27F8CD2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html
Frame ID: 915760FDFDCF47585BD09568122EC167
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=250&slotname=5140430151&adk=2462278425&adf=1842636958&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589298829&bpp=30&bdt=99&idt=79&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=347321712647&frm=23&ife=1&pv=2&ga_vid=1053232024.1592589297&ga_sid=1592589299&ga_hid=1962466816&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3179&biw=1600&bih=1200&isw=300&ish=250&ifk=673758767&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2961248379396228&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.acdki3ur2jij&btvi=1&fsb=1&dtd=98
Frame ID: 823FF36734A7A64B4ADB5ADE00EDE212
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: D2CA7A1E7602FAAD8E179F25E64841DE
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXwatV2VZdYBHD6xIF98H7k9gO42UU_ivw3SNGqTX-EPvI1d4XFhs422GZ17qT61-xkgvYbiCwnzEg6mBnHdL2SjGcAj9OeUwtLaWMOkaIC0SWkzARx72NNITYBRFi8r5F__vVJPfLik3IS8bQzBhJnsLI6lqphv_yTy04WMgU3wb9OEeJf9VXAep4vhF0cpjQ6VBldGoOLVvkCE8LVcmuO3D56_Z1KP8-erbwTyetPMM2NezbZToAn0QLsBByXT7hitPIfqMF43OzzqpN&sig=Cg0ArKJSzFOQLEK84HxDEAE&urlfix=1&adurl=
Frame ID: 19B01E56120AE2725B1DD0B72A68B7C0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 4480B5D38B83AEDC0FE3E27E792E4E6C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=90&slotname=5140430151&adk=850169076&adf=3151382141&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589299325&bpp=7&bdt=48&idt=91&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=347321712647&frm=23&ife=1&pv=1&ga_vid=1053232024.1592589297&ga_sid=1592589299&ga_hid=705940842&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=366&ady=3572&biw=1600&bih=1200&isw=728&ish=90&ifk=1777893847&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=1090673357478494&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.4mntc8c9deyr&btvi=1&fsb=1&dtd=97
Frame ID: 13769065288A4F1400ECAF8B14D4AC5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: EABF09E487E7EBC137E53CEF7A681DDE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 2230B6A9E1511256881829C9F9A48AB0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E168ACB7E1D8C80C36E55E04F3F5CECC
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html
Frame ID: 1D3E439EDC98E536143DB231DD4DF4FD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: FB9D3A6159B39D9CED7AE769D00F1582
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: 96D41C17B04E7F5C0BE72DF56F818067
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 04F1587990FFDC83E8035B8764D5C1D6
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 48974553D02AF4FDEE4D10F3BCCC3591
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: EF57F46C12C1CCA9F016F591D92D94C9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: E92495F5EB1919FC5062ED73A49A70DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi/ HTTP 301
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi/ HTTP 301
http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi HTTP 301
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /widgets\.outbrain\.com\/outbrain\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

250
Requests

94 %
HTTPS

36 %
IPv6

43
Domains

71
Subdomains

54
IPs

7
Countries

4712 kB
Transfer

8372 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi/ HTTP 301
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi/ HTTP 301
http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi HTTP 301
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%24UID&callback=window.proper_4888aee5_3ea0b213_2 HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%24UID&callback=window.proper_4888aee5_3ea0b213_2&sovrn_retry=true HTTP 307
https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=c7f030a392e2be943a8f2597

Request Chain 25

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%23PM_USER_ID&callback=window.proper_925b2217_ea633fb3_3 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%23PM_USER_ID&callback=window.proper_925b2217_ea633fb3_3&rdf=1 HTTP 302
https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=5658D330-0C52-4C70-9830-83A4A45E31A0

Request Chain 26

https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Ddistrictm%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%24UID&callback=window.proper_088b6a41_b77fe6fd_4 HTTP 302
https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=2356199172082825168&callback=window.proper_088b6a41_b77fe6fd_4

Request Chain 29

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1Afbe952d8-b255-11ea-8ed2-120d915f11b6;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1

Request Chain 30

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1Afbc1c966-b255-11ea-8888-12c8450abec2;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1

Request Chain 31

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589295207;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589295207;bidfloor=0.1

Request Chain 34

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589295208;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589295208;bidfloor=0.1

Request Chain 35

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589295208;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589295208;bidfloor=0.1

Request Chain 36

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589295208;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589295208;bidfloor=0.1

Request Chain 39

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589295209;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589295209;bidfloor=0.1

Request Chain 40

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589295209;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589295209;bidfloor=0.1

Request Chain 41

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;apid=1Afbbe1da2-b255-11ea-b2ef-123c39a1c2a0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1

Request Chain 44

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589295210;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589295210;bidfloor=0.1

Request Chain 47

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;apid=1Afbc057de-b255-11ea-942f-12d220623a1c;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1

Request Chain 49

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;apid=1Afbbfcde6-b255-11ea-bf62-1279d50753f0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1

Request Chain 51

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;apid=1Afbc1c77c-b255-11ea-8e59-1237df373440;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1

Request Chain 68

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1254916019&t=pageview&_s=1&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ul=en-us&de=UTF-8&dt=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2079009336&gjid=1792232119&cid=1053232024.1592589297&tid=UA-75975501-2&_gid=766343640.1592589297&_r=1&gtm=2ou6a0&z=479695424 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=1053232024.1592589297&jid=2079009336&_gid=766343640.1592589297&gjid=1792232119&_v=j83&z=479695424

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 208

https://sync.serverbid.com/ss/1030626.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html

Request Chain 211

https://ib.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync

Request Chain 216

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 218

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 220

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 223

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 225

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 230

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 232

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 235

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 238

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Request Chain 243

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

250 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi Show response
upbeatnews.com/
Redirect Chain

http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi/
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi/
http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

17 KB
7 KB

380ms
379ms

Document
text/html

54.146.143.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-143-64.compute-1.amazonaws.com
Software: Apache/2.4.43 () / PHP/7.2.30
Resource Hash: 8d581fd04f9ebf7c7f9b321afec8c44088a6380f6d062f4312fbe442ae992609

Request headers

Host: upbeatnews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: AWSALB=Oq3k+I8U86JD/15qbI+PJICl9iuhb0EC6N0MRyx5rhajEhiNnzrPb6iCsrI+PjbfTZD4A0rsHYfyhVJNmxoXE6enUL3RcIV21GSFtK9ZuVKGsix9Z03rU97KG1ns; AWSALBCORS=Oq3k+I8U86JD/15qbI+PJICl9iuhb0EC6N0MRyx5rhajEhiNnzrPb6iCsrI+PjbfTZD4A0rsHYfyhVJNmxoXE6enUL3RcIV21GSFtK9ZuVKGsix9Z03rU97KG1ns
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4866
Connection: keep-alive
Set-Cookie: AWSALB=GZMLy83iCElG1zcwxsi2pTWo3ggk/ao13uIXKAaAWZGmGYkIqpKpR9Gns8VZaBAC+iG3d0U4NjQkFWysns8SvjE9TkRwI1/v2Rt/Z5WBsEuiQM8dhKz5vXkLHahc; Expires=Fri, 26 Jun 2020 17:54:54 GMT; Path=/ AWSALBCORS=GZMLy83iCElG1zcwxsi2pTWo3ggk/ao13uIXKAaAWZGmGYkIqpKpR9Gns8VZaBAC+iG3d0U4NjQkFWysns8SvjE9TkRwI1/v2Rt/Z5WBsEuiQM8dhKz5vXkLHahc; Expires=Fri, 26 Jun 2020 17:54:54 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6IkU4VWlNZXl0NnpWb3hOZ3dqcW5aYUE9PSIsInZhbHVlIjoiYlQzR2c2WU94YVZ3dTJ3WW9qV3lNNkMrYitIUTF0OUpSZ1pYVDhTZ3VwUFg2QzBQN2QxQ1NxQm42MUw1Z0VtRCIsIm1hYyI6IjFmMGE2MzRmMGIyZjU3NmRkNjY3ZWY3N2M2YzJlOTVkNDM2OTIxMGM0NTY1YzBkMzE3NThiZDJiODMwZTE2N2EifQ%3D%3D; expires=Fri, 19-Jun-2020 19:54:55 GMT; Max-Age=7200; path=/ ad_splits=eyJpdiI6ImpWWlVrb0hPa2tLMDJua2d0ZDAySUE9PSIsInZhbHVlIjoiSE00ZG0zRWNsZGpleGlrNnR6dTZ5VzRuVVNnTVhjK0Z1dkxjSExUT2JsN3VlQlRLSXRteFUwdGE0ME1IN0J2K3Nick5VcTh4a005NkRreWhyb0duazNkUlwvM2xSTjByVWNcL3QyQ1BXT0J3YVJJb3ZicHRYUGtQZkFPMlozTFZOeTNDMDBKWTRNdmVoNW5oUFM2OW5sazc3MHZyY2MxVGltb1JsOFwvNFlLM0RSdW9wV3h6aE5wWXlLcVpCUFZQZGZNWDhHQUErekYyb3VSVG91REFmTEZlazhkRmVJNnVOWjVTQkd2UmFuSDVRZnpsXC9XRGtNNlF2dDdKcDU1NEx2WGNrdE0rN2kxeXFwc0NcL0UxMmVCSW0yKzBoZzJIa3prYnJ3Mk1ESTJsZTdFQlwvT1F0Kyt1MzF1K2JWdzV3Zld6U3BuWTBkODBqS2VcL1wvQTNQQ0JWNDdFbTdtOFB4ZFJtZElQMVViNU00dEFkVVd2bFwvT20yWHk3U0IySGhrUGl2UXROS1B1dVQ1ZmwrZCtadnJiUW45WkZcL2ZBRjBYRm1KYU9YWFNSZElPWERqczk5OVwvZ3ErS25QOXhaS3VFNFcxeWJZR2xmZkt6RmhcL21YUmJOQ0VzN1UydmJ1UUdmT0NPZER4VWlNVkpRK2QxNDh1WUdXU0FJSmNrQU1IbE1Pd21Sb0tDcGxNclQrK0RLM0JSWFJKUkJmbkdJTFY0UGJVWXhjRmNCcURJUE0rZDlwbytWVGNYcm5xN1wvZFwvK0xtZWRRUmtUQTNzZkVYM2lpMkljYmdtdTNCZUdlXC92YnRNak1IRmdyR1JiYmg5RjJlZ3pIK2xtY1EyV25XTExOVWJETlVoU00wblNzUWJjUTRSVUZocVdVTm92czVhZmJENll4cWdlYk5EdzFqUGpaTGs3Y2VOMWV2c3JuYThVNlpjSUZvRkhVa2QzSTV4RXVJTmRsZHZYUjh3WCtUY0VkZ1hkWldSWWpzdjdwMHIrc1hQNlwvc0hucmZCK0oxak0wc3N1QTRORkVHNEkySHJPcW56ZFVnNVUwVmlxVEJ2RmpPQ0lBa2dPUEwzXC9lNm02ZFwvNDJESmVCZmVjKytUUVlvelpkNW9VYjZubDVidFBuNm5aVEVTa29QSkZlU01qdjN1OTBxd3ozXC9iK2ZzMHFuTit5QUl2UWlTK2cwMVBoVDhGQ1AybjZBb3hzZkMwZ3FITzNmODFGZUgrbFlFNjZvcjBuck5QS1VZVEQ1MG8yZkpyeGY2QXdGaFZoZlVlcXBla2VqYlRVUVwvMThJRVlmMXpsSFc5dXlZM3Jtb2ZmdmdmUytrUGh3K3VrNzREYXZXUjVialNCejJnR0ZIZjM1SUdsT3RhMnQrUG00MXc0Z1o5UGN5cDNmTml1dThSTHRkY293KzhcLzhka0d1SWlURmFHYnR4MUhVcXJXXC8wRFI1TUVaaWcwbGJlIiwibWFjIjoiZDlkOTYwNjA0OGUxMTU4ZTM5ZWUyYzU0MDRhYjk1NjE0ODVkMWFiMjk1NjQxOTk4Nzc3MGVmY2U3ZGIyMTRlZCJ9; expires=Fri, 19-Jun-2020 18:54:55 GMT; Max-Age=3600; path=/; httponly
Server: Apache/2.4.43 ()
X-Powered-By: PHP/7.2.30
Cache-Control: no-cache, private
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: awselb/2.0
Date: Fri, 19 Jun 2020 17:54:54 GMT
Content-Type: text/html
Content-Length: 150
Connection: keep-alive
Location: https://upbeatnews.com:443/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

GET
H2 200 upbeatnews.min.js Show response
global.proper.io/ 214 KB
57 KB 50ms
32ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/upbeatnews.min.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a582dc7075847985960200027d68ca07dedaf4c15b18f085893805ce54781f9a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 May 2020 20:56:05 GMT
server: cloudflare
age: 1938978
etag: W/"5ec83c65-35674"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=300
cf-ray: 5a5f1e367afc178a-FRA
cf-request-id: 036f51360c0000178a6d0f6200000001
expires: Fri, 19 Jun 2020 17:59:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75975501-2

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38b8d064e1a92195b1fad638407f7b77997c8c7e261dab7122ab25b9f51575ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:55 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33259
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jun 2020 17:54:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858332707

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25314a2204872bc1d65bdefd20c7b06721e38f3c30fe663b5e8ce4a5cc9d9495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:55 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33249
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jun 2020 17:54:55 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 134 KB
45 KB 15560ms
49ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5d297fb22336630fd42f7a7bb883542ddb70cba5ec6a616ab3e3d415ff5cc33

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:55:10 GMT
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 08:04:06 GMT
status: 200
etag: W/"2161f-TyrWfkg28gOVnQ0g0Ohxe1xWN6c"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 45734
expires: Fri, 19 Jun 2020 21:55:10 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 321 KB
94 KB 7626ms
49ms Script
application/x-javascript 23.210.250.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cc36bd8e62f61a3f16b7bfc9289f64751f9f3ea51edeb87a9ec4de6dbdb1d1dc

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:55:02 GMT
Content-Encoding: gzip
x-amz-request-id: 3D854226F5E15722
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: B1ouID9DmgUKBiND+1qPIcE1V9ICGithCj+/I2nfiP0+QrOZSoWna+/k6pVrkuB9eimidIoBii4=
Last-Modified: Fri, 19 Jun 2020 00:43:11 GMT
Server: AmazonS3
ETag: "17e840ee182dfe43a640923e158c9b29"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 script.js Show response
d10ttgjjowsnd6.cloudfront.net/ 107 KB
36 KB 68ms
13ms Script
application/javascript 2600:9000:21f3:aa00:11:9a35:5280:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:aa00:11:9a35:5280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdab644b4bb7c94c8aa76816e07fd96291df886490cc418b8880c18057a386b1

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 14:49:32 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 10:28:04 GMT
server: AmazonS3
age: 11123
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: J-hnFAQebuSKbNnA3A4j1WyyBChaU0jJIQfEfNDJdzqjkRnA_ZJTcA==
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75975501-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3517
date: Fri, 19 Jun 2020 16:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 19 Jun 2020 18:56:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 22ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858332707&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75975501-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aeddc01f6b3ddd62d979eea63b0f8f4379a3c499fda6ca603d5c515e7381b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:56 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33270
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jun 2020 17:54:56 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 341ms
31ms Script
application/x-javascript 91.228.74.226
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:56 GMT
content-encoding: gzip
last-modified: Fri, 19-Jun-2020 17:54:56 GMT
etag: M0-4cca824e
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8082
expires: Fri, 26 Jun 2020 17:54:56 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 974ms
192ms XHR
application/octet-stream 52.36.30.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.30.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-30-197.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Jun 2020 17:54:56 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 46 KB
16 KB 340ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

5284eb87b0f55bfaecda2547d2c8b4c256934996233bc113ea909ce5917d2557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "547 / 659 of 1000 / last-modified: 1592496527"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15567
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:54:56 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 819 B
1 KB 393ms
98ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2a56675ca2e0bddb4fc02ed370b45a83fc3a3a4d43608b70ac02769b87121d86

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9996102f-800b-4a0b-96e2-4819a16cb094
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://upbeatnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
475 B 1431ms
101ms XHR
application/json 52.58.202.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.3.0&referrer=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.202.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:56 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST bid-request
a.teads.tv/hb/ 0
0

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/80520/0/ 0
269 B 1144ms
47ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/80520/0/mvo?z=1r&hbv=2.3,1.0.2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://upbeatnews.com
Pragma: no-cache
Date: Fri, 19 Jun 2020 17:54:57 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
3 KB 1483ms
142ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22585522463%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22upbeatnews_side_2%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_2%40160x600%22%2C%22siteID%22%3A343551%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_2%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_2%40300x250%22%2C%22siteID%22%3A343552%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_2%40300x600%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_2%40300x600%22%2C%22siteID%22%3A343553%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_1%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_1%40160x600%22%2C%22siteID%22%3A343548%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_1%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_1%40300x250%22%2C%22siteID%22%3A343549%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_1%40300x600%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_1%40300x600%22%2C%22siteID%22%3A343550%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_3%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_3%40160x600%22%2C%22siteID%22%3A343554%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_3%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_3%40300x250%22%2C%22siteID%22%3A343555%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_3%40300x600%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_3%40300x600%22%2C%22siteID%22%3A343556%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_content_1%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_content_1%40300x250%22%2C%22siteID%22%3A343545%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_content_2%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_content_2%40300x250%22%2C%22siteID%22%3A343546%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_content_3%40728x90%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_content_3%40728x90%22%2C%22siteID%22%3A343547%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_sticky%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_sticky%40160x600%22%2C%22siteID%22%3A343557%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e59641d6-eb92-11e9-a488-69e3386c7506%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&t=300&fn=window.proper_302fb7e3_ae9ff81a_1
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 465c3811aa06576937627f499daaa2b0147f2cfc06066aa003f34298febb956a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:54:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1783
Expires: Fri, 19 Jun 2020 17:54:58 GMT

POST bid
ap.lijit.com/rtb/ 0
0

GET arj
propermedia-d.openx.net/w/1.0/ 0
0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
168 B 1284ms
89ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 200
date: Fri, 19 Jun 2020 17:54:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
content-length: 16
vary: Origin
content-type: application/json

POST v1
dmx.districtm.io/b/ 0
0

POST /
hb.emxdgt.com/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 141 B
1 KB 427ms
40ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e6cea26e415b9ce05dda20b49edcdbcfc3de7a87e51ad08c2410fa63d6eac834

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:54:57 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.76:80
AN-X-Request-Uuid: f036a568-2413-46b3-8aeb-45dfd6f5ae69
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://upbeatnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 141
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 611 B
795 B 39ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 844328005fd847ceed851b871d8435eeda1a280c58ccc9afb9d2ce31c88c3387

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 611
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 412 B
860 B 1190ms
106ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2263a5d6ef12e2a057dcd0%22%3A%2263a5d6ef12e2a057dcd0%7C160x600%7Cf%3D0.1%22%2C%22396393cbd38bea1a33bf%22%3A%22396393cbd38bea1a33bf%7C300x250%7Cf%3D0.1%22%2C%225cd1a09873ae3b50324b%22%3A%225cd1a09873ae3b50324b%7C300x600%7Cf%3D0.1%22%2C%22f70a92bebba876873ce7%22%3A%22f70a92bebba876873ce7%7C160x600%7Cf%3D0.1%22%2C%2289720839db73443ddeab%22%3A%2289720839db73443ddeab%7C300x250%7Cf%3D0.1%22%2C%22467da6f5561cff46ab1e%22%3A%22467da6f5561cff46ab1e%7C300x600%7Cf%3D0.1%22%2C%227936706d92bcb369326a%22%3A%227936706d92bcb369326a%7C160x600%7Cf%3D0.1%22%2C%224e751c2b14a91a229409%22%3A%224e751c2b14a91a229409%7C300x250%7Cf%3D0.1%22%2C%220a3c20009e26ac14f172%22%3A%220a3c20009e26ac14f172%7C300x600%7Cf%3D0.1%22%2C%22f6d96af2b6f3f7522267%22%3A%22f6d96af2b6f3f7522267%7C300x250%7Cf%3D0.1%22%2C%22832faf94ca85425931ce%22%3A%22832faf94ca85425931ce%7C300x250%7Cf%3D0.1%22%2C%22d2e44b65e94e4a8b846a%22%3A%22d2e44b65e94e4a8b846a%7C728x90%7Cf%3D0.1%22%2C%2214ba32cea427a6e17f6f%22%3A%2214ba32cea427a6e17f6f%7C160x600%7Cf%3D0.1%22%7D&ref=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&s=84edd576-f0cf-4868-a346-941806fe19bb&pv=a73b4c62-ba9d-4d8c-b3c8-52e9246ed0da&vp=desktop&lib_name=prebid&lib_v=2.3.0&us=0&hfa=PRE-55951a3d-4785-4e9d-b201-b04b4edb9d83&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e59641d6-eb92-11e9-a488-69e3386c7506%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c4956f969e4b8b50918fb462e80badadcc54d7bf4c23638743b47021d50f5f19

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:54:56 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://upbeatnews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 270
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

530

/
s2s.proper.io/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%24UID&callback=window.proper_4888aee5_...
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%24UID&callback=window.proper_4888aee5_...
https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=c7f030a392e2be943a8f2597

0
0

26ms
26ms

Script
text/html

2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=c7f030a392e2be943a8f2597
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Server: nginx
Location: https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=c7f030a392e2be943a8f2597
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

530

/
s2s.proper.io/
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%23PM_USE...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%23PM_USE...
https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=5658D330-0C52-4C70-9830-83A4A45E31A0

0
0

36ms
20ms

Script
text/html

2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=5658D330-0C52-4C70-9830-83A4A45E31A0
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=5658D330-0C52-4C70-9830-83A4A45E31A0
Date: Fri, 19 Jun 2020 17:54:56 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

530

/
s2s.proper.io/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Ddistrictm%26proper_uid%3D55951a3d-4785-4e9d-b201-b04b4edb9d83%26uid%3D%24UID&callback=window.proper_088b6a41_b...
https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=2356199172082825168&callback=window.proper_088b6a41_b77fe6fd_4

0
0

16ms
16ms

Script
text/html

2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=2356199172082825168&callback=window.proper_088b6a41_b77fe6fd_4
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:54:58 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid: 1a1436cc-965f-46cc-b54d-a888b7795f34
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=55951a3d-4785-4e9d-b201-b04b4edb9d83&uid=2356199172082825168&callback=window.proper_088b6a41_b77fe6fd_4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 83ms
25ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=eu2bThS5MJA4Amvuq9UXYp9o&bidId=upbeatnews_side_2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:54:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2

200

ADTECH;apid=1Afbe952d8-b255-11ea-8ed2-120d915f11b6;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1Afbe952d8-b255-11ea-8ed2-120d915f11b6;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x...

943 B
1 KB

458ms
458ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1Afbe952d8-b255-11ea-8ed2-120d915f11b6;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: a94b25c76ce7848706d477f7c26b9fcc4dcd2007bdb0d37d493ad21eecf0f33a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:56 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select029c.us-east-1.prod.adtech.aolcloud.net", "UserId": "153CCE8EEF2E62ECF4B26E8CF47BC67A"}}
content-type: application/json
content-length: 943
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1Afbe952d8-b255-11ea-8ed2-120d915f11b6;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589295207;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Afbc1c966-b255-11ea-8888-12c8450abec2;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1Afbc1c966-b255-11ea-8888-12c8450abec2;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x...

945 B
1 KB

634ms
634ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1Afbc1c966-b255-11ea-8888-12c8450abec2;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 07e5ca45e6f15cfee014c1d4dd7c20adb8c6bbb670f14f6b992c7a9537f01a46

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:56 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select011c.us-east-1.prod.adtech.aolcloud.net", "UserId": "0834E267D3E3DBA19F75FFB2F9AF82CE"}}
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1Afbc1c966-b255-11ea-8888-12c8450abec2;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589295207;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589295207;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589295207;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589295207;bidfloor=0.1

943 B
1 KB

315ms
314ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589295207;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 04f04929cbb6334053152ef9c3254799826af91a379178ad82748a6c3d2c04d1

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 943
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589295207;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 82ms
26ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Np6robxjkseLxE8bXTgHc3E2&bidId=upbeatnews_side_1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:54:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2

200

ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589295208;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589295208;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589295208;bidfloor=0.1

945 B
1 KB

199ms
198ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589295208;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: e64cad53d59368857ed070897d8ff3ce8cd41e65d2333ff500cbb5b3917b397e

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select011c.us-east-1.prod.adtech.aolcloud.net", "UserId": "0834E267D3E3DBA19F75FFB2F9AF82CE"}}
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589295208;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589295208;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589295208;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589295208;bidfloor=0.1

944 B
1 KB

173ms
173ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589295208;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ba4e87857ed1fa0827959c3dfa35973dab23b26d4d88a283f01eabfbe66ff47f

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589295208;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589295208;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589295208;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589295208;bidfloor=0.1

944 B
1 KB

202ms
201ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589295208;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: a613a112d62eacaace9bc9d782673272b5cc70d6462f0c0fea9def2b13637f7f

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589295208;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 81ms
27ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=YZmS739wBSUsrb1J6LMLPwFU&bidId=upbeatnews_side_3&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:54:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2

200

ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589295209;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589295209;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589295209;bidfloor=0.1

945 B
1 KB

181ms
180ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589295209;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 4f5aa670fd63f969cf979b7b3c4c6671eaf6f54533b0710ec0dd34e5ad33492f

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select011c.us-east-1.prod.adtech.aolcloud.net", "UserId": "0834E267D3E3DBA19F75FFB2F9AF82CE"}}
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589295209;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589295209;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589295209;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589295209;bidfloor=0.1

945 B
1 KB

164ms
163ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589295209;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 8ec60ff5d72812093576c4a3adeb13968b63fefc034795f6e892d111cb298b69

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select011c.us-east-1.prod.adtech.aolcloud.net", "UserId": "0834E267D3E3DBA19F75FFB2F9AF82CE"}}
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589295209;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1Afbbe1da2-b255-11ea-b2ef-123c39a1c2a0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;apid=1Afbbe1da2-b255-11ea-b2ef-123c39a1c2a0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x...

48 B
197 B

519ms
519ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;apid=1Afbbe1da2-b255-11ea-b2ef-123c39a1c2a0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: e05deae68305ae9da895f1cbd20416c11c6095884c11b4f8880e0b67f5787298

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select017c.us-east-1.prod.adtech.aolcloud.net", "UserId": "593FC72B01F699FE00D35430F5FEB569"}}
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;apid=1Afbbe1da2-b255-11ea-b2ef-123c39a1c2a0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589295210;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 131ms
77ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=XACr4BnrekwjseVj1Gk791PZ&bidId=upbeatnews_content_1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:54:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2

200

ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589295210;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589295210;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589295210;bidfloor=0.1

945 B
1 KB

171ms
171ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589295210;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: b2941dea3a6f578c643de5524605a67a5b1fa09e61344961a4a06361a8dc8777

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589295210;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 95ms
42ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6TECfWJ8a5K7t9fLxmG4CJnN&bidId=upbeatnews_content_2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:54:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2

200

ADTECH;apid=1Afbc057de-b255-11ea-942f-12d220623a1c;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;apid=1Afbc057de-b255-11ea-942f-12d220623a1c;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@3...

944 B
1 KB

476ms
475ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;apid=1Afbc057de-b255-11ea-942f-12d220623a1c;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1753cf0687dcd6d947ccbfcbc92f10e3ca3c8f03d5a23a6077aad79dd52f892c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;apid=1Afbc057de-b255-11ea-942f-12d220623a1c;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589295211;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2

200

ADTECH;apid=1Afbbfcde6-b255-11ea-bf62-1279d50753f0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;apid=1Afbbfcde6-b255-11ea-bf62-1279d50753f0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@7...

944 B
1 KB

512ms
512ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;apid=1Afbbfcde6-b255-11ea-bf62-1279d50753f0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 90ed3b395bd2572209781dd584d3d75f03bc510aca068b0b4fe268bcfa1f43e9

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select003c.us-east-1.prod.adtech.aolcloud.net", "UserId": "7B42B88AA86613D102C9FB2AF72464EA"}}
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;apid=1Afbbfcde6-b255-11ea-bf62-1279d50753f0;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589295212;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST hb
ssc.33across.com/api/v1/ 0
0

GET
H2

200

ADTECH;apid=1Afbc1c77c-b255-11ea-8e59-1237df373440;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;cfp=1;rndc=1592589294;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;apid=1Afbc1c77c-b255-11ea-8e59-1237df373440;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x...

944 B
1 KB

487ms
487ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;apid=1Afbc1c77c-b255-11ea-8e59-1237df373440;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: c37c5be60eb32307e20c0e070761afb14d9b6a3cfd9f1882b4e349e352db1abc

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:55 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;apid=1Afbc1c77c-b255-11ea-8e59-1237df373440;cfp=1;rndc=1592589295;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589295212;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 102ms
102ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jun 2020 17:54:55 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 2 KB
2 KB 15ms
15ms XHR
application/json 2600:9000:21f3:c600:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c600:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d79cbd9933b270b150eae65d47c0651403481c7a44c388e578ec4179688b5b10

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jun 2020 18:20:42 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 84855
x-cache: Hit from cloudfront
status: 200
content-length: 1849
last-modified: Thu, 18 Jun 2020 17:55:01 GMT
server: AmazonS3
etag: "58479709ece30f8918948550f46f848e"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Qw_MMZqXZ_-FxBgL-0NcNK53_QSBBG7vUBtcN9FqtCve15uIeK2FPw==

GET
H2 200 native-loader.js Show response
video.unrulymedia.com/native/ 9 KB
4 KB 1348ms
30ms Script
application/javascript 13.226.157.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native-loader.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.157.199 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-157-199.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1094ab40163ac7cf38f6b8047328beb6c5434e54dc45fc661e2a40b5687ec5f5

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:56 GMT
content-encoding: gzip
x-amz-expiration: expiry-date="Fri, 18 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 18 Jun 2020 12:14:59 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
x-amz-cf-id: CNNPSixxtLsS6GemutQzjgUlxsDaEPs4T6ouwPxjGcv6wtb_W9HvoQ==
via: 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 94ms
35ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
server: cafe
etag: 13497728949557021888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:54:56 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ 43 B
346 B 413ms
35ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1120340&id=894531357&d=1592589296590&in_iframe=false&h=v1.0.1669-0-ge7ea92e&compat=CSS1Compat&pageLoadId=883500815&supplyMode=direct&unr.site.env=html&ts=2020-06-19T17%253A54%253A56.591-%252B02%253A00
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK img
rx-stats3.unrulymedia.com/trackedevent/ 43 B
337 B 103ms
20ms Image
image/gif 213.19.147.150
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rx-stats3.unrulymedia.com/trackedevent/img?event=tag_load&adslotid=894531357&clientver=v1.0.1669-0-ge7ea92e&siteid=1120340&iframe=false&compat=CSS1Compat&pageloadid=883500815&cb=1592589296591&siteenv=html&doc_type=outstream_tagload
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:54:57 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 358ms
30ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Apr 2020 10:37:32 GMT
Server: AkamaiNetStorage
ETag: "d96c66d3880781fb37c90849587edaa0:1587983852.14205"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2563
Expires: Fri, 19 Jun 2020 18:14:57 GMT

GET
H/1.1 200
OK app.css
upbeatnews.com/css/ 204 KB
37 KB 126ms
125ms Stylesheet
text/css 54.146.143.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/css/app.css?v=2.92
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-143-64.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 0bf35b79423e51b44390cede061a950585e6942a3c362cdda1cb6d1baa612d5a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "330a6-5a87182798129-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37575

GET
H/1.1 200
OK display.css
upbeatnews.com/css/ 45 KB
9 KB 318ms
110ms Stylesheet
text/css 54.146.143.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/css/display.css?v=2.92
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-143-64.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 5049dd13e1d95a93b788d16ddbdb742dca57e43ab81d6d80ffa1774219a14c3c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "b31f-5a87182798129-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8466

GET
H2 200 logo.png
images.upbeatnews.com/ 2 KB
3 KB 51ms
14ms Image
image/png 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/logo.png
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dccb479e3bca7bec87d4af01bb7c34c2f7ad6a99dc06e2c5d775e08a78b0f1a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:56 GMT
cf-cache-status: HIT
age: 4537
cf-ray: 5a5f1e402b80dfad-FRA
status: 200
content-length: 2310
x-amz-id-2: ni6c/45EbqXrztgoN4XPXx3wo8nAQGarPXcigQG2lqap33Mo9KbUvQ1+0g9l0uS+NOtb7xT/8IQ=
last-modified: Mon, 04 Nov 2019 23:22:04 GMT
server: cloudflare
etag: "0f6011bc5c83dd1a9c631bde74534f0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 8DCE73F3AECB4400
cache-control: max-age=14400
cf-request-id: 036f513c1a0000dfad87334200000001
accept-ranges: bytes
content-type: image/png
cf-bgj: h2pri

GET
H2 200 ceiling1.png
images.upbeatnews.com/posts/4722/ 2 MB
2 MB 413ms
412ms Image
application/octet-stream 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/posts/4722/ceiling1.png
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e272c411a1af50bfdbff2a2e38fb509d00f0a115d0cf3ee6823a59c8b145988

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:57 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 83E7C5FE281C6655
cf-ray: 5a5f1e420878dfad-FRA
status: 200
content-length: 1596051
x-amz-id-2: fatwWzUKyDl9yicTrtkbBK2eW8FVr2WZzlP1ZFgjdEt8IN31X/y3ov98PBo046Xst/p9sCRDyAY=
last-modified: Thu, 07 Nov 2019 05:23:05 GMT
server: cloudflare
etag: "d54bb9a281cae73d193c3bde93fc40d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=14400
cf-request-id: 036f513d430000dfad87349200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 ceiling2.jpg
images.upbeatnews.com/posts/4722/ 559 KB
560 KB 399ms
399ms Image
application/octet-stream 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/posts/4722/ceiling2.jpg
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13d13604be838603d255d1eeec60485270415226981244249e9d64b9a54577e

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:57 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: A23AE8B1BA78118A
cf-ray: 5a5f1e42087adfad-FRA
status: 200
content-length: 572389
x-amz-id-2: QN4GwZuSyki+gS4o3xiN2xEt4xwtDzG4noFOgU1w9+B48mjSOztO6//FSegFxKRXrOMCEvFabRc=
last-modified: Thu, 07 Nov 2019 05:23:05 GMT
server: cloudflare
etag: "df124e51d3f5e3ef492eca9f5154eae0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=14400
cf-request-id: 036f513d430000dfad8734a200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 ceiling26-1.jpg
images.upbeatnews.com/posts/4722/ 35 KB
36 KB 599ms
598ms Image
application/octet-stream 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/posts/4722/ceiling26-1.jpg
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a827cbccb5126844c9742e75d398b82587ff344e53a6147ddfc47501ba93daee

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:57 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 0061ADCD12884A97
cf-ray: 5a5f1e42087ddfad-FRA
status: 200
content-length: 36320
x-amz-id-2: m+3PhvRomG4LJ0dJp4udnzAYgomL3+Ylbrh1Yj9p9gFSWRFUG3G3gMrRMIZUv6N3C2eucOupLaQ=
last-modified: Thu, 07 Nov 2019 05:23:05 GMT
server: cloudflare
etag: "e6468237b28817d5892ee025a2d7b963"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=14400
cf-request-id: 036f513d430000dfad8734b200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H/1.1 200
OK app.js Show response
upbeatnews.com/js/ 380 KB
121 KB 329ms
116ms Script
application/javascript 54.146.143.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/js/app.js?id=b27a69f8865c60def79c
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-143-64.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: fa21b489af9aed227458e677b43b498e30cc51ffdb6e51e36a69be32f26cd44d

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "5efa3-5a8718279b009-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK proper-ads-updater.js Show response
upbeatnews.com/js/ 1 KB
1 KB 425ms
108ms Script
application/javascript 54.146.143.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/js/proper-ads-updater.js?v=2.92
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-143-64.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 54c663cdd7ccd37ba2b9d9a9d7bc533e7d5987865b055232b9aede7806a34fb2

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "4eb-5a871827cec2a-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 561

GET
H/1.1 200
OK jquery.sticky.js Show response
upbeatnews.com/js/jquery-sticky/ 9 KB
3 KB 538ms
107ms Script
application/javascript 54.146.143.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/js/jquery-sticky/jquery.sticky.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-143-64.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: cc07dc22acd75d21ea2a03ced344d13aeeea586029288b1d7004739f8ce3c7be

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "2502-5a8718279bfa9-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2507

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1254916019&t=pageview&_s=1&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ul=en-us...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=1053232024.1592589297&jid=2079009336&_gid=766343640.1592589297&gjid=1792232119&_v=j83&z=479695424

35 B
441 B

47ms
16ms

Image
image/gif

2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=1053232024.1592589297&jid=2079009336&_gid=766343640.1592589297&gjid=1792232119&_v=j83&z=479695424

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Jun 2020 17:54:57 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=1053232024.1592589297&jid=2079009336&_gid=766343640.1592589297&gjid=1792232119&_v=j83&z=479695424
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
625 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 16:14:15 GMT
server: ESF
date: Fri, 19 Jun 2020 17:54:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jun 2020 17:54:56 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858332707/ 2 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858332707/?random=1592589296916&cv=9&fst=1592589296916&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6a0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&tiba=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a32e8fe1a431c178afefafe23338aef3c84c1654c518c965edb6081aec17e18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1108
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK webfa-regular-400.woff2
upbeatnews.com/fonts/vendor/@fortawesome/fontawesome-free/ 13 KB
14 KB 157ms
115ms Font
application/octet-stream 54.146.143.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2?ac21cac3f22cc9642f5af32e0c750797
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.143.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-143-64.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/css/app.css?v=2.92
Origin: https://upbeatnews.com

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "3510-5a871827e24aa"
Vary: User-Agent
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13584

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
345 B 7ms
7ms Script
application/x-javascript 2600:9000:20eb:d200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:d200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:39:47 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
age: 911
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: EeFnDbpaDm74ieWMN9MJWqOwAIXlcItMgBn3MC-ORUlHm40OETgT6g==

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
1009 B 76ms
32ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061611.js Show response
securepubads.g.doubleclick.net/gpt/ 247 KB
88 KB 33ms
33ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 21:48:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89804
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:54:57 GMT

GET
H2 200 gda.js Show response
lo3trk.com/cdn/3.1/ 4 KB
4 KB 427ms
118ms Script
text/javascript 3.21.65.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lo3trk.com/cdn/3.1/gda.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.21.65.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-21-65-150.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: fe25f879f2e2de177a2f95bfbb0deb7d7b1c58bd8b792d9277f8225403a3653a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 19 Jun 2020 17:54:57 GMT
last-modified: Thu, 05 Sep 2019 12:05:52 GMT
server: Apache
accept-ranges: bytes
content-length: 4285
content-type: text/javascript

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 86CC 0
0 105ms
26ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=5658D330-0C52-4C70-9830-83A4A45E31A0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Last-Modified: Tue, 14 Apr 2020 10:28:34 GMT
ETag: "1300708-2eae-5a33da96f833f"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 4169
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=49770
Expires: Sat, 20 Jun 2020 07:44:27 GMT
Date: Fri, 19 Jun 2020 17:54:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
BLOB 200
OK 1acdd411-ef5b-4d43-a3de-eeebd7d9cd9c
https://upbeatnews.com/ Frame 18F7 0
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://upbeatnews.com/1acdd411-ef5b-4d43-a3de-eeebd7d9cd9c
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 110680
Content-Type: text/html

GET
H2 200 et_v1.0.1669-0-ge7ea92e.js Show response
video.unrulymedia.com/native/ Frame 18F7 3 KB
2 KB 360ms
45ms Script
application/javascript 13.226.157.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/et_v1.0.1669-0-ge7ea92e.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.157.199 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-157-199.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95fb44bc2ba82395b06ce803c9dd04847a763be0c7ac9ea4df213a5c122d5c13

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Fri, 19 Jun 2020 15:05:04 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 10194
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Thu, 17 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 17 Jun 2020 19:26:45 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: G80y-Gon7DxEAuJlL5-7NRmvJLHcZkvrYtbgAV9rdezEGlcZezpcRg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 18F7 85 KB
30 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Thu, 11 Jun 2020 20:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680682
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 20:50:15 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858332707/ 42 B
307 B 24ms
23ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858332707/?random=1592589296916&cv=9&fst=1592586000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6a0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&tiba=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&async=1&fmt=3&is_vtc=1&random=1807965558&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858332707/ 42 B
601 B 48ms
23ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858332707/?random=1592589296916&cv=9&fst=1592586000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6a0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&tiba=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&async=1&fmt=3&is_vtc=1&random=1807965558&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1493555200;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi;fpan=1;fpa=P0-1008499475-1592589297334;ns=0;ce=1...
pixel.quantserve.com/ 35 B
372 B 29ms
26ms Image
image/gif 91.228.74.226
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1493555200;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi;fpan=1;fpa=P0-1008499475-1592589297334;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=upbeatnews.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1592589297333;tzo=-120;ogl=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 307ms
306ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1165878873532559&correlator=1366585341812230&output=ldjh&impl=fif&adsid=NT&eid=21066459&vrg=2020061611&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_side_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D5%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589297&dt=1592589297374&dlt=1592589295092&idt=2258&frm=20&biw=1600&bih=1200&oid=3&adxs=1110&adys=98&adks=1561089790&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=2199027788479&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1&msz=300x1&ga_vid=1053232024.1592589297&ga_sid=1592589297&ga_hid=1254916019&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

3187ea901ae01f74a710ff3203e032a147b6f9252970dbf746e6b686a0b64c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10579
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c57b54d3eaf190e69d6e322e2c750191.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 79ms
39ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c57b54d3eaf190e69d6e322e2c750191.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 29ms
6ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 527ms
525ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1165878873532559&correlator=1366585341812230&output=ldjh&impl=fif&adsid=NT&eid=21066459&vrg=2020061611&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_side_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D7%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589297&dt=1592589297395&dlt=1592589295092&idt=2258&frm=20&biw=1600&bih=1200&oid=3&adxs=1110&adys=98&adks=1406267668&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=2199027788479&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1&msz=300x1&ga_vid=1053232024.1592589297&ga_sid=1592589297&ga_hid=1254916019&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e5e54a9c39a9f0066015e0c4ec85c96e917d2da1e3c623319757108e99cd557a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10450
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 776ms
776ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1165878873532559&correlator=1366585341812230&output=ldjh&impl=fif&adsid=NT&eid=21066459&vrg=2020061611&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_side_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D8%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589297&dt=1592589297402&dlt=1592589295092&idt=2258&frm=20&biw=1600&bih=1200&oid=3&adxs=1110&adys=100&adks=503551445&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=2199027788479&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1053232024.1592589297&ga_sid=1592589297&ga_hid=1254916019&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

3ef9d5a8f829d04eb26db2d6a5f4ccf67c8708b61f5f630cdbbaa61816bdf98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10678
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 1037ms
1037ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1165878873532559&correlator=1366585341812230&output=ldjh&impl=fif&adsid=NT&eid=21066459&vrg=2020061611&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_content_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D9%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589297&dt=1592589297408&dlt=1592589295092&idt=2258&frm=20&biw=1600&bih=1200&oid=3&adxs=362&adys=1653&adks=2199804527&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=2199027788479&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=353x1&msz=353x1&ga_vid=1053232024.1592589297&ga_sid=1592589297&ga_hid=1254916019&fws=4&ohw=1220&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

ccb190f62831350dfc9987c732a31b58c4e8321d1beba0e1782bf544bb58da7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11287
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 1283ms
1282ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1165878873532559&correlator=1366585341812230&output=ldjh&impl=fif&adsid=NT&eid=21066459&vrg=2020061611&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_content_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D10%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589297&dt=1592589297414&dlt=1592589295092&idt=2258&frm=20&biw=1600&bih=1200&oid=3&adxs=745&adys=1653&adks=1973152569&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=2199027788479&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=353x1&msz=353x1&ga_vid=1053232024.1592589297&ga_sid=1592589297&ga_hid=1254916019&fws=4&ohw=1220&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b64f128d75c639a10e1aeb374d54e41a2ce723c5bfe0efdac258153e61efc057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2183
x-xss-protection: 0
google-lineitem-id: 2151234376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138203123584
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 1549ms
1548ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1165878873532559&correlator=1366585341812230&output=ldjh&impl=fif&adsid=NT&eid=21066459&vrg=2020061611&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D13%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589297&dt=1592589297421&dlt=1592589295092&idt=2258&frm=20&biw=1600&bih=1200&oid=3&adxs=190&adys=98&adks=2144769577&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=2199027788479&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=1053232024.1592589297&ga_sid=1592589297&ga_hid=1254916019&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

bbe23c5ba62bdb87eaaf49fe2d7e066af465a4861ae623b07c29581e856e4e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11939
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 378ms
95ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=00c2894e72894f68afee994fd70aa5448a&obApiVersion=1.1&obtpVersion=1.1.9&name=PAGE_VIEW&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&optOut=false&bust=0823438180081808
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: f1cb5c05086eadbbccfd2ad1aa0ed08a
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 375ms
93ms Image
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=00c2894e72894f68afee994fd70aa5448a&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&bust=05973568114574521
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Cache-Control: no-cache
X-TraceId: 6afa33699524d6525f2090d2ec4e5be2
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 1668ms
1668ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1165878873532559&correlator=1366585341812230&output=ldjh&impl=fif&adsid=NT&eid=21066459&vrg=2020061611&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_content_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D11%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589297&dt=1592589297574&dlt=1592589295092&idt=2258&frm=20&biw=1600&bih=1200&oid=3&adxs=362&adys=3300&adks=2636858604&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=2199027788479&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=736x1&msz=736x1&ga_vid=1053232024.1592589297&ga_sid=1592589297&ga_hid=1254916019&fws=4&ohw=1220&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

547991f9ad3b18058d488eb38789457b82263b9eca230cbc3e30bef97f8f2af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2198
x-xss-protection: 0
google-lineitem-id: 2151234376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138203123426
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 native_v1.0.1669-0-ge7ea92e.js Show response
video.unrulymedia.com/native/ Frame 18F7 62 KB
17 KB 34ms
33ms Script
application/javascript 13.226.157.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native_v1.0.1669-0-ge7ea92e.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.157.199 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-157-199.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 719e12b715dee65ad5ed4f8c92e26d8902bae5c61ec28ef230a9572aac362c3c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Fri, 19 Jun 2020 15:05:04 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 10194
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Thu, 17 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 17 Jun 2020 19:26:44 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: d3U0-KHDfHPR0IpNWkbpU77UCQp4cAMyzFMYkOS46v8hWdsmQwegZg==

POST
H2 200 request Show response
lo3trk.com/api/v1/ 386 B
673 B 161ms
161ms XHR
application/json 3.21.65.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lo3trk.com/api/v1/request
Requested by: Host: lo3trk.com
URL: https://lo3trk.com/cdn/3.1/gda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.21.65.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-21-65-150.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: a39e10b7525dca55794e2f638f04b3694884ab474852277cafe12d88e042681b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
server: Apache
status: 200
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
content-length: 386

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 618E 202 KB
55 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 618E 16 KB
6 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31743
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 618E 97 KB
30 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 618E 4 KB
2 KB 51ms
19ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31743
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 618E 48 KB
15 KB 49ms
17ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31743
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
DATA 200
OK truncated
/ Frame 618E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 006fe2c53f90b971503d4dfe51a8b9d39345448e6d54590574168c2faa3bf363

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15339895127142468262
tpc.googlesyndication.com/simgad/ Frame 618E 131 KB
131 KB 9ms
8ms Image
image/gif 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15339895127142468262

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f929a35d61c335f29e9e6bfca41ad9cbcf6e5861d61fc0f3bcd320710a6c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 05:51:25 GMT
x-content-type-options: nosniff
age: 907412
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134389
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 14:01:45 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 05:51:25 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 618E 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66060
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 618E 295 B
519 B 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72097
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 618E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdOooWLkZTPyLHhYIyohTkRd7nWcam5AWCt9nZEW0T-uh5jNg-oJUx0fP5bxaVdcpOGCamCyWT4_a7R2NZ5AE-VVLDiQ
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 618E 0
0 37ms
36ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXqCD8fvsXsGgGtbE7_UP9qKaiAHjgL7WXJba2ti7C4vI05aMDhABINjqtiBguei-gNQBoAHAp6u1A8gBA6kCJYV5g2rRsj7gAgCoAwHIAwiqBJsCT9Bs2TBc3nVcV6oZydWtdByi6wCKq_YIp1OqXYaGqJaZdE1JMntSSpunFY0Cqsodj0JBKmCWM8sX82BeroSWs7PXvS8uSzfAbCiEBcA2IF0MuRcvVvNWce_O6RYJ_UCa2I5jGP34VN8vJB8sJ8m4CZvJPNBsqOb-8DDs4RHLwMIDkrC1lrrsR8XJWZTJcsn_TJFN68vgwEPBuefeXXK3jdzKFX7NmbrJaXDeRNJo5jxazNEgGwCjH9OHM1buu3W-yNg5F_S5YibwfN5M0lz32zXaUM2DOxweQbmk3bZmbGb6p89pmgcKivI02idRXKvBx-MDfN9rNejdWa5gbM5i1T_yc3-PqbKz2VHzBbE3kTT8qgy2fopocEvgE8AEwM3wxIoD4AQBkgUECAQYAZIFBAgFGASgBgOAB6jY1EqoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQmMwI0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTc0MzY2MTM4NTY3MTY5gAoDyAsB2BMN&sigh=jMNNv4vJEWo&tpd=AGWhJmtoovcCGepiruo1CiPpgmdSubthwaPuAdDoyqRiWyYDJg
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 18F7 43 B
346 B 35ms
34ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=consent&message=could%20not%20find%20__cmp%20function%20on%20any%20window&app=native&pid=1120340&supplyMode=direct&isMobile=false&pageLoadId=883500815&unr.site.env=html&ts=2020-06-19T17%253A54%253A57.789-%252B02%253A00&perf_consent_start=1592589297787&perf_consent_end=1592589297788&id=894531357&d=1592589297789&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:57 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 skin-1120340.json Show response
video.unrulymedia.com/native/skins/ Frame 18F7 439 B
1 KB 380ms
379ms XHR
application/json 13.226.157.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/skins/skin-1120340.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.157.199 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-157-199.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 924c2ace675d304d2492000849d6e2b8aa85b1a5e0817923cf97344dcd4cb213

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:59 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: DUS51-C1
x-cache: RefreshHit from cloudfront
status: 200
content-length: 439
x-amz-expiration: expiry-date="Fri, 18 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 18 Jun 2020 21:06:02 GMT
server: AmazonS3
etag: "e9a0f10a249572eb1ddf3d69f8fe4757"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: https://upbeatnews.com
cache-control: max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: kOwFT3w6PoqMRLS31tTfBUkgT-CDsHCrlZ0njs08I_G37kTuTyLFVg==

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 618E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 19 Jun 2020 17:54:57 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame C846 202 KB
55 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame C846 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31743
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame C846 97 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9491
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame C846 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31743
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame C846 48 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31743
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C846 2 KB
3 KB 15ms
15ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66060
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C846 295 B
352 B 8ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72097
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame C846 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a0d4ff3a83b67e556ef68c36004058bdd9bc70d0dae36c860658e9bda1367c3

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16637256763499082068
tpc.googlesyndication.com/simgad/ Frame C846 134 KB
134 KB 8ms
7ms Image
image/gif 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16637256763499082068

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90a92a539edce32164abf91f086f7bc40a701d63cf9c65a474c4c63c029435d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Jun 2020 12:02:02 GMT
x-content-type-options: nosniff
age: 453175
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137169
x-xss-protection: 0
last-modified: Thu, 11 Jun 2020 09:46:01 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 12:02:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C846 0
0 51ms
50ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTx02b5SuE9vjCHYMzL3MZWqFLXg279U7lbpd4g_Y6PPc1J50OiWfvAZMKJicbPtwbHRBadSuZfCjatgHHNsVhqRpqFQ
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C846 0
0 51ms
51ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWMSN8fvsXrSMKb207_UPgK6PiA6gk6zYXYbsi9fJC7_hHhABINjqtiBguei-gNQBoAHukdPNA8gBA-ACAKgDAcgDCKoEkAJP0DCGvXa1HP_NQ6ZBVeei9HaYtXPRbGcXOZiwoV-W8jsk0DfCziEupobCjjsM5Nw_iDA_nq2x8eSGr8JO1MfKElxbqJeiMeKrHf6q1QtKE9QrW5ze_UgHjz2JsOZcbmCsPEhUxy_USwEwyHOnTLJzkXlX-JjOerXeyAeAcgBsr_9u7vxK0a-vyJH9yX7cNutfJWrVSgY0QYdFFUF0z4H5el6XDdoJhAqnghjF__sr86l6bemcOnQqknfsTooHKuw4csb6OXFL-lLBGZ-blFTWcdnhSliQZexGf8wif5RnpKjNV68a1GUY49TFapqCuwAmK2O14tWSABmf5fCHM4pdhQKMEaePdRoi-Bo-qTNHWMAEvaD15_0C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB97YlIEBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEObBF9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjU3NDM2NjEzODU2NzE2OYAKA8gLAdgTAg&sigh=CIOa0yy3D_I&tpd=AGWhJmu-l5O4bWs60YTKquidS5OhJU000AUo2BsJN3hs9j3niw
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 15339895127142468262
tpc.googlesyndication.com/simgad/ Frame 618E 131 KB
131 KB 59ms
8ms Image
image/gif 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15339895127142468262

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f929a35d61c335f29e9e6bfca41ad9cbcf6e5861d61fc0f3bcd320710a6c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 05:51:25 GMT
x-content-type-options: nosniff
age: 907413
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134389
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 14:01:45 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 05:51:25 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 618E 2 KB
3 KB 58ms
9ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66061
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 618E 295 B
357 B 57ms
8ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72098
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C846
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 19 Jun 2020 17:54:58 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 16637256763499082068
tpc.googlesyndication.com/simgad/ Frame C846 134 KB
134 KB 6ms
6ms Image
image/gif 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16637256763499082068

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90a92a539edce32164abf91f086f7bc40a701d63cf9c65a474c4c63c029435d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Jun 2020 12:02:02 GMT
x-content-type-options: nosniff
age: 453176
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137169
x-xss-protection: 0
last-modified: Thu, 11 Jun 2020 09:46:01 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 12:02:02 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C846 2 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66061
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C846 295 B
352 B 8ms
8ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72098
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2 200 third-party-iframes.html
video.unrulymedia.com/iframes/ Frame EED6 0
0 377ms
375ms Document
text/html 13.226.157.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1669-0-ge7ea92e&siteId=1120340
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.157.199 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-157-199.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: video.unrulymedia.com
:scheme: https
:path: /iframes/third-party-iframes.html?h=v1.0.1669-0-ge7ea92e&siteId=1120340
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
content-type: text/html
content-length: 466
last-modified: Thu, 18 Jun 2020 12:15:02 GMT
x-amz-expiration: expiry-date="Fri, 18 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges: bytes
server: AmazonS3
date: Fri, 19 Jun 2020 17:54:59 GMT
etag: "65651425cff1104b1d6f87415cae468b"
cache-control: max-age=600
x-cache: RefreshHit from cloudfront
via: 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: MazONYSEB3ShBBne-rwHnNs4DfUtBA2_LuAC4nJJGxRHa0nrxV1xLg==

GET
H2 200 chunk-vendors~populatePlacement-3c90f8dec614439c8cf7.js Show response
video.unrulymedia.com/native/chunks/ Frame 18F7 111 KB
30 KB 391ms
391ms Script
application/javascript 13.226.157.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-3c90f8dec614439c8cf7.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.157.199 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-157-199.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f2e1bf12b6b3376f0b8ec118296938033b2c04b8f41188d81555b9b7a972fe3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Fri, 18 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 18 Jun 2020 12:14:58 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-id: OtwqNRaZ5a_tucV_SPxN0K-mdssLzzaS2h_Yoq8uyeoYtQZk-TuAJQ==

GET
H2 200 chunk-populatePlacement-66d80d59ae59b8c83283.js Show response
video.unrulymedia.com/native/chunks/ Frame 18F7 80 KB
22 KB 36ms
36ms Script
application/javascript 13.226.157.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-66d80d59ae59b8c83283.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.157.199 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-157-199.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6e1c3ea4e68f80942aa122f08779d5a6d9a777a923ea9ed09d2061fb02a3da3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Fri, 19 Jun 2020 15:05:06 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 10193
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Fri, 18 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 18 Jun 2020 12:14:58 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: M-c38BY1jG4VREGqEdRMrqq5bn_pxovkIRx2m32sTae08C17_I5p6A==

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame EE7E 202 KB
55 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9492
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame EE7E 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31744
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame EE7E 97 KB
29 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9492
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame EE7E 4 KB
2 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31744
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame EE7E 48 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31744
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE7E 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66061
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE7E 295 B
352 B 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72098
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame EE7E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ea603e674c11cccc89706655b9bd2aefd3706c70e30a5283c3bde6cc516acc5

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9255129688887693200
tpc.googlesyndication.com/simgad/ Frame EE7E 79 KB
79 KB 12ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9255129688887693200?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkqyocRJMKD2Q0KARmGnAHKNCa1kw

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9cac9bb9533d08c32995cd7085dede54cb3f24c28da3406349515e2ee3bf76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 03:41:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 07:35:33 GMT
server: sffe
age: 915221
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80819
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:41:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EE7E 0
0 19ms
13ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTi113lRmYUrw0MoKJrTSwR4Ts6tyf5R_6W6iqCQNljpKOCYdT2mo1NN4J1_jeclEPa4IBAmM3UevUhHNg8FqdPOWft5g
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EE7E 0
0 43ms
37ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CU6wi8fvsXu39NsGT7_UPhZCOuAW84ebFXcXw1b69CxQQASDY6rYgYLnovoDUAaAB8YP9lQPIAQLgAgCoAwHIAwiqBJ4CT9CBqfEwRhaKr3fql_51xA09bYdrgszrO0Tq_pMDZcJ5WsTeTHWt7skAjRw3kXjFYtlf6xclQS7OLUbV152GBPSoQxYGFC1soU5JR5UgrdrkttKDwXwZcCCL84p0P5B_8ic0XQR8GCPrzqaFHmtzUGDr1IlMHFn-05p_xuVagajxdvVxEsuRHWvKJ7fpiGQywsvUTuE2p3F1IpUMOiRA6vVB6Sn-W4PCYJ6cXpg1E9xig1wP8YuWCV8gBExxbDKIYwqEp357AOSMdTq8CV52H2__4ta07PBXL6qDC4a9O_M55_1XAv2BGEEEOpabDnlA7HeO-1XH2j4-1Ix4m3U36AAQvRggHFDK0ixZKtI7pMgN97muPvnP6KPtOAAbJMAEqZSCva4C4AQBkgUECAQYAZIFBAgFGASgBgKAB7-Snn6oB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQgdcK0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTc0MzY2MTM4NTY3MTY5gAoDyAsB2BMM&sigh=eGFeXmVZzrk&tpd=AGWhJmuVWuFK2WNI5ksnSXBScav_1kWJKKOugJ-uSiY6RMF5ug
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EE7E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 19 Jun 2020 17:54:58 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 973F 202 KB
55 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9492
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 973F 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31744
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 973F 97 KB
29 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9492
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 973F 4 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31744
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 973F 48 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31744
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 973F 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66061
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 973F 295 B
352 B 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72098
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 973F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca87d12a0389e44e018bd3d47d68e3a427484ecd83468c6fbfc1cb4630ab957c

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9711717427168487879
tpc.googlesyndication.com/simgad/ Frame 973F 54 KB
54 KB 8ms
7ms Image
image/gif 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9711717427168487879

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc2d4496a1f8f759b29c49639cad1268eca84a35870cc3c6984cf9092725095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 06:31:29 GMT
x-content-type-options: nosniff
age: 732209
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55505
x-xss-protection: 0
last-modified: Fri, 30 Aug 2019 13:32:31 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 06:31:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 973F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZt_PJAmgMfDE7XkWwv_1FlTlUcMhT3qWB-9GFKFe9RgMpQW9r0Fy8NHOS00tt7fdThmeEX45UhyodI4XfrmWNO5vy0g
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 973F 0
0 37ms
37ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1-DB8vvsXs3bCdzD7_UPwZWpmAubvfb9XNKDqvqtCqOC9qjaEBABINjqtiBguei-gNQBoAHvyfzvA8gBA6kC_OD7iR7Usj7gAgCoAwHIAwiqBJUCT9C_kQLXPAlPUNlbap5eoooGYVQG6xmL8J2m14pgDDQMrzlGXplrtasngFXku8Kjvs8jTVfA8pJKkEXA8vJ_CIw7hV6ZVMUxK8Ywbs7pZ8tela73dU8cEw5xkN-9cc0d5eWlIwqIp-XufbtBAdS2nxpj72XdOA4iYWb0FjgajpUedbT3g8V4w70NFjs--ivlcGFCgE0sudm3LJd1zlhZCu3kXMlWDil3YS7ed1cZAVYyMF4RK2jng-81YvgJ07zyxoWuda5OKuty1saUv9SxRbXFUnk3ZCcmUK1fco3qoWnWqQX5og0XVsx-w6CYM4Ikl7iscZOqS92K2cU7k5rwccoFtVsWTrMI22MKiYrcLtUnjLJBScAEycfK6O4B4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB_m1gxCoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQy9cG0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02NTc0MzY2MTM4NTY3MTY5gAoDyAsB2BMK&sigh=J-mkKpSoAIw&tpd=AGWhJmtZXB0miyqmbFztFQ561gZn7Q5MtROCvPfWtDL25NnOfA
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 973F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 19 Jun 2020 17:54:58 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET view
securepubads.g.doubleclick.net/pcs/ Frame C68F 0
0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 78E7 81 KB
30 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f86343c7273c0a989cb58267bdddc4a2d8a7a26f84aea08e844a8774b7c7776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 30628
x-xss-protection: 0
server: cafe
etag: 17882392006133441091
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:54:58 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:54:58 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 18F7 43 B
346 B 35ms
34ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_adcall&site.page=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&site.domain=upbeatnews.com&placementName=upbeatnews.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&app=native&pid=1120340&isMobile=false&pageLoadId=883500815&unr.site.env=html&ts=2020-06-19T17%253A54%253A58.770-%252B02%253A00&perf_consent_start=1592589297787&perf_consent_end=1592589297788&perf_corejs_start=1592589296590&perf_corejs_end=1592589297790&perf_skin_start=1592589297791&perf_skin_end=1592589298175&perf_adAge_start=1592589298769&id=894531357&d=1592589298770&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:58 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK img
rx-stats3.unrulymedia.com/trackedevent/ Frame 18F7 43 B
337 B 24ms
23ms Image
image/gif 213.19.147.150
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rx-stats3.unrulymedia.com/trackedevent/img?event=adcall&page=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&domain=upbeatnews.com&videoplcmt=%5B3%5D&siteid=1120340&devicetype=desktop&pageloadid=883500815&siteenv=html&perfconsentstart=1592589297787&perfconsentend=1592589297788&perfcorejsstart=1592589296590&perfcorejsend=1592589297790&perfskinstart=1592589297791&perfskinend=1592589298175&perfadagestart=1592589298769&doc_type=outstream_adcall&clientver=v1.0.1669-0-ge7ea92e&adslotloadid=894531357&cb=1592589298771&id=894531357&d=1592589298771&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:54:59 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: 0

GET 2.2
rx.targeting.unrulymedia.com/openrtb/ Frame 18F7 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 78E7 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 78E7 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/ Frame 78E7 218 KB
82 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83998
x-xss-protection: 0
server: cafe
etag: 419886144849044271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:54:58 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/ Frame 9157 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200610/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmX8R1ukMHaSXRT78NB5KVR4eI6UueqqJs2-jFK5GqZ324DD_aj3bjuZM6M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 10 Jun 2020 22:00:32 GMT
expires: Wed, 24 Jun 2020 22:00:32 GMT
content-type: text/html; charset=UTF-8
etag: 12274286891180784318
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4510
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 762866
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 823F 0
0 933ms
932ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=250&slotname=5140430151&adk=2462278425&adf=1842636958&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589298829&bpp=30&bdt=99&idt=79&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=347321712647&frm=23&ife=1&pv=2&ga_vid=1053232024.1592589297&ga_sid=1592589299&ga_hid=1962466816&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3179&biw=1600&bih=1200&isw=300&ish=250&ifk=673758767&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2961248379396228&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.acdki3ur2jij&btvi=1&fsb=1&dtd=98

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6897902191714833&output=html&h=250&slotname=5140430151&adk=2462278425&adf=1842636958&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589298829&bpp=30&bdt=99&idt=79&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=347321712647&frm=23&ife=1&pv=2&ga_vid=1053232024.1592589297&ga_sid=1592589299&ga_hid=1962466816&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=772&ady=3179&biw=1600&bih=1200&isw=300&ish=250&ifk=673758767&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=2961248379396228&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.acdki3ur2jij&btvi=1&fsb=1&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmX8R1ukMHaSXRT78NB5KVR4eI6UueqqJs2-jFK5GqZ324DD_aj3bjuZM6M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Jun 2020 17:54:59 GMT
server: cafe
content-length: 16451
x-xss-protection: 0
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78E7 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:54:58 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame D2CA 202 KB
55 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9493
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame D2CA 16 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31745
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame D2CA 97 KB
29 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9493
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame D2CA 4 KB
2 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31745
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame D2CA 48 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31745
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D2CA 7 KB
821 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 16:11:09 GMT
server: ESF
date: Fri, 19 Jun 2020 17:54:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jun 2020 17:54:59 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D2CA 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66062
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D2CA 295 B
357 B 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72099
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/13217625943274954946/ Frame D2CA 84 KB
84 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13217625943274954946/2076313506083323656

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

175df4ff9a5b651b21b5febbc036582cf20a5aacf4ed2b2822cd3accdf700f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 07:01:45 GMT
x-content-type-options: nosniff
age: 39194
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86166
x-xss-protection: 0
last-modified: Thu, 29 Aug 2019 10:20:08 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 07:01:45 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4785242713658027687/ Frame D2CA 4 KB
4 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4785242713658027687/downsize_200k_v1?w=200&h=200

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22479ed424520bde1028f8104017aadfb7bcb57e532c5b0d043de0879051cfe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Jun 2020 06:28:06 GMT
x-content-type-options: nosniff
age: 386813
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4286
x-xss-protection: 0
last-modified: Thu, 09 Apr 2020 10:40:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Jun 2021 06:28:06 GMT

GET
DATA 200
OK truncated
/ Frame D2CA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D2CA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1643e3f0311568db0ea68d3283648c683ef3224366e1498eaecb46d04fc65ad

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame D2CA 0
0 17ms
14ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQceYMg4HaujSsynq1ScxZIqpQX9B4-fXfzFUpmCY4r9shwngWQEBzo0daPngQSLgpaud9UXiCBdG1wkyKh2UMYJ9tC7Q
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D2CA 0
0 41ms
38ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFO4c8vvsXqzNKZbK7_UP2vuW-AjAr4CGVa7A4NCKCr_hHhABINjqtiBguei-gNQBoAGB8JXkA8gBCakCJYV5g2rRsj7gAgCoAwHIAwqqBJsCT9BSJS9LptpF-JGEdQ9aVoGAeicTY2QE6ItgCpJqZMvoBA-KEFD1Pqzqeebgp-cT73tUv_gqzjpqPJ0PnS23lqAbNXK7WhvWmQ0I49zY6LQ1Xw0ckb9xk3_Qkd507qyCRQoUccrnhDqtY5l9Az9w04WQ-MgFQVSVQDE-MKSvzfGEvISoU6IIUTnWyABiw4SIyxc6j8pBJwl9PHz6rmX4iGb1Xjpu64EvpbP0muiK7CLl5ogyY7Hr4TggVU2bjLFK16bxMdew0DcchOkruSd2UuhU07docIUdOAGOSUefTETCw4LHpqgG0xijhRBqa7XxJe5sdz-WknplOlLy7oF95dW9e3f_DOu9qTzbFcks_0cz_ImWy0O5wzz6A8AE0Mfbk90B4AQBoAYugAfnj-obqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEKaELNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjU3NDM2NjEzODU2NzE2OYAKA8gLAdgTA4gUAQ&sigh=44alZOqIIV4&template_id=484&tpd=AGWhJmuAXjGn1RdwQqS_WebQre8tzS5JE3dphKwmiNeUTa_a5Q
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 618E 42 B
120 B 41ms
41ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTxJi66EQOjcvWNtxXu6YbJgTaQj5DfbmyiQccyWBI0iVx8v6b9GiZUOUwPsiEsQ-6nYrNS2fI3RKnvz2f3PD1BzyITXtaPI0fTQmiSthKUKPJKQTFZ1T0ZmC_9A&sai=AMfl-YThNsm08ggZlrG-LKGq-6u2bQv3mvfwQAGAn3i_XVavK7ZBfQcHB3KKDNTV66TrcJK-8fQpAUGbVpgk0MC5FyRUwodwlMIX1GjJ4nnrdgT0Rmsajd3mpMVEOBf7&sig=Cg0ArKJSzPHv8qK2PXgnEAE&cid=CAASF-RoQiOZq4iIqLcFrhUreV3YZW60kMpV&id=ampim&o=1110,99&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=248&tls=1254&g=79.83333468437195&h=79.83333468437195&tt=1254&r=v&avms=ampa&adk=1561089790

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D2CA 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://upbeatnews.com

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 790192
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame D2CA 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://upbeatnews.com

Response headers

date: Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 668117
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:19:42 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 18F7 43 B
346 B 35ms
34ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=error&placementName=upbeatnews.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=Failed%20to%20fetch&app=native&pid=1120340&isMobile=false&pageLoadId=883500815&unr.site.env=html&ts=2020-06-19T17%253A54%253A59.134-%252B02%253A00&perf_consent_start=1592589297787&perf_consent_end=1592589297788&perf_corejs_start=1592589296590&perf_corejs_end=1592589297790&perf_skin_start=1592589297791&perf_skin_end=1592589298175&perf_adAge_start=1592589298769&perf_vast_0_start=1592589298773&id=894531357&d=1592589299135&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:54:59 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C846 42 B
107 B 37ms
36ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhFYKQxqHK9EoNZExCJYpJflwjno-rwHNKqHeRXwIAycFz5_0PT_2ApxrwVNfWQJN3zxNwlFO6u0wbjOOzB0yIfAB0maSw_gNTCVa6ej_yWAub3pwMwNtFix84sg&sai=AMfl-YRccdnmdJKWtU0ebar7TQYP1C8JtEnVvakRwCIBhr6CWnqeOS22LbnoLlB4UHucYQVMIh8QeSZ57xhwFgLai6L98nyG_eKDSmbKz68Mxp8saMfco3zoaNhMtSc&sig=Cg0ArKJSzOcYEoT3OYASEAE&cid=CAASF-RoEJB38Jhjv4nK6SotF5BpbbAExcnm&id=ampim&o=1110,98&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=116&tls=1123&g=100&h=100&tt=1123&r=v&avms=ampa&adk=1406267668

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D2CA 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66062
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D2CA 295 B
352 B 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72099
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 19B0 0
0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4480 81 KB
30 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f86343c7273c0a989cb58267bdddc4a2d8a7a26f84aea08e844a8774b7c7776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 30628
x-xss-protection: 0
server: cafe
etag: 17882392006133441091
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:54:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4480 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4480 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/ Frame 4480 218 KB
82 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83998
x-xss-protection: 0
server: cafe
etag: 419886144849044271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:54:59 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1376 0
0 1018ms
1018ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=90&slotname=5140430151&adk=850169076&adf=3151382141&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589299325&bpp=7&bdt=48&idt=91&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=347321712647&frm=23&ife=1&pv=1&ga_vid=1053232024.1592589297&ga_sid=1592589299&ga_hid=705940842&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=366&ady=3572&biw=1600&bih=1200&isw=728&ish=90&ifk=1777893847&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=1090673357478494&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.4mntc8c9deyr&btvi=1&fsb=1&dtd=97

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6897902191714833&output=html&h=90&slotname=5140430151&adk=850169076&adf=3151382141&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589299325&bpp=7&bdt=48&idt=91&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=347321712647&frm=23&ife=1&pv=1&ga_vid=1053232024.1592589297&ga_sid=1592589299&ga_hid=705940842&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=366&ady=3572&biw=1600&bih=1200&isw=728&ish=90&ifk=1777893847&scr_x=0&scr_y=0&eid=21065531&oid=3&pvsid=1090673357478494&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.4mntc8c9deyr&btvi=1&fsb=1&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUnIBLFh7fGcIgxvXrwDIeAbqUmvzGBFoHPQP73b1sQmJSVzuhlk65lt0NpP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Jun 2020 17:55:00 GMT
server: cafe
content-length: 15908
x-xss-protection: 0
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4480 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:54:59 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 179ms
179ms XHR
application/octet-stream 52.36.30.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.30.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-30-197.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Jun 2020 17:54:59 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 78E7 7 KB
6 KB 39ms
19ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200610&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

538048d872a8b0fff1b742e69fc14ad92e66c4962f05d4c95bd41b4099bd9fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5661
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 78E7 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:54:59 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame EABF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 19 Jun 2020 17:40:48 GMT
expires: Sat, 19 Jun 2021 17:40:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 851
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78E7 0
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200610&jk=2961248379396228&bg=!UVKlUkpYDrOXMlLyXmgCAAAAV1IAAAARmQGXZXSy0F5OPhxMGEMuPxYmro89UatrPbQ6qOpO9XOTjWDJ22cYhzZGAT9DjiuOLP_17s0q8-9UUmcNyUX2juVmL8ajF1OyOC43Lm_6fbxYHZYL-OjphRFbsvx_HUe3xsJqdU4qDfEqP8OxGEOdNx5qoVjwq6BCEZhDnkmKSLmk6waOU6yOof2M1puMuavv1km55AuwFNMXRjwl6msPuF9DtEM4Wfr2xg_mrQGIch5bZjC2AywTnQWOiteRd--pMyZbJCeLK-QnD1KiKM0PiMuIo4jsPeYEO7dSNnc8dcGufwb-SVKnJQhm720LkJE6zgR6n1ogTh5Gk3vWw_Bh8EC-H-ewYxEeKUXWwBmpa-0DvC0V-PJOwFRVfejd76pEoqly2IafIf9an9Dpkzsc49iQjmQt5339njn4CjKZquTQ1JcimYomtvqHpM2JTRyPXd3gtCYWnSifsrfyujwDSODY3q3poontSq3hy68tEhVWxKPvjlG71p6-EnOu-pfoEF57r3TlM6bxqUex4MxkFpYpNe_wGT4arcQ

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D2CA 0
0 39ms
39ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4C2I8vvsXqzNKZbK7_UP2vuW-AjAr4CGVa7A4NCKCr_hHhABINjqtiBguei-gNQBoAGB8JXkA8gBCakCJYV5g2rRsj7gAgCoAwGqBJsCT9BSJS9LptpF-JGEdQ9aVoGAeicTY2QE6ItgCpJqZMvoBA-KEFD1Pqzqeebgp-cT73tUv_gqzjpqPJ0PnS23lqAbNXK7WhvWmQ0I49zY6LQ1Xw0ckb9xk3_Qkd507qyCRQoUccrnhDqtY5l9Az9w04WQ-MgFQVSVQDE-MKSvzfGEvISoU6IIUTnWyABiw4SIyxc6j8pBJwl9PHz6rmX4iGb1Xjpu64EvpbP0muiK7CLl5ogyY7Hr4TggVU2bjLFK16bxMdew0DcchOkruSd2UuhU07docIUdOAGOSUefTETCw4LHpqgG0xijhRBqa7XxJe5sdz-WknplOlLy7oF95dW9e3f_DOu9qTzbFcks_0cz_ImWy0O5wzz6A8AE0Mfbk90B4AQBoAYugAfnj-obqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEKaELNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjU3NDM2NjEzODU2NzE2OYAKA8gLAdgTA4gUAQ&sigh=LY14npgSCbE&vt=1&template_id=484
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D2CA 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUnhUA6BRfULXXA1dY43yjoxclmlfwjL2Ec2ttaOjGtPQe4EoSoUEjIne8dZzl7sGivlEvd8FyaGWvnLkwqbkezb72mqLu3kKbXo4NZs52EzN7oQTalUIufVzRXbOFgFxVKhRus168Wo0Gpi05dYXS&sai=AMfl-YQCiO_AjV-xPTP6xVUoHsDKbC0fNB1wn6Rz8ji3IXW2Zw7srT2n3M9ZZZppSi0XubXzv9srvZZ2kGVcxBIEoPw0G8PYF8eSL1WMlBD8TX8G45lDrQ764hdsL6x9&sig=Cg0ArKJSzADafyE4b1aZEAE&cid=CAASF-Roze_SxGS7junGfN_ne9LEPwbBYrLi&id=ampim&o=190,98&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=161&tls=1161&g=100&h=100&tt=1162&r=v&avms=ampa&adk=2144769577

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4480 7 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200610&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7aa538cd958ae8e69073b54ec624fec732f011fbe9f05f631906e6b7eab072b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5677
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4480 14 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:55:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 2230 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 19 Jun 2020 17:40:48 GMT
expires: Sat, 19 Jun 2021 17:40:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 852
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4480 0
55 B 15ms
13ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200610&jk=1090673357478494&bg=!AwClABhYDacxr5gPdpcCAAAAbVIAAAARmQGX4wd5ieoiAsIS2exWv6xvJEA1-3G54Ypv2PZlh194lrjJrtZjaW4PxoEkwOB2nXPfkLJvQCtp3ZWv2XUWoebSRtSZzwGt5eJVrQsDm_S8MwnMqPIlpZV2sHiiPp5ChlWYBmVh1WA1HEY3nZHyOXz15MhY4J3xIqjTJrqE53G7Abt546Khbrl7-9QaDeurVJJhCk--75YT4QaBsSVW_ecqmJkLPP8qUIyZztKqS1d7utybXYhEetXGbxm9lgGOKH-nwNgRflqYPJtJ3cTk-C7DTe8fgrOpXT0DjAGKziybiRrdnZ61oFNBEAV8gh9K_MSyuMyC2wENw0KQLvId5D1xdiwfjirl1Iz615JkWhcZfJ7hMWtpuinHpKvA8udMzDlAObLmzNmGUsmhgolmAsRDcgKVZBU2dP8jdeSNop57FFEYAGDRBKdtQb0FSoJ2_tHw4IMrqSYJFAKX6OTg6E4VmeutwslfaHVLunsgSLAxyEQu4bnnHnwvTBRa0uIr3BJwkiuGxqbEcswojeh8g8qg5-G_zq_nJnA

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E168 0
0 318ms
21ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIltFrEAoYASABKAEw8fez9wU4AUABSAEQ8fez9wUYAA..; uuid2=2356199172082825168
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 19 Jun 2020 17:55:01 GMT
Age: 3846640
X-Served-By: cache-lga21948-LGA, cache-hhn4077-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 410338
X-Timer: S1592589301.080328,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

1030626.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 1D3E
Redirect Chain

https://sync.serverbid.com/ss/1030626.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html

0
0

173ms
43ms

Document
text/html

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Date: Fri, 19 Jun 2020 17:55:02 GMT
Connection: Keep-Alive
Cache-Control: max-age=3756
Content-Length: 6090
Content-Type: text/html
Last-Modified: Tue, 16 Oct 2018 19:39:24 GMT
Accept-Ranges: bytes
ETag: "153d3f9561afa7e070ae4eea757102cb"
x-amz-request-id: tx000000000000019ac359b-005eebb922-35d9c92-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1592589302.dop002.pa1.t,1592589302.cds045.pa1.shn,1592589302.dop002.pa1.t,1592589302.cds030.pa1.c

Redirect headers

status: 302
content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html
cache-control: no-cache

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame FB9D 0
0 1076ms
31ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
set-cookie: __cfduid=dd4f07dd6859b151d265c2625c3f7df0e1592589301; expires=Sun, 19-Jul-20 17:55:01 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 036f5150470000d911d6adf200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5a5f1e607eb6d911-AMS

GET
H2 200 iframe
sync.teads.tv/ Frame 96D4 0
0 1143ms
55ms Document
text/html 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?gdprIab=%7B%22status%22%3A0%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 153
expires: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
set-cookie: tt_bluekai=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Thu, 18 Jun 2020 16:55:01 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2

200

sync
eb2.3lift.com/ Frame 04F1
Redirect Chain

https://ib.3lift.com/sync?
https://eb2.3lift.com/sync?

0
0

326ms
25ms

Document
text/html

52.59.125.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.125.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-125-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=4244750974533426240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
date: Fri, 19 Jun 2020 17:55:01 GMT
content-type: text/html; charset=utf-8
content-length: 454
set-cookie: sync=CgoIgQIQ9uvg7awuCgoIoQEQ9uvg7awuCgoI4gEQ9uvg7awuCgoI5gEQ9uvg7awuCgoI1gEQ9uvg7awuCgoIhwIQ9uvg7awuCgkIOhD26-DtrC4KCQgLEPbr4O2sLgoJCF8Q9uvg7awuCgkIHxD26-DtrC4=; Max-Age=7776000; Expires=Thu, 17 Sep 2020 17:55:01 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=4244750974533426240; Max-Age=7776000; Expires=Thu, 17 Sep 2020 17:55:01 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=900
Date: Fri, 19 Jun 2020 17:40:52 GMT
Last-Modified: Fri, 19 Jun 2020 17:40:52 GMT
Location: https://eb2.3lift.com/sync?
X-Rev: 8e804b3
X-Served-By: impression-bus5.us_east.prod
X-Cache: Hit from cloudfront
Via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: L6enoZDF3hBSRd1ffL8yLNroc5u77yUG5LoY-zY-5hJygALhGetIwg==
Age: 848

GET
H/1.1 200
OK Cookie set check.html
biddr.brealtime.com/ Frame 4897 0
0 120ms
33ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Date: Fri, 19 Jun 2020 17:55:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d4ade85151f7fc81ffb3b7b05c2cb7fa01592589300; expires=Sun, 19-Jul-20 17:55:00 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: hOEro0LbQc06F0df/Pn7NbkuZU/aoyCwlVxiRDJSLWvlIteejcoc9C9PerP/zeWpLrBCSQrnIBg=
x-amz-request-id: D365737EFD1F1551
Last-Modified: Tue, 11 Feb 2020 20:09:03 GMT
CF-Cache-Status: HIT
Age: 3670
Expires: Fri, 19 Jun 2020 17:56:00 GMT
Cache-Control: public, max-age=60
cf-request-id: 036f514ceb0000c7717a2bf200000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5a5f1e5b1ae1c771-AMS
Content-Encoding: gzip

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 26ms
24ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:00 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 1118ms
35ms Image
image/gif 54.154.51.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.51.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-51-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
104 B 104ms
68ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc1c966-b255-11ea-8888-12c8450abec2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:00 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

25ms
24ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:00 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:00 GMT
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 25ms
24ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:00 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

25ms
24ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:00 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 14ms
13ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc1c966-b255-11ea-8888-12c8450abec2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

25ms
25ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 25ms
24ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc1c966-b255-11ea-8888-12c8450abec2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

24ms
24ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 24ms
24ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

26ms
25ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 25ms
24ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc1c966-b255-11ea-8888-12c8450abec2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 25ms
24ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc057de-b255-11ea-942f-12d220623a1c&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

25ms
24ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc1c77c-b255-11ea-8e59-1237df373440&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

25ms
25ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 25ms
25ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 20ms
19ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbbfcde6-b255-11ea-bf62-1279d50753f0&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

26ms
25ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 26ms
25ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 30ms
30ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc1c966-b255-11ea-8888-12c8450abec2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

25ms
25ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 26ms
25ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbc1c966-b255-11ea-8888-12c8450abec2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 25ms
24ms Image
text/plain 52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Afbe952d8-b255-11ea-8ed2-120d915f11b6&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

0
124 B

24ms
24ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:55:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:01 GMT
status: 302
strict-transport-security: max-age=86400
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=cLSIkiOzi8Bo5NvDcrLAxXbi1cVot9nIc-AVJLNp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 526ms
320ms Script
text/javascript 34.234.137.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ntv_mvi
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-137-236.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 3c21fb11c12b639853a8e8beafa34ca9e1e16631437b75ffaf04e794d8867472

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:03 GMT
content-encoding: gzip
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 722
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 105ms
102ms Image
image/gif 34.234.137.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=9224345&ntv_pl=1096380
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-137-236.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 rt.gif
jadserve.postrelease.com/ 43 B
427 B 106ms
104ms Image
image/gif 34.234.137.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/rt.gif?ntv_tg=207ebbb5ca0f423097e60d3833aa0b31&ord=[cache_buster]
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-137-236.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 104ms
103ms Image
image/gif 34.234.137.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1096380&ntv_gdpr_consent=&ntv_it
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-137-236.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame EF57 0
0 25ms
25ms Document
text/html 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1591617684.490239"
last-modified: Mon, 08 Jun 2020 11:30:17 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Fri, 19 Jun 2020 17:55:10 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592589310~rv=97~id=40ee4e66e46b1a7378aaee6cf8aef252; path=/; Expires=Fri, 19 Jun 2020 17:55:10 GMT; Secure; SameSite=None

GET
H/1.1 200
OK dXBiZWF0bmV3cy5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
419 B 114ms
48ms XHR
application/json 72.247.226.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/dXBiZWF0bmV3cy5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.107 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:55:10 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=25715
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 16
Expires: Sat, 20 Jun 2020 01:03:45 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 387ms
96ms XHR
application/json 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1592589310942&sessionId=f82310ad-f834-14db-f8f0-f593b9143ca2&url=upbeatnews.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:55:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 1f5a4efa4852372a4fcd4860968e6fd1
Content-Length: 4
Expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061611&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f49c664e97a90b4671e821afe43446bb6a8720a926c5fbd6d448e87a6f5b90c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:55:13 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame E924 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 19 Jun 2020 17:40:48 GMT
expires: Sat, 19 Jun 2021 17:40:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 865
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061611&jk=1165878873532559&bg=!_f6l_uZYt03eJE8xkvUCAAAATlIAAAARmQF_jiWo4FXHHyLN-hEP1y5ugemVegsmthEYN8FsuR-dIIGi0CF5kMgK3h4is6Okna2NwScfuyOm6YcIf_Tu9qpBVkup8cfiC2VSat7oi6lbz0A9bwgrxLuz9TO5l6S5FBz-wYvJWShGemRC4Ksp_glv2RQPwnvunHeXzxfoU1eg7ot_Nhp5brGDR5azY4uDIcc1T8yS_8OaRCfYTvuyk4bzHT1bsPeAnxPp3irrXBsck0ixCS6cR87ydg4DlUvB09SlwgJE-QjqQ1FrtdsPgXHOuxNmvS8VgvWMTAW9R6MVN3PCa30YgymW4_n24FBYV8b9Qz_3E5XNT5rIP9fmbJVUFqMSCxVz5VgHP-XvBOJ0f3bZA61hLEK8k3MPXa8wyPLf2ny0poF5W_vBvY5xkYxNRu6q9bT9quDw5OwtogvqibpAcXqfai_qXmggC2hSDNbuhsGe0Kq8MeXZKA60mLtYnwXDn29BlpTgL3D6ReUw7wHcwzCqt7ZmItcOeAE3aiI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:55:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a.teads.tv
URL: https://a.teads.tv/hb/bid-request

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=2.3.0

Domain: propermedia-d.openx.net
URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ch=UTF-8&res=1600x1200x24&tz=-120&tws=1600x1200&aus=300x250%7C300x250%7C728x90%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C160x600&auid=540994346%2C540994347%2C540994348%2C540994349%2C540994350%2C540994351%2C540994353&aumfs=100%2C100%2C100%2C100%2C100%2C100%2C100&dddid=8fd50a4d-205e-4841-9de0-8ba0ea7eb6e5%2C58c31a1a-01f2-49a8-8751-e6263e179a9c%2C1329e6ab-fa27-4166-827a-8d103440a8e6%2C6b3c1bd6-e664-467d-a56f-6a792ca7f529%2Ce4265884-4a9e-4b95-b3d7-a33b61c6516c%2C04375d55-2426-49d8-a20b-7d4edab68a69%2Ca864f795-1f4b-4b76-ac6d-5a210272f23f&divIds=proper-ad-upbeatnews_content_1%2Cproper-ad-upbeatnews_content_2%2Cproper-ad-upbeatnews_content_3%2Cproper-ad-upbeatnews_side_1%2Cproper-ad-upbeatnews_side_2%2Cproper-ad-upbeatnews_side_3%2Cproper-ad-upbeatnews_sticky&be=1&bc=hb_pb_2.1.6&nocache=1592589295198

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=3000&ts=1592589295200

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAOluF2n2y9zsvy2NWWMMr1kAJmmQwikj19wj9cTtAv4SiPa-XHcu3CmyVHjHykLimZhnn_Am9Rv9hwT0QINVPwKaaXcakV_X9q8ry7x3lBPA2mqqx03y6OdJAGB_IsANd7rPLTVk91327MUWLEUWWD9J7LICbnbDYrYTulhbprheLl5txneihVQt-f4UXOjpH_Z4l3Ewqg3GVDPIPhf0l6CdvtBwqRO5ajF-ejrvotHO_y2YRHjZiyG3J-5HJG0UTjy60qDHymcPQW1sV&sig=Cg0ArKJSzH8s6Ymcc6_dEAE&urlfix=1&adurl=

Domain: rx.targeting.unrulymedia.com
URL: https://rx.targeting.unrulymedia.com/openrtb/2.2?uuid=c70b6a71-da32-46cd-9715-b21397ce58a8&site.page=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&site.domain=upbeatnews.com&video_width=640&video_height=360&allowDisplay=false&imp%5B0%5D.placement=3&unr.site.env=html&h=v1.0.1669-0-ge7ea92e

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXwatV2VZdYBHD6xIF98H7k9gO42UU_ivw3SNGqTX-EPvI1d4XFhs422GZ17qT61-xkgvYbiCwnzEg6mBnHdL2SjGcAj9OeUwtLaWMOkaIC0SWkzARx72NNITYBRFi8r5F__vVJPfLik3IS8bQzBhJnsLI6lqphv_yTy04WMgU3wb9OEeJf9VXAep4vhF0cpjQ6VBldGoOLVvkCE8LVcmuO3D56_Z1KP8-erbwTyetPMM2NezbZToAn0QLsBByXT7hitPIfqMF43OzzqpN&sig=Cg0ArKJSzFOQLEK84HxDEAE&urlfix=1&adurl=

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://lo3trk.com/cdn/3.1/gda.js(Line 136) Message: creating cookie
console-api	log	URL: https://lo3trk.com/cdn/3.1/gda.js(Line 146) Message: sending
console-api	log	URL: https://lo3trk.com/cdn/3.1/gda.js(Line 147) Message: [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	warning	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=C4C2I8vvsXqzNKZbK7_UP2vuW-AjAr4CGVa7A4NCKCr_hHhABINjqtiBguei-gNQBoAGB8JXkA8gBCakCJYV5g2rRsj7gAgCoAwGqBJsCT9BSJS9LptpF-JGEdQ9aVoGAeicTY2QE6ItgCpJqZMvoBA-KEFD1Pqzqeebgp-cT73tUv_gqzjpqPJ0PnS23lqAbNXK7WhvWmQ0I49zY6LQ1Xw0ckb9xk3_Qkd507qyCRQoUccrnhDqtY5l9Az9w04WQ-MgFQVSVQDE-MKSvzfGEvISoU6IIUTnWyABiw4SIyxc6j8pBJwl9PHz6rmX4iGb1Xjpu64EvpbP0muiK7CLl5ogyY7Hr4TggVU2bjLFK16bxMdew0DcchOkruSd2UuhU07docIUdOAGOSUefTETCw4LHpqgG0xijhRBqa7XxJe5sdz-WknplOlLy7oF95dW9e3f_DOu9qTzbFcks_0cz_ImWy0O5wzz6A8AE0Mfbk90B4AQBoAYugAfnj-obqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEKaELNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjU3NDM2NjEzODU2NzE2OYAKA8gLAdgTA4gUAQ&sigh=LY14npgSCbE&vt=1&template_id=484

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.be
adservice.google.com
adservice.google.de
ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
aol-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
as-sec.casalemedia.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
c57b54d3eaf190e69d6e322e2c750191.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.districtm.io
d10ttgjjowsnd6.cloudfront.net
dmx.districtm.io
dw7nrwnn2bkh1.cloudfront.net
e.serverbid.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
googleads.g.doubleclick.net
hb.emxdgt.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
image6.pubmatic.com
images.upbeatnews.com
jadserve.postrelease.com
lo3trk.com
log.outbrainimg.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
propermedia-d.openx.net
rules.quantcount.com
rx-stats3.unrulymedia.com
rx.targeting.unrulymedia.com
s.ntv.io
s2s.proper.io
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ssc.33across.com
stats.g.doubleclick.net
stats3.unrulymedia.com
sync.serverbid.com
sync.teads.tv
tag.1rx.io
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
tr.outbrain.com
upbeatnews.com
video.unrulymedia.com
web.hb.ad.cpe.dotomi.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
a.teads.tv
ap.lijit.com
dmx.districtm.io
hb.emxdgt.com
propermedia-d.openx.net
rx.targeting.unrulymedia.com
securepubads.g.doubleclick.net
ssc.33across.com

104.16.190.66
104.17.120.107
13.226.154.111
13.226.157.199
134.209.131.220
151.101.113.108
172.217.16.194
178.162.133.150
185.33.221.14
185.64.189.115
205.185.216.42
213.19.147.150
213.19.147.210
216.52.2.30
216.58.206.2
23.210.248.12
23.210.249.164
23.210.249.92
23.210.250.13
23.210.250.44
2600:9000:20eb:d200:6:44e3:f8c0:93a1
2600:9000:21f3:aa00:11:9a35:5280:21
2600:9000:21f3:c600:6:266a:9940:21
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:10::ac43:bac
2606:4700::6811:4e22
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:815::2001
2a00:1450:4001:816::200a
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2001
2a00:1450:4001:820::2004
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:400c:c04::9c
2a02:fa8:8806:12::1370
2a02:fa8:8806:16::1460
3.21.65.150
34.234.137.236
34.95.69.49
52.36.30.197
52.58.195.54
52.58.202.213
52.59.125.145
52.59.74.203
54.146.143.64
54.154.51.227
54.194.116.156
64.202.112.191
70.42.32.159
72.247.226.107
91.228.74.226
006fe2c53f90b971503d4dfe51a8b9d39345448e6d54590574168c2faa3bf363
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f04929cbb6334053152ef9c3254799826af91a379178ad82748a6c3d2c04d1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07e5ca45e6f15cfee014c1d4dd7c20adb8c6bbb670f14f6b992c7a9537f01a46
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4
0bf35b79423e51b44390cede061a950585e6942a3c362cdda1cb6d1baa612d5a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
1094ab40163ac7cf38f6b8047328beb6c5434e54dc45fc661e2a40b5687ec5f5
1753cf0687dcd6d947ccbfcbc92f10e3ca3c8f03d5a23a6077aad79dd52f892c
175df4ff9a5b651b21b5febbc036582cf20a5aacf4ed2b2822cd3accdf700f07
1dc2d4496a1f8f759b29c49639cad1268eca84a35870cc3c6984cf9092725095
22479ed424520bde1028f8104017aadfb7bcb57e532c5b0d043de0879051cfe3
25314a2204872bc1d65bdefd20c7b06721e38f3c30fe663b5e8ce4a5cc9d9495
2a56675ca2e0bddb4fc02ed370b45a83fc3a3a4d43608b70ac02769b87121d86
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
30f929a35d61c335f29e9e6bfca41ad9cbcf6e5861d61fc0f3bcd320710a6c26
3187ea901ae01f74a710ff3203e032a147b6f9252970dbf746e6b686a0b64c27
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38b8d064e1a92195b1fad638407f7b77997c8c7e261dab7122ab25b9f51575ba
3c21fb11c12b639853a8e8beafa34ca9e1e16631437b75ffaf04e794d8867472
3ea603e674c11cccc89706655b9bd2aefd3706c70e30a5283c3bde6cc516acc5
3ef9d5a8f829d04eb26db2d6a5f4ccf67c8708b61f5f630cdbbaa61816bdf98e
465c3811aa06576937627f499daaa2b0147f2cfc06066aa003f34298febb956a
4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb
4dccb479e3bca7bec87d4af01bb7c34c2f7ad6a99dc06e2c5d775e08a78b0f1a
4f5aa670fd63f969cf979b7b3c4c6671eaf6f54533b0710ec0dd34e5ad33492f
5049dd13e1d95a93b788d16ddbdb742dca57e43ab81d6d80ffa1774219a14c3c
5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a
5284eb87b0f55bfaecda2547d2c8b4c256934996233bc113ea909ce5917d2557
538048d872a8b0fff1b742e69fc14ad92e66c4962f05d4c95bd41b4099bd9fbe
547991f9ad3b18058d488eb38789457b82263b9eca230cbc3e30bef97f8f2af8
54c663cdd7ccd37ba2b9d9a9d7bc533e7d5987865b055232b9aede7806a34fb2
6e272c411a1af50bfdbff2a2e38fb509d00f0a115d0cf3ee6823a59c8b145988
719e12b715dee65ad5ed4f8c92e26d8902bae5c61ec28ef230a9572aac362c3c
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7f2e1bf12b6b3376f0b8ec118296938033b2c04b8f41188d81555b9b7a972fe3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844328005fd847ceed851b871d8435eeda1a280c58ccc9afb9d2ce31c88c3387
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
8a0d4ff3a83b67e556ef68c36004058bdd9bc70d0dae36c860658e9bda1367c3
8d581fd04f9ebf7c7f9b321afec8c44088a6380f6d062f4312fbe442ae992609
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec60ff5d72812093576c4a3adeb13968b63fefc034795f6e892d111cb298b69
8f86343c7273c0a989cb58267bdddc4a2d8a7a26f84aea08e844a8774b7c7776
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90a92a539edce32164abf91f086f7bc40a701d63cf9c65a474c4c63c029435d4
90ed3b395bd2572209781dd584d3d75f03bc510aca068b0b4fe268bcfa1f43e9
924c2ace675d304d2492000849d6e2b8aa85b1a5e0817923cf97344dcd4cb213
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979
95fb44bc2ba82395b06ce803c9dd04847a763be0c7ac9ea4df213a5c122d5c13
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1643e3f0311568db0ea68d3283648c683ef3224366e1498eaecb46d04fc65ad
a32e8fe1a431c178afefafe23338aef3c84c1654c518c965edb6081aec17e18a
a39e10b7525dca55794e2f638f04b3694884ab474852277cafe12d88e042681b
a582dc7075847985960200027d68ca07dedaf4c15b18f085893805ce54781f9a
a613a112d62eacaace9bc9d782673272b5cc70d6462f0c0fea9def2b13637f7f
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
a827cbccb5126844c9742e75d398b82587ff344e53a6147ddfc47501ba93daee
a94b25c76ce7848706d477f7c26b9fcc4dcd2007bdb0d37d493ad21eecf0f33a
aeddc01f6b3ddd62d979eea63b0f8f4379a3c499fda6ca603d5c515e7381b79b
b2941dea3a6f578c643de5524605a67a5b1fa09e61344961a4a06361a8dc8777
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b64f128d75c639a10e1aeb374d54e41a2ce723c5bfe0efdac258153e61efc057
b6e1c3ea4e68f80942aa122f08779d5a6d9a777a923ea9ed09d2061fb02a3da3
ba4e87857ed1fa0827959c3dfa35973dab23b26d4d88a283f01eabfbe66ff47f
bbe23c5ba62bdb87eaaf49fe2d7e066af465a4861ae623b07c29581e856e4e1b
bdab644b4bb7c94c8aa76816e07fd96291df886490cc418b8880c18057a386b1
c37c5be60eb32307e20c0e070761afb14d9b6a3cfd9f1882b4e349e352db1abc
c4956f969e4b8b50918fb462e80badadcc54d7bf4c23638743b47021d50f5f19
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca87d12a0389e44e018bd3d47d68e3a427484ecd83468c6fbfc1cb4630ab957c
cc07dc22acd75d21ea2a03ced344d13aeeea586029288b1d7004739f8ce3c7be
cc36bd8e62f61a3f16b7bfc9289f64751f9f3ea51edeb87a9ec4de6dbdb1d1dc
ccb190f62831350dfc9987c732a31b58c4e8321d1beba0e1782bf544bb58da7e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9cac9bb9533d08c32995cd7085dede54cb3f24c28da3406349515e2ee3bf76
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d13d13604be838603d255d1eeec60485270415226981244249e9d64b9a54577e
d79cbd9933b270b150eae65d47c0651403481c7a44c388e578ec4179688b5b10
d7aa538cd958ae8e69073b54ec624fec732f011fbe9f05f631906e6b7eab072b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f
e05deae68305ae9da895f1cbd20416c11c6095884c11b4f8880e0b67f5787298
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e54a9c39a9f0066015e0c4ec85c96e917d2da1e3c623319757108e99cd557a
e64cad53d59368857ed070897d8ff3ce8cd41e65d2333ff500cbb5b3917b397e
e6cea26e415b9ce05dda20b49edcdbcfc3de7a87e51ad08c2410fa63d6eac834
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49c664e97a90b4671e821afe43446bb6a8720a926c5fbd6d448e87a6f5b90c6
f5d297fb22336630fd42f7a7bb883542ddb70cba5ec6a616ab3e3d415ff5cc33
fa21b489af9aed227458e677b43b498e30cc51ffdb6e51e36a69be32f26cd44d
fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe25f879f2e2de177a2f95bfbb0deb7d7b1c58bd8b792d9277f8225403a3653a

upbeatnews.com Open in urlscan Pro 54.146.143.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

250 Requests

94 %HTTPS

36 %IPv6

43 Domains

71 Subdomains

54 IPs

7 Countries

4712 kBTransfer

8372 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

upbeatnews.com Open in urlscan Pro
54.146.143.64 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

94 %
HTTPS

36 %
IPv6

43
Domains

71
Subdomains

54
IPs

7
Countries

4712 kB
Transfer

8372 kB
Size

0
Cookies

250 HTTP transactions
6 data transactions