www.upi.com Open in urlscan Pro
104.18.19.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.upi.com/
Effective URL:
https://www.upi.com/
Submission: On December 16 via api (December 16th 2022, 1:42:21 pm UTC) from SE — Scanned from SE

Summary HTTP 87 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 17 domains to perform 87 HTTP transactions. The main IP is 104.18.19.10, located in and belongs to CLOUDFLARENET, US. The main domain is www.upi.com. The Cisco Umbrella rank of the primary domain is 111284.
TLS certificate: Issued by E1 on November 2nd 2022. Valid for: 3 months.

This is the only time www.upi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.18.10 104.18.18.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	104.18.19.10 104.18.19.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	108.156.61.148 108.156.61.148	16509 (AMAZON-02) (AMAZON-02)
2	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	142.251.39.67 142.251.39.67	15169 (GOOGLE) (GOOGLE)
6	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
4	104.17.79.34 104.17.79.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.239.163.146 54.239.163.146	16509 (AMAZON-02) (AMAZON-02)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	84.53.161.43 84.53.161.43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	18.204.27.191 18.204.27.191	14618 (AMAZON-AES) (AMAZON-AES)
1	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	91.228.74.208 91.228.74.208	16509 (AMAZON-02) (AMAZON-02)
1	52.11.176.167 52.11.176.167	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.92 18.66.15.92	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
3	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
3	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
1	52.73.136.54 52.73.136.54	14618 (AMAZON-AES) (AMAZON-AES)
1	3.231.49.203 3.231.49.203	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	142.251.208.97 142.251.208.97	15169 (GOOGLE) (GOOGLE)
1	52.44.187.32 52.44.187.32	14618 (AMAZON-AES) (AMAZON-AES)
87	25

1 104.18.18.10 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.upi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.18.19.10 (None, )

ASN13335 (CLOUDFLARENET, US)

www.upi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnph.upi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.61.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-148.ams1.r.cloudfront.net

d3terveqlssriz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.39.67 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

experience.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.79.34 (None, )

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abcheck.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.163.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-163-146.kix56.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 84.53.161.43 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a84-53-161-43.deploy.static.akamaitechnologies.com

static.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.204.27.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-27-191.compute-1.amazonaws.com

prd-collector-platform.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.11.176.167 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-176-167.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-92.vie50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

mcd-sdk.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.136.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-136-54.compute-1.amazonaws.com

voting.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.49.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-49-203.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.187.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-187-32.compute-1.amazonaws.com

prd-collector-anon.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	upi.com 1 redirects www.upi.com — Cisco Umbrella Rank: 111284 cdnph.upi.com — Cisco Umbrella Rank: 120448	919 KB
16	ex.co experience.ex.co — Cisco Umbrella Rank: 230235 static.ex.co — Cisco Umbrella Rank: 45311 prd-collector-platform.ex.co — Cisco Umbrella Rank: 99769 embed.ex.co — Cisco Umbrella Rank: 92092 pixel.ex.co — Cisco Umbrella Rank: 146044 voting.ex.co — Cisco Umbrella Rank: 261535	426 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	648 KB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976 www.google.com — Cisco Umbrella Rank: 2	126 KB
5	proper.io global.proper.io — Cisco Umbrella Rank: 8832 abcheck.proper.io — Cisco Umbrella Rank: 9475 bids.proper.io — Cisco Umbrella Rank: 9092	149 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192	157 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	6 KB
3	playbuzz.com mcd-sdk.playbuzz.com — Cisco Umbrella Rank: 135789 ads.playbuzz.com — Cisco Umbrella Rank: 289368 prd-collector-anon.playbuzz.com — Cisco Umbrella Rank: 220746	576 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 939 pixel.quantserve.com — Cisco Umbrella Rank: 666	10 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1307	104 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 68	2 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1227	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	2 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757	76 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1412	15 KB
1	cloudfront.net d3terveqlssriz.cloudfront.net	43 KB
87	17

	Domain	Requested by
21	cdnph.upi.com	www.upi.com
9	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	static.ex.co	d3terveqlssriz.cloudfront.net www.upi.com
4	www.gstatic.com	www.upi.com www.google.com www.gstatic.com
4	fonts.googleapis.com	www.upi.com client d3terveqlssriz.cloudfront.net
4	www.upi.com	1 redirects www.upi.com
3	www.google.com	www.upi.com
3	fundingchoicesmessages.google.com	d3terveqlssriz.cloudfront.net
3	securepubads.g.doubleclick.net	d3terveqlssriz.cloudfront.net securepubads.g.doubleclick.net
3	prd-collector-platform.ex.co	experience.ex.co www.upi.com
2	pixel.ex.co	static.ex.co
2	abcheck.proper.io	www.upi.com
2	global.proper.io	d3terveqlssriz.cloudfront.net
2	experience.ex.co	d3terveqlssriz.cloudfront.net experience.ex.co
2	i.clean.gg	d3terveqlssriz.cloudfront.net
2	www.google-analytics.com	www.upi.com
1	prd-collector-anon.playbuzz.com	www.upi.com
1	lh3.googleusercontent.com	www.upi.com
1	ads.playbuzz.com	www.upi.com
1	ping.chartbeat.net	www.upi.com
1	voting.ex.co	www.upi.com
1	pixel.quantserve.com	www.upi.com
1	mcd-sdk.playbuzz.com	www.upi.com
1	embed.ex.co	www.upi.com
1	rules.quantcount.com	d3terveqlssriz.cloudfront.net
1	bids.proper.io	global.proper.io
1	secure.quantserve.com	d3terveqlssriz.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	maxcdn.bootstrapcdn.com	www.upi.com
1	static.chartbeat.com	d3terveqlssriz.cloudfront.net
1	d3terveqlssriz.cloudfront.net	www.upi.com
87	31

This site contains links to these domains. Also see Links.

Domain
about.upi.com

Subject Issuer	Validity	Valid
*.upi.com E1	`2022-11-02` - `2023-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2022-12-01` - `2023-03-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.ex.co Go Daddy Secure Certificate Authority - G2	`2022-06-06` - `2023-07-08`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
cdn.ex.co R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-10` - `2023-02-09`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.playbuzz.com Go Daddy Secure Certificate Authority - G2	`2022-06-06` - `2023-07-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.upi.com/
Frame ID: 7860BC202B23354BE3A6D294743B1AAE
Requests: 59 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap
Frame ID: 7843FB65C482A3F19058FE63BA461BB2
Requests: 19 HTTP requests in this frame

Frame: https://embed.ex.co/xdomain_cookie.html
Frame ID: 46C898EFA04CB8A3FB5693D56472EF02
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwVN8ZAAAAAC8xkG6T9vTUaw1M1LxHSUKHGn42&co=aHR0cHM6Ly93d3cudXBpLmNvbTo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=q55uz3nwww0q
Frame ID: AC3DF43DE1486BEA8E7370135399DC05
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top News, Latest headlines, Latest News, World News & U.S News - UPI.com

Page URL History Show full URLs

http://www.upi.com/ HTTP 301
https://www.upi.com/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

87
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

31
Subdomains

25
IPs

4
Countries

2598 kB
Transfer

6319 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://about.upi.com/
Title: About UPI

Search URL Search Domain Scan URL

URL: https://about.upi.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://about.upi.com/contact/corrections
Title: Corrections

Search URL Search Domain Scan URL

URL: https://about.upi.com/advertising/advertise-online
Title: Advertisements

Search URL Search Domain Scan URL

URL: https://about.upi.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://about.upi.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.upi.com/ HTTP 301
https://www.upi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.upi.com/
Redirect Chain

http://www.upi.com/
https://www.upi.com/

334 KB
94 KB

106ms
43ms

Document
text/html

104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1628601fcffe3ac0518f9252ca4ef3f4c061616aedfffa7fc8a02a068f71d2bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	'SAMEORIGIN'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 21
cache-control: max-age=60, stale-while-revalidate=60, stale-if-error=1209600
cf-cache-status: HIT
cf-ray: 77a7d74a0a5715f0-ARN
content-encoding: gzip
content-security-policy: frame-ancestors frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:42:12 GMT
expires: Fri, 16 Dec 2022 13:42:51 GMT
last-modified: Fri, 16 Dec 2022 13:41:51 GMT
pragma: public
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-frame-options: 'SAMEORIGIN'

Redirect headers

CF-RAY: 77a7d7495c2495de-ARN
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 16 Dec 2022 13:42:12 GMT
Expires: Fri, 16 Dec 2022 14:42:12 GMT
Location: https://www.upi.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 site.v1667398212.css
www.upi.com/inc/css/ 171 KB
25 KB 43ms
42ms Stylesheet
text/css 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upi.com/inc/css/site.v1667398212.css?fp=1&ss=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33bd5f1fdbcd6f3009cd1fe51b125ce3b770b846be8105b4f0f401edf6ef2c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 17:30:25 GMT
server: cloudflare
age: 245507
vary: Accept-Encoding,User-Agent
content-type: text/css;charset=UTF-8
cache-control: maxage=51840000
cf-ray: 77a7d74a6a9815f0-ARN
expires: Sun, 04 Aug 2024 17:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 185ms
66ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

ab8c579c48bc1c5473346234d2777168a2f56e656fe3628300eeba9db860d9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 13:42:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 13:42:13 GMT

GET
H2 200 script.js Show response
d3terveqlssriz.cloudfront.net/ 123 KB
43 KB 193ms
52ms Script
application/javascript 108.156.61.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3terveqlssriz.cloudfront.net/script.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-148.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c25f393433358df2b3ceb208d5dcd01f1680c7d58e4159f97ed8fd8fefb4e50e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Uz5ArVKtrtEEy3HeYtJ5rYaVSxod9Yjq
content-encoding: gzip
via: 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
date: Fri, 16 Dec 2022 13:39:38 GMT
last-modified: Fri, 16 Dec 2022 08:00:54 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 163
etag: W/"d2167a3df2a736f857c1c1de74a3ddeb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: hp9Rf47be9uET5Fe58-j4Tslu5LGwSRJBWCIz7FN2ul6yEhYqwg7pg==

GET
H2 200 2022-was-year-of-the-botched-execution-in-US-with-executions-in-just-6-states.jpg
cdnph.upi.com/related/7481671191616/1/v1.2/dfad1cea76c2c9cf27e05151feb00565/upi/ 76 KB
77 KB 48ms
39ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/7481671191616/1/v1.2/dfad1cea76c2c9cf27e05151feb00565/upi/2022-was-year-of-the-botched-execution-in-US-with-executions-in-just-6-states.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3421326d255b79a1034c21d3a49de8320174789a159e60baf8946244b10ea831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 12:46:41 GMT
server: cloudflare
age: 3056
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74bab9315f0-ARN
content-length: 78217
expires: Sat, 20 Jan 2024 12:51:16 GMT

GET
H2 200 North-Korea-tests-solid-fuel-engine-for-new-type-strategic-weapon.jpg
cdnph.upi.com/related/7481671191616/2/v1.2/16711714737034/i/ 46 KB
46 KB 40ms
39ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/7481671191616/2/v1.2/16711714737034/i/North-Korea-tests-solid-fuel-engine-for-new-type-strategic-weapon.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ce638f651c229dd45b52e393992367bd469b03ef1a5d09fcd82fdbb647dfe03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 12:46:37 GMT
server: cloudflare
age: 3056
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74bfbf715f0-ARN
content-length: 47294
expires: Sat, 20 Jan 2024 12:51:16 GMT

GET
H2 200 13-killed-20-missing-in-landslide-at-Malaysian-campground.jpg
cdnph.upi.com/related/7481671191616/3/v1.2/16711774648214/i/ 82 KB
82 KB 41ms
41ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/7481671191616/3/v1.2/16711774648214/i/13-killed-20-missing-in-landslide-at-Malaysian-campground.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

209f0497ae7a723a998f455accf6e5bcc92f7f85526c3b48b30974a2b9d88cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 12:47:12 GMT
server: cloudflare
age: 3056
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74c1c0c15f0-ARN
content-length: 83664
expires: Sat, 20 Jan 2024 12:51:16 GMT

GET
H2 200 SpaceX-launches-NASAs-water-topography-satellite-into-orbit.jpg
cdnph.upi.com/related/7481671191616/4/v1.2/16711914968048/i/ 25 KB
26 KB 65ms
63ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/7481671191616/4/v1.2/16711914968048/i/SpaceX-launches-NASAs-water-topography-satellite-into-orbit.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6158242aceb53fc1bdd783d5b426a7535e840adb7844176b8dc03e6c064b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 12:46:41 GMT
server: cloudflare
age: 3056
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74c3c2e15f0-ARN
content-length: 26062
expires: Sat, 20 Jan 2024 12:51:17 GMT

GET
H2 200 2022s-worst-movies-Toxic-self-indulgent-star-vehicles-and-bad-sequels.jpg
cdnph.upi.com/related/7481671191616/5/v1.2/16710484562689/i/ 52 KB
52 KB 40ms
39ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/7481671191616/5/v1.2/16710484562689/i/2022s-worst-movies-Toxic-self-indulgent-star-vehicles-and-bad-sequels.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdb38d4a0cb30c9d211ff65059c8c0bdd1be15e4bd624206859a3764bf135b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 12:46:41 GMT
server: cloudflare
age: 3056
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74c3c3015f0-ARN
content-length: 53279
expires: Sat, 20 Jan 2024 12:51:17 GMT

GET
H2 200 World-Cup-soccer-Lionel-Messi-Kylian-Mbappe-vie-for-Golden-Boot-Golden-Ball-honors.jpg
cdnph.upi.com/related/6611671141960/1/v1.2/b50325bedbba1926b92e9ef49cd52743/upi/ 77 KB
77 KB 65ms
64ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/6611671141960/1/v1.2/b50325bedbba1926b92e9ef49cd52743/upi/World-Cup-soccer-Lionel-Messi-Kylian-Mbappe-vie-for-Golden-Boot-Golden-Ball-honors.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ef7774825694a5573ba32bedbe304f4c16bf8190dbea21474ffce21551a2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 15 Dec 2022 22:07:31 GMT
server: cloudflare
age: 55993
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74c3c3215f0-ARN
content-length: 78611
expires: Fri, 19 Jan 2024 22:09:00 GMT

GET
H2 200 clear.gif
www.upi.com/img/ 42 B
184 B 65ms
63ms Image
image/gif 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upi.com/img/clear.gif

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 07 Jun 2012 11:52:02 GMT
server: cloudflare
age: 249995
etag: "2a-4c1e08307bc80"
vary: User-Agent, Accept-Encoding
content-type: image/gif
cache-control: max-age=864000, public, must-revalidate
accept-ranges: bytes
cf-ray: 77a7d74c3c3315f0-ARN
content-length: 42

GET
H2 200 US-hosts-50-African-leaders-for-summit-in-DC.jpg
cdnph.upi.com/related/9611671120531/1/v1.5/acdab32f448965a9817d3361a1fb432f/upi/ 45 KB
45 KB 46ms
45ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/9611671120531/1/v1.5/acdab32f448965a9817d3361a1fb432f/upi/US-hosts-50-African-leaders-for-summit-in-DC.jpg?lg=3

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3be072af6f702008ab6b2c8bea2e1386bc905712db38626cb1472100d62a0f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 13:29:26 GMT
server: cloudflare
age: 680
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74c3c3515f0-ARN
content-length: 46199
expires: Sat, 20 Jan 2024 13:30:53 GMT

GET
H2 200 Brendan-Fraser-Cliff-the-robot-has-poetic-journey-in-Doom-Patrol-S4.jpg
cdnph.upi.com/related/9041671195646/1/v1.2/16711059721123/i/ 19 KB
19 KB 69ms
69ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/9041671195646/1/v1.2/16711059721123/i/Brendan-Fraser-Cliff-the-robot-has-poetic-journey-in-Doom-Patrol-S4.jpg?rc=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8379d2cd14f138436f742452d4068018a0e8c107db414c67ee733a11d28617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 13:01:06 GMT
server: cloudflare
age: 2216
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74c4c4115f0-ARN
content-length: 19239
expires: Sat, 20 Jan 2024 13:05:16 GMT

GET
H2 200 What-social-media-regulation-could-look-like-Think-pipelines-not-utilities.jpg
cdnph.upi.com/related/8131671195547/1/v1.2/39152a17bcf8b873bdc11e42e5a7b2ee/upi/ 22 KB
23 KB 47ms
47ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/8131671195547/1/v1.2/39152a17bcf8b873bdc11e42e5a7b2ee/upi/What-social-media-regulation-could-look-like-Think-pipelines-not-utilities.jpg?rc=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d07a83b2601ee10d26cf24758d6735ce7ad03152d6fce580301910e9148bac4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 12:59:42 GMT
server: cloudflare
age: 2490
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74c7c6715f0-ARN
content-length: 22913
expires: Sat, 20 Jan 2024 13:00:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 182ms
56ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 13:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1056
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 15:24:37 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 128ms
126ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 211ms
141ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 16 Dec 2022 13:42:13 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 229ms
67ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 09:00:35 GMT
x-content-type-options: nosniff
age: 276098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 09:00:35 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 355ms
194ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:04:39 GMT
x-content-type-options: nosniff
age: 56254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:04:39 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 292ms
131ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:21:12 GMT
x-content-type-options: nosniff
age: 253261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:21:12 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 318ms
157ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:20:18 GMT
x-content-type-options: nosniff
age: 361315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:20:18 GMT

GET
H2 200 sdk.js Show response
experience.ex.co/ 44 KB
11 KB 124ms
31ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.ex.co/sdk.js

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a90a02d293c532220eefa84f1edc79d402d4919fe3f4390856480222b61b7a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 13:42:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 275143
x-cache: HIT, HIT
x-surrogate-key: SDK-for-external-purge
content-length: 10618
x-served-by: cache-iad-kiad7000043-IAD, cache-bma1630-BMA
server: nginx
x-timer: S1671198133.309174,VS0,VE1
etag: W/"b063-zuDdWxEjJrh4ulMtZGO9Y7a8o+c"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits: 33, 1

GET
H2 200 upi.min.js Show response
global.proper.io/ 34 KB
9 KB 140ms
51ms Script
application/javascript 104.17.79.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/upi.min.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994d5fa4b3630fd6d2d21454c8bd94c326bd3452cfa32dc5fea7ed92406e6ecd

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 18:33:47 GMT
server: cloudflare
age: 1969655
etag: W/"637e678b-883e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 77a7d74d2d9609a3-ARN
expires: Fri, 16 Dec 2022 13:47:13 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 930ms
320ms Script
application/x-javascript 54.239.163.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.239.163.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-239-163-146.kix56.r.cloudfront.net
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 01:01:29 GMT
content-encoding: gzip
via: 1.1 a7f35365abcf75ffa65525a4768c2f44.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: KIX56-C2
age: 45644
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DexWg9Sb-1pWyxAdSEXpcm1jyqJkZVzMMwdLOm3JkmVMwEArOrcTrg==
expires: Sat, 17 Dec 2022 01:01:29 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 121ms
44ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upi.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 4867610
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f16b774da59b11344d8517fe50ec041f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77a7d74d2a409927-ARN
cdn-requestpullsuccess: True

GET
H2 200 Kingsley-Coman-is-third-French-player-to-fall-ill-ahead-of-World-Cup-final.jpg
cdnph.upi.com/related/6611671141960/2/v1.2/010667ce8730df5ce037194f3d7935c2/upi/ 4 KB
4 KB 55ms
52ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/6611671141960/2/v1.2/010667ce8730df5ce037194f3d7935c2/upi/Kingsley-Coman-is-third-French-player-to-fall-ill-ahead-of-World-Cup-final.jpg?sm=t

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc1eb51b5f4f556e24864d2ee0eb21332ecf7a2d2d797a225f9efd47a3185c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 15 Dec 2022 22:09:28 GMT
server: cloudflare
age: 53218
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d2cfa15f0-ARN
content-length: 4370
expires: Fri, 19 Jan 2024 22:55:15 GMT

GET
H2 200 Boy-14-fatally-struck-by-vehicle-in-France-during-World-Cup-celebration.jpg
cdnph.upi.com/related/6611671141960/3/v1.2/16711143072672/i/ 4 KB
4 KB 52ms
49ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/6611671141960/3/v1.2/16711143072672/i/Boy-14-fatally-struck-by-vehicle-in-France-during-World-Cup-celebration.jpg?sm=t

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7687d4051815fba3d98a9fe1b25cdbb849b68d0aa19381f94841098027ed7ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 15 Dec 2022 22:07:37 GMT
server: cloudflare
age: 53218
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d3cfd15f0-ARN
content-length: 4129
expires: Fri, 19 Jan 2024 22:55:15 GMT

GET
H2 200 France-beats-Morocco-earns-spot-vs-Argentina-in-finale.jpg
cdnph.upi.com/related/6611671141960/4/v1.2/958ccc9aaf2075f67566e4317ac3ed37/upi/ 4 KB
4 KB 40ms
38ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/6611671141960/4/v1.2/958ccc9aaf2075f67566e4317ac3ed37/upi/France-beats-Morocco-earns-spot-vs-Argentina-in-finale.jpg?sm=t

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b5641bd4ee8f676291099ddbc77f658028c5f64ac8b38374b78677efbce1d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 15 Dec 2022 22:07:36 GMT
server: cloudflare
age: 53218
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d3cff15f0-ARN
content-length: 4100
expires: Fri, 19 Jan 2024 22:55:15 GMT

GET
H2 200 Year-in-review-Take-the-2022-UPI-News-Quiz.jpg
cdnph.upi.com/ph/st/th/5171671196113/2022/upi/c667e04d31c0ee8da30775ba9b0b6b4f/v1.5/ 52 KB
52 KB 52ms
50ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/5171671196113/2022/upi/c667e04d31c0ee8da30775ba9b0b6b4f/v1.5/Year-in-review-Take-the-2022-UPI-News-Quiz.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9761f47b84dbea583a56b1b196cbc87abc8f6fa630425de2208e1c6f76653a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 13:19:01 GMT
server: cloudflare
age: 1392
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: maxage=34560000
cf-ray: 77a7d74d3d0015f0-ARN
expires: Sat, 20 Jan 2024 13:19:01 GMT

GET
H2 200 Harvard-names-Claudine-Gay-as-first-ever-Black-president.jpg
cdnph.upi.com/ph/st/th/8271671192815/2022/i/16711958065992/v1.5/ 22 KB
23 KB 49ms
46ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/8271671192815/2022/i/16711958065992/v1.5/Harvard-names-Claudine-Gay-as-first-ever-Black-president.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dba26d36a2b405236a1eecab8cce470a19cc21cd5e4c06dfc4250f821e046628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 13:27:41 GMT
server: cloudflare
age: 839
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d3d0115f0-ARN
content-length: 22968
expires: Sat, 20 Jan 2024 13:28:14 GMT

GET
H2 200 Research-finds-TikTok-shows-new-users-harmful-content-quickly.jpg
cdnph.upi.com/ph/st/th/1181671145502/2022/upi/77937330cbb80d5879747fc4afc8bd7d/v1.5/ 22 KB
22 KB 46ms
44ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/1181671145502/2022/upi/77937330cbb80d5879747fc4afc8bd7d/v1.5/Research-finds-TikTok-shows-new-users-harmful-content-quickly.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20fc1d33f21c2d5adaa46847337d43557a552a32ed21164054a0d3ac1f40e709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 00:37:18 GMT
server: cloudflare
age: 44905
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d3d0215f0-ARN
content-length: 22855
expires: Sat, 20 Jan 2024 01:13:48 GMT

GET
H2 200 What-to-stream-this-weekend-Snow-Day-Metallica-concert-special.jpg
cdnph.upi.com/ph/st/th/8391671062084/2022/upi/eb3e9560820b8dfe3bb31815099b389f/v1.5/ 25 KB
26 KB 65ms
55ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/8391671062084/2022/upi/eb3e9560820b8dfe3bb31815099b389f/v1.5/What-to-stream-this-weekend-Snow-Day-Metallica-concert-special.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0187f6936ae7f02a045f3e4762e47eb3f2b5b9e7069a7c5608c035104c9f30a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 13:20:23 GMT
server: cloudflare
age: 1110
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d8d4f15f0-ARN
content-length: 25965
expires: Sat, 20 Jan 2024 13:23:43 GMT

GET
H2 200 Albino-porcupine-rescued-by-British-Columbia-sanctuary.jpg
cdnph.upi.com/ph/st/th/3551671141271/2022/i/16711414429977/v1.5/ 67 KB
68 KB 52ms
43ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/3551671141271/2022/i/16711414429977/v1.5/Albino-porcupine-rescued-by-British-Columbia-sanctuary.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

787c383619887a9816dc6b691e6e59fca53ab28ced2dd9e8ddc7561ff46f3f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 15 Dec 2022 23:44:57 GMT
server: cloudflare
age: 44905
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d8d5015f0-ARN
content-length: 69007
expires: Sat, 20 Jan 2024 01:13:48 GMT

GET
H2 200 Aging-Americans-may-be-at-greater-risk-of-Parkinsons-than-previously-thought.jpg
cdnph.upi.com/ph/st/th/9931671134417/2022/upi_com/19371332d4d56b9975cb9fb6c76283eb/v1.5/ 30 KB
30 KB 62ms
56ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/9931671134417/2022/upi_com/19371332d4d56b9975cb9fb6c76283eb/v1.5/Aging-Americans-may-be-at-greater-risk-of-Parkinsons-than-previously-thought.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c3fd1546583a7d1bfaf9fa41e0e88f57551ddd04ddd65f735cd231cf235fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 15 Dec 2022 21:40:11 GMT
server: cloudflare
age: 57352
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d8d5115f0-ARN
content-length: 30304
expires: Fri, 19 Jan 2024 21:46:20 GMT

GET
H2 200 NASA-Russia-evaluating-coolant-leak-on-spacecraft-at-ISS.jpg
cdnph.upi.com/ph/st/th/5201671104358/2022/i/16711051292309/v1.5/ 40 KB
41 KB 48ms
42ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/5201671104358/2022/i/16711051292309/v1.5/NASA-Russia-evaluating-coolant-leak-on-spacecraft-at-ISS.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4114dc6f5598f07af9af989c0e9bb1ae5d5f113ccc73d55f8d980b76bf1dd6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 15 Dec 2022 12:01:49 GMT
server: cloudflare
age: 91747
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d8d5215f0-ARN
content-length: 41325
expires: Fri, 19 Jan 2024 12:13:06 GMT

GET
H2 200 On-This-Day-Pakistan-surrenders-in-war-with-Bangladesh.jpg
cdnph.upi.com/ph/st/th/5591671154507/2022/upi_com/ba7f8a9c0d4d58bdb0f5ce905bd2226c/v1.5/ 44 KB
44 KB 46ms
42ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/5591671154507/2022/upi_com/ba7f8a9c0d4d58bdb0f5ce905bd2226c/v1.5/On-This-Day-Pakistan-surrenders-in-war-with-Bangladesh.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e4291b8b679a184b658437d4ca45112f0c71f6d0ea0073de58ec86838607f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 08:01:22 GMT
server: cloudflare
age: 19080
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d8d5315f0-ARN
content-length: 44886
expires: Sat, 20 Jan 2024 08:24:12 GMT

GET
H2 200 Yankees-LHP-Carlos-Rodon-agree-to-162M-deal.jpg
cdnph.upi.com/ph/st/th/4451671193751/2022/upi/125c3a72386ed38fd7b1d85cedaca193/v1.5/ 36 KB
37 KB 40ms
39ms Image
image/jpeg 104.18.19.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/4451671193751/2022/upi/125c3a72386ed38fd7b1d85cedaca193/v1.5/Yankees-LHP-Carlos-Rodon-agree-to-162M-deal.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.10 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e966b7911fa7bb8d549feb4eb979b042486f775e4d7e23af0de033640b4733d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Dec 2022 13:42:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 16 Dec 2022 12:44:42 GMT
server: cloudflare
age: 3329
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: maxage=34560000
accept-ranges: bytes
cf-ray: 77a7d74d8d5415f0-ARN
content-length: 37279
expires: Sat, 20 Jan 2024 12:46:44 GMT

GET
H2 200 story-viewer.js Show response
static.ex.co/pb-story/production/be0891ff739b78b7e3603db9f85d5ca2d0946e21-2022-09-13-14-09-51/ 580 KB
144 KB 349ms
66ms Script
application/x-javascript 84.53.161.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/pb-story/production/be0891ff739b78b7e3603db9f85d5ca2d0946e21-2022-09-13-14-09-51/story-viewer.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-43.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4daf5743c6e23384f3f0f89086d9a195e2b9d0f7be9d30d2046298310a2ca025

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
content-length: 146813
last-modified: Tue, 13 Sep 2022 14:09:52 GMT
server: AmazonS3
etag: "31b9268915de9abc5750531d69855ec4"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 23 Dec 2022 13:42:13 GMT

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ 0
134 B 417ms
135ms XHR
text/plain 18.204.27.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: experience.ex.co
URL: https://experience.ex.co/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.27.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-27-191.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Fri, 16 Dec 2022 13:42:13 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 html Show response
experience.ex.co/ 218 KB
36 KB 99ms
32ms XHR
text/html 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.ex.co/html?id=fe663d2d-c42b-4d34-aa63-8da58fcc8d76

Requested by

Host: experience.ex.co
URL: https://experience.ex.co/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

918c1582c53aca3e483974a474453599d54f7bc47ff5255fb569380225c60e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 13:42:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 678
x-cache: HIT, HIT
x-pb-os: windows
x-pb-platform: desktop
x-surrogate-key: fe663d2d-c42b-4d34-aa63-8da58fcc8d76 story 6806df02-7427-47d5-8eae-d4709d1b21b0 playbuzz2 www.upi.com
content-length: 36482
x-served-by: cache-iad-kjyo7100108-IAD, cache-bma1641-BMA
server: nginx
x-timer: S1671198133.424320,VS0,VE3
x-pb-browser: chrome
etag: W/"369f7-yi1sHSjZAIvSuBq6s07uEQ3V+kI"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: X-PB-Campaign,X-PB-Os,X-PB-Platform,X-PB-Browser, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits: 27, 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 165ms
54ms XHR
text/plain 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1342607-1&cid=1119628063.1671198133&jid=1996303951&gjid=797383159&_gid=2109448783.1671198133&_u=IGBAgEABAAAAAEAAI~&z=1248048678

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 13:42:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 166ms
54ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=581635643&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upi.com%2F&ul=en-us&de=UTF-8&dt=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26%20U.S%20News%20-%20UPI.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABAAAAAAAAI~&jid=1996303951&gjid=797383159&cid=1119628063.1671198133&tid=UA-1342607-1&_gid=2109448783.1671198133&z=1071191899

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 03:42:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35981
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 206ms
86ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

e4fc6dedab5e13fa9350b36a3936cce18bf68d6e58c048b02806ed9e42bbe0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27543
x-xss-protection: 0
server: sffe
etag: "1422 / 883 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Dec 2022 13:42:13 GMT

GET
H2 200 2.23.0.js Show response
global.proper.io/payloads/ 549 KB
138 KB 43ms
42ms Script
application/javascript 104.17.79.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/2.23.0.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6638de44f8e8da8896e65c7d06dee6f48e8daf2f0bb541a98f238afb951efd

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Oct 2022 17:42:01 GMT
server: cloudflare
age: 5083140
etag: W/"634ee569-8945e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 77a7d74e3ef709a3-ARN
expires: Fri, 16 Dec 2022 13:47:13 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 381ms
372ms Image
image/gif 104.17.79.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=1&rn=7.425783360786491
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: 8DEPM0MX6BKBWPV1
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77a7d74e4f0e09a3-ARN
content-length: 842
x-amz-id-2: 7I+tcr/65t8QJKz9WSGryGL2sAIKZ7ovgK5fS9Ayfty8pykpGeWhyYojxWDR2wONLV70KqmEDZ4=
expires: Fri, 16 Dec 2022 17:42:13 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
980 B 397ms
388ms Image
image/gif 104.17.79.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=2&rn=7.425783360786491
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: 8DESFA9QBH3KX7HW
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 77a7d74e4f0d09a3-ARN
content-length: 842
x-amz-id-2: baw3R0MKgfopbbCKEvltJ3Z1D3TgdA+4GZT5q5s4vXsVdY9n6d9DTdaMA4tN22YBJXi11dhQ7Z0=
expires: Fri, 16 Dec 2022 17:42:13 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7843 3 KB
662 B 180ms
65ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Roboto&display=swap

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

503ae94cf4f406a2527ecc3b35d9491190a7472e53a9c3284d16cb96532c73a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 13:24:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 13:42:13 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7843 2 KB
484 B 179ms
64ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Poppins:wght@400;700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

ecd93802562255dff45c0aa90f8e57693ce3fc103c8e3033a5c1dbe2d1574769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 12:49:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 13:42:13 GMT

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ Frame 7843 0
133 B 187ms
135ms XHR
text/plain 18.204.27.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.27.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-27-191.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Fri, 16 Dec 2022 13:42:13 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 story-viewer.js Show response
static.ex.co/pb-story/production/be0891ff739b78b7e3603db9f85d5ca2d0946e21-2022-09-13-14-09-51/ Frame 7843 580 KB
144 KB 203ms
152ms Script
application/x-javascript 84.53.161.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/pb-story/production/be0891ff739b78b7e3603db9f85d5ca2d0946e21-2022-09-13-14-09-51/story-viewer.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-43.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4daf5743c6e23384f3f0f89086d9a195e2b9d0f7be9d30d2046298310a2ca025

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
content-length: 146813
last-modified: Tue, 13 Sep 2022 14:09:52 GMT
server: AmazonS3
etag: "31b9268915de9abc5750531d69855ec4"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 23 Dec 2022 13:42:13 GMT

GET
H2 200 playbuzz-ads-core.min.js Show response
static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/ Frame 7843 42 KB
12 KB 257ms
206ms Script
application/javascript 84.53.161.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-43.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 54992cc7785468dc624160738ef6642ed1c220bc5107e3cca971465d4db2e2f8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
content-length: 11811
last-modified: Wed, 03 Jul 2019 05:57:43 GMT
server: AmazonS3
etag: "b2294dab735d3cbca7a404cdee3e7490"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 23 Dec 2022 13:42:13 GMT

GET
H2 200 pixel-sdk.min.js Show response
static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/ Frame 7843 8 KB
3 KB 251ms
201ms Script
application/javascript 84.53.161.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/pixel-sdk.min.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-43.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
content-length: 2969
last-modified: Wed, 30 Mar 2022 16:45:20 GMT
server: AmazonS3
etag: "c1e834ba9e137083fcb25e378b5d9bf1"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 23 Dec 2022 13:42:13 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 156ms
49ms Script
application/javascript 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Dec 2022 13:42:13 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 829ms
196ms XHR
application/octet-stream 52.11.176.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/2.23.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.11.176.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-11-176-167.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Dec 2022 13:42:14 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 173ms
59ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Dec 2023 08:29:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 210 B
129 B 203ms
93ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.upi.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

4537b129f003a8fa9fd8992cf88b80b279761137e16ad36dfaa6dbdda323b07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
expires: Fri, 16 Dec 2022 13:42:13 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 4 KB
2 KB 193ms
64ms Script
application/javascript 18.66.15.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-92.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:35:06 GMT
content-encoding: gzip
via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 428
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:52:56 GMT
server: AmazonS3
etag: W/"bc35b7c476efec25f5c48ba8fb7b9906"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: PRV7krnVthgJ0E3Z3JuUkJINHPu0BEBryiIaac8QjUdUUS_oRqmRbA==

GET
H2 200 xdomain_cookie.html Show response
embed.ex.co/ Frame 46C8 3 KB
1 KB 47ms
31ms Document
text/html 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.ex.co/xdomain_cookie.html

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type, X-PB-Referer
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 600
age: 15056
cache-control: public, max-age=0
content-encoding: gzip
content-length: 1228
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:42:14 GMT
etag: W/"a93-1850693e1a8"
last-modified: Mon, 12 Dec 2022 13:43:53 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 142, 1
x-content-type-options: nosniff
x-served-by: cache-iad-kcgs7200161-IAD, cache-bma1630-BMA
x-timer: S1671198134.071241,VS0,VE2

GET
H2 200 poll-viewer.js Show response
static.ex.co/cdn/viewers/poll-viewer/06-12-2022-08-20-25-9d33cd3-fix-completion-event/ Frame 7843 120 KB
31 KB 79ms
79ms Script
application/javascript 84.53.161.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/viewers/poll-viewer/06-12-2022-08-20-25-9d33cd3-fix-completion-event/poll-viewer.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-43.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f53178049f050e8a1258185b42ae091c5f84cea331ebb62db13726db5bdaa401

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
content-encoding: gzip
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 31195
last-modified: Tue, 06 Dec 2022 08:20:28 GMT
server: AmazonS3
etag: "253ec6c413b4736c93c4e9c40e511f2e"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 23 Dec 2022 13:42:14 GMT

GET
H2 200 poll-viewer-svg.js Show response
static.ex.co/cdn/viewers/poll-viewer/06-12-2022-08-20-25-9d33cd3-fix-completion-event/ Frame 7843 1 KB
1 KB 76ms
74ms Script
application/javascript 84.53.161.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/viewers/poll-viewer/06-12-2022-08-20-25-9d33cd3-fix-completion-event/poll-viewer-svg.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-43.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fa8ab6dcdd9eb53e6b8d5a661d4c254b3657a3e62cb81a13265f745e66d0b748

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
content-encoding: gzip
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 764
last-modified: Tue, 06 Dec 2022 08:20:27 GMT
server: AmazonS3
etag: "4f0bb8fd36ef1550a8c50111ee1308fb"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 23 Dec 2022 13:42:14 GMT

GET
H2 200 lead-form-viewer.js Show response
static.ex.co/pb-story/lead-form/production/960227989706093551a1caaefea3a84cf5120b51-2022-08-07-06-50-20/ Frame 7843 152 KB
41 KB 69ms
68ms Script
application/javascript 84.53.161.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/pb-story/lead-form/production/960227989706093551a1caaefea3a84cf5120b51-2022-08-07-06-50-20/lead-form-viewer.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.161.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a84-53-161-43.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d02ab48300af7ffb71d7b6e3ac2afc9646a18bfe20faf40da86a7c31135c79f2

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
content-encoding: gzip
content-length: 41346
last-modified: Sun, 07 Aug 2022 06:50:21 GMT
server: AmazonS3
etag: "7c0c487f229e5daa6bc6ec79fcf50739"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 23 Dec 2022 13:42:14 GMT

GET
H2 200 / Show response
pixel.ex.co/v1/playbuzz-network/ Frame 7843 2 B
222 B 37ms
28ms XHR
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.ex.co/v1/playbuzz-network/
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/pixel-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
via: 1.1 varnish
age: 1118
x-cache: HIT
content-length: 2
x-served-by: cache-bma1641-BMA
server: nginx
x-timer: S1671198134.067435,VS0,VE0
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 45

GET
H2 200 fe663d2d-c42b-4d34-aa63-8da58fcc8d76 Show response
pixel.ex.co/v1/item/ Frame 7843 1 KB
568 B 29ms
29ms XHR
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.ex.co/v1/item/fe663d2d-c42b-4d34-aa63-8da58fcc8d76
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/a88826e11b78e8002b69a8313adc7a38bf1f2e18/pixel-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
content-encoding: gzip
via: 1.1 varnish
age: 678
x-cache: HIT
content-length: 458
x-served-by: cache-bma1641-BMA
server: nginx
x-timer: S1671198134.083312,VS0,VE1
etag: W/"5c6-O3zrPZgNio3Vn+SHXFpF671qpQI"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1

GET
H2 200 adwords.js Show response
mcd-sdk.playbuzz.com/ Frame 7843 0
0 111ms
30ms Script
text/html 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd-sdk.playbuzz.com/adwords.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 5376056 Show response
fundingchoicesmessages.google.com/i/ 113 KB
40 KB 232ms
90ms Script
application/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5376056?ers=3

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

6b7462923e81a39a3dc301d2a172a559c4c83291ea5f3a81116cbc0fa5b79144

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Es7KhAKI0Oij0yU7XRrm-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Es7KhAKI0Oij0yU7XRrm-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=522206977;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.upi.com%2F;uht=2;fpan=1;fpa=P0-218144407-1671198133779;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=upi.com;dst=0...
pixel.quantserve.com/ 35 B
372 B 57ms
52ms Image
image/gif 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=522206977;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.upi.com%2F;uht=2;fpan=1;fpa=P0-218144407-1671198133779;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=upi.com;dst=0;et=1671198134113;tzo=0;ogl=site_name.UPI%2Cimage.%2F%2Fwww%252Eupi%252Ecom%2Fimg%2Fupi-fb%252Epng;ses=e6dbd752-6c69-4817-910a-2a18cc4202f7

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 13:42:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 7843 884 B
996 B 182ms
62ms Script
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcwVN8ZAAAAAC8xkG6T9vTUaw1M1LxHSUKHGn42

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

477775baf3f001cff194d5f0c6c3085d9f9df378ba223df7dc526c07f4eb678d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Fri, 16 Dec 2022 13:42:14 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 7843 8 KB
8 KB 214ms
63ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Poppins:wght@400;700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 07:19:38 GMT
x-content-type-options: nosniff
age: 109356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 07:19:38 GMT

GET
H2 200 53363ea8-5981-49b7-954e-2ea991eb7c77 Show response
voting.ex.co/poll/9f1ddf50-efe7-476a-a63b-f450671d022f/ Frame 7843 190 B
453 B 877ms
561ms Fetch
application/json 52.73.136.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://voting.ex.co/poll/9f1ddf50-efe7-476a-a63b-f450671d022f/53363ea8-5981-49b7-954e-2ea991eb7c77?questionId=53363ea8-5981-49b7-954e-2ea991eb7c77
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.136.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-136-54.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d7d121bd29a76e3d39cb210379027b6bd60a7a273f38ea38b275e38f404775f8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:15 GMT
server: nginx
etag: W/"be-/YtJlqcwmLBrLpvtEB2pLCmTcrQ"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type
content-length: 190

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 412ms
134ms Image
image/gif 3.231.49.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=upi.com&p=%2F&u=EASRICzHlPjDh8wFj&d=upi.com&g=4027&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6680&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.upi.com%2F&b=1676&t=BuKkmhqjvY_CFOIdcDQu9L34ZMGW&V=139&i=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26%20U.S%20News%20-%20UPI.com&tz=0&sn=1&sv=B1zOcYDCOtFyB_xZB6GdrfHDqjgth&sd=1&im=0603040f&_
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.49.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-49-203.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Dec 2022 13:42:14 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 template Show response
ads.playbuzz.com/api/v1/ Frame 7843 67 B
442 B 232ms
131ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.playbuzz.com/api/v1/template?itemId=fe663d2d-c42b-4d34-aa63-8da58fcc8d76&referrer=https%3A%2F%2Fwww.upi.com%2F
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d011640360e11ca5fcd9408d86e47e5039793830910b1048d0e0b01f9d713696

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 67
x-served-by: cache-bma1675-BMA
server: nginx
x-timer: S1671198134.427186,VS0,VE100
etag: W/"43-8jDzeDo+BjJ83BcHIIvldQ"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upi.com
vary: Origin, x-pb-country
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 7843 401 KB
160 KB 186ms
56ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 09:40:43 GMT

GET
H3 200 AGSKWxVGJx9OEcUs819si61Q-T65oVF5FTy5IoRwEyy8U-PTK5DTnw_5Nw0Puy21YMoig5fZrKkM84Uk8x6vZ6Wuof4= Show response
fundingchoicesmessages.google.com/f/ 516 KB
63 KB 281ms
161ms Script
application/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVGJx9OEcUs819si61Q-T65oVF5FTy5IoRwEyy8U-PTK5DTnw_5Nw0Puy21YMoig5fZrKkM84Uk8x6vZ6Wuof4=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMTk4MTM0LDUwOTAwMDAwMF0sIjI4MDBFRDQwLTI5QTYtNDExOS1BMjM4LTY2NjExRUU4MDM1OSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnVwaS5jb20vIixudWxsLFtbOCwiYTV5TkNUSFFGOTAiXSxbOSwiZW4tVVMiXV1d

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

93e48bb582173c6b220d2391aeb1b3c794cbe2dfd8f2d53b3aeff812486db7e1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-niM8qhMpVftFWv_79O3cvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-niM8qhMpVftFWv_79O3cvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AC3D 42 KB
22 KB 196ms
79ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwVN8ZAAAAAC8xkG6T9vTUaw1M1LxHSUKHGn42&co=aHR0cHM6Ly93d3cudXBpLmNvbTo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=q55uz3nwww0q

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

72bed170d58d53be4833441d4293ceef31f1c597b4316def9c7acc12a66fe0cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7POjjG1AFihGrkI4cUDPNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22238
content-security-policy: script-src 'report-sample' 'nonce-7POjjG1AFihGrkI4cUDPNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 13:42:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ 60 KB
4 KB 80ms
80ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d3terveqlssriz.cloudfront.net
URL: https://d3terveqlssriz.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

a80933c717cce51df2b59fc76f4f3e81892fd743f4bff7945e8ec353ed32c649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 13:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 13:42:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 13:42:14 GMT

GET
H2 200 NOknb-3zfLmy2rND8HKYBws3t-zr_AO0ogiDvOmHlbo0Lp7bKjkvU1WSgzBSE81tmUL3D1E5vwUNPyjS9udVOPXMiON50vAaIvYSSMELD3gbCbQYKRo6=h60
lh3.googleusercontent.com/ 1 KB
2 KB 222ms
62ms Image
image/png 142.251.208.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/NOknb-3zfLmy2rND8HKYBws3t-zr_AO0ogiDvOmHlbo0Lp7bKjkvU1WSgzBSE81tmUL3D1E5vwUNPyjS9udVOPXMiON50vAaIvYSSMELD3gbCbQYKRo6=h60

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f1.1e100.net

Software

fife /

Resource Hash

78577128375cc262840219d7bfacaed6e7986c8ce77db3b674730050700148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.upi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 12:04:20 GMT
x-content-type-options: nosniff
age: 5875
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1524
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 03:26:41 GMT

POST
H3 204 AGSKWxXS8DNwkUApHqiXm8_Fvx-pTp8yNg3u0hh3ck9saeUAQ1PU3O3oDpjikkrxzSatP8Cj8OlmqvOhykBNi5DOlcdXhAKzpHgXOENvl93d6kxyWW46j7Xwqz1CdeuvxqNeqan5k-nk2g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 185ms
71ms XHR
text/html 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXS8DNwkUApHqiXm8_Fvx-pTp8yNg3u0hh3ck9saeUAQ1PU3O3oDpjikkrxzSatP8Cj8OlmqvOhykBNi5DOlcdXhAKzpHgXOENvl93d6kxyWW46j7Xwqz1CdeuvxqNeqan5k-nk2g==?dmid=91eacc24a6679136

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s48FFZAQkf_cdoOeUL-TEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 13:42:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-s48FFZAQkf_cdoOeUL-TEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.upi.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame AC3D 52 KB
24 KB 165ms
53ms Stylesheet
text/css 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwVN8ZAAAAAC8xkG6T9vTUaw1M1LxHSUKHGn42&co=aHR0cHM6Ly93d3cudXBpLmNvbTo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=q55uz3nwww0q

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 11:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 11:29:21 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame AC3D 401 KB
160 KB 192ms
80ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 09:40:43 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
125 KB 63ms
62ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:21:17 GMT
x-content-type-options: nosniff
age: 253258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 15:21:17 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 88ms
87ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upi.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:50:55 GMT
x-content-type-options: nosniff
age: 327080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 18:50:55 GMT

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ Frame 7843 0
133 B 136ms
134ms Fetch
text/plain 18.204.27.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.27.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-27-191.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Fri, 16 Dec 2022 13:42:15 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 events Show response
prd-collector-anon.playbuzz.com/main/ Frame 7843 0
134 B 538ms
138ms Fetch
text/plain 52.44.187.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.playbuzz.com/main/events
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.187.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-187-32.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.upi.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.upi.com
date: Fri, 16 Dec 2022 13:42:15 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AC3D 2 KB
2 KB 53ms
52ms Image
image/png 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:59:47 GMT
x-content-type-options: nosniff
age: 240148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 20 Dec 2022 18:59:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AC3D 15 KB
15 KB 62ms
62ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:20:58 GMT
x-content-type-options: nosniff
age: 15677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 09:20:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AC3D 15 KB
15 KB 63ms
63ms Font
font/woff2 142.251.39.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:15:01 GMT
x-content-type-options: nosniff
age: 55634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:15:01 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame AC3D 102 B
134 B 65ms
64ms Other
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwVN8ZAAAAAC8xkG6T9vTUaw1M1LxHSUKHGn42&co=aHR0cHM6Ly93d3cudXBpLmNvbTo0NDM.&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=q55uz3nwww0q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 16 Dec 2022 13:42:15 GMT

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upi.com/	1970-01-20 08:27:42	Name: _upi_uid Value: 26c73557-cca9-4b31-87b1-9e9ac81ea84d
.proper.io/	1970-01-20 08:13:19	Name: __cf_bm Value: Ld7TdmSG8z1V4IC260haRnA2EHLssbD7D2vLA8Rvn.s-1671198133-0-ActBEKwbfCVA6hlOVit+m/OeVfuoIzmo6daqiA/SRC77ex+r5vwHzxHhNn+NH4GwT8dkpoMSg5Y8tEw9b/OMpwyOVMJNp+M+CIaVJo6ngU00
.upi.com/	1970-01-20 17:49:18	Name: _ga Value: GA1.2.1119628063.1671198133
.upi.com/	1970-01-20 08:14:44	Name: _gid Value: GA1.2.2109448783.1671198133
.upi.com/	1970-01-20 08:13:18	Name: _gat Value: 1
.upi.com/	1970-01-20 08:13:19	Name: properSessionStorage Value: eyJ1dWlkIjoiZDBlNjQ0MGMtYjExMi00NDQzLTkyMjYtMDU5ZDJmNzJiMjA4IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjAsImxhc3RfdGhyZXNob2xkIjowfQ%3D%3D
.quantserve.com/	1970-01-20 17:43:32	Name: mc Value: 639c75b6-24308-e89d9-84851
.upi.com/	1970-01-20 17:42:06	Name: _cb Value: EASRICzHlPjDh8wFj
.upi.com/	1970-01-20 17:42:06	Name: _chartbeat2 Value: .1671198134291.1671198134291.1.B1zOcYDCOtFyB_xZB6GdrfHDqjgth.1
.upi.com/	1970-01-20 08:13:19	Name: _cb_svref Value: null
.upi.com/	1970-01-20 17:37:46	Name: __qca Value: P0-218144407-1671198133779

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.upi.com/ Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://d3terveqlssriz.cloudfront.net/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
javascript	warning	URL: https://www.upi.com/ Message: The resource https://static.ex.co/pb-story/production/be0891ff739b78b7e3603db9f85d5ca2d0946e21-2022-09-13-14-09-51/story-viewer.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	'SAMEORIGIN'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abcheck.proper.io
ads.playbuzz.com
bids.proper.io
cdnph.upi.com
d3terveqlssriz.cloudfront.net
embed.ex.co
experience.ex.co
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.proper.io
i.clean.gg
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
mcd-sdk.playbuzz.com
ping.chartbeat.net
pixel.ex.co
pixel.quantserve.com
prd-collector-anon.playbuzz.com
prd-collector-platform.ex.co
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.ex.co
stats.g.doubleclick.net
voting.ex.co
www.google-analytics.com
www.google.com
www.gstatic.com
www.upi.com
104.17.79.34
104.18.11.207
104.18.18.10
104.18.19.10
108.156.61.148
142.250.181.238
142.250.185.162
142.250.185.164
142.250.185.206
142.250.185.234
142.250.185.99
142.251.208.97
142.251.39.67
151.101.2.132
151.101.2.137
18.204.27.191
18.66.15.92
3.231.49.203
34.95.69.49
52.11.176.167
52.44.187.32
52.73.136.54
54.239.163.146
66.102.1.156
84.53.161.43
91.228.74.208
0187f6936ae7f02a045f3e4762e47eb3f2b5b9e7069a7c5608c035104c9f30a9
12c3fd1546583a7d1bfaf9fa41e0e88f57551ddd04ddd65f735cd231cf235fd4
1628601fcffe3ac0518f9252ca4ef3f4c061616aedfffa7fc8a02a068f71d2bb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d8379d2cd14f138436f742452d4068018a0e8c107db414c67ee733a11d28617
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
209f0497ae7a723a998f455accf6e5bcc92f7f85526c3b48b30974a2b9d88cfd
20fc1d33f21c2d5adaa46847337d43557a552a32ed21164054a0d3ac1f40e709
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc1eb51b5f4f556e24864d2ee0eb21332ecf7a2d2d797a225f9efd47a3185c9
321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c
33bd5f1fdbcd6f3009cd1fe51b125ce3b770b846be8105b4f0f401edf6ef2c8a
3421326d255b79a1034c21d3a49de8320174789a159e60baf8946244b10ea831
3be072af6f702008ab6b2c8bea2e1386bc905712db38626cb1472100d62a0f55
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4537b129f003a8fa9fd8992cf88b80b279761137e16ad36dfaa6dbdda323b07f
477775baf3f001cff194d5f0c6c3085d9f9df378ba223df7dc526c07f4eb678d
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4daf5743c6e23384f3f0f89086d9a195e2b9d0f7be9d30d2046298310a2ca025
4e6158242aceb53fc1bdd783d5b426a7535e840adb7844176b8dc03e6c064b47
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
503ae94cf4f406a2527ecc3b35d9491190a7472e53a9c3284d16cb96532c73a1
51ef7774825694a5573ba32bedbe304f4c16bf8190dbea21474ffce21551a2a7
54992cc7785468dc624160738ef6642ed1c220bc5107e3cca971465d4db2e2f8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee
6b5641bd4ee8f676291099ddbc77f658028c5f64ac8b38374b78677efbce1d83
6b7462923e81a39a3dc301d2a172a559c4c83291ea5f3a81116cbc0fa5b79144
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce638f651c229dd45b52e393992367bd469b03ef1a5d09fcd82fdbb647dfe03
72bed170d58d53be4833441d4293ceef31f1c597b4316def9c7acc12a66fe0cd
7687d4051815fba3d98a9fe1b25cdbb849b68d0aa19381f94841098027ed7ff7
77e4291b8b679a184b658437d4ca45112f0c71f6d0ea0073de58ec86838607f5
78577128375cc262840219d7bfacaed6e7986c8ce77db3b674730050700148f5
787c383619887a9816dc6b691e6e59fca53ab28ced2dd9e8ddc7561ff46f3f32
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
918c1582c53aca3e483974a474453599d54f7bc47ff5255fb569380225c60e1e
93e48bb582173c6b220d2391aeb1b3c794cbe2dfd8f2d53b3aeff812486db7e1
9761f47b84dbea583a56b1b196cbc87abc8f6fa630425de2208e1c6f76653a78
994d5fa4b3630fd6d2d21454c8bd94c326bd3452cfa32dc5fea7ed92406e6ecd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a80933c717cce51df2b59fc76f4f3e81892fd743f4bff7945e8ec353ed32c649
a90a02d293c532220eefa84f1edc79d402d4919fe3f4390856480222b61b7a6a
ab8c579c48bc1c5473346234d2777168a2f56e656fe3628300eeba9db860d9de
ae6638de44f8e8da8896e65c7d06dee6f48e8daf2f0bb541a98f238afb951efd
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c25f393433358df2b3ceb208d5dcd01f1680c7d58e4159f97ed8fd8fefb4e50e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f
cdb38d4a0cb30c9d211ff65059c8c0bdd1be15e4bd624206859a3764bf135b7f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d011640360e11ca5fcd9408d86e47e5039793830910b1048d0e0b01f9d713696
d02ab48300af7ffb71d7b6e3ac2afc9646a18bfe20faf40da86a7c31135c79f2
d07a83b2601ee10d26cf24758d6735ce7ad03152d6fce580301910e9148bac4d
d7d121bd29a76e3d39cb210379027b6bd60a7a273f38ea38b275e38f404775f8
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
dba26d36a2b405236a1eecab8cce470a19cc21cd5e4c06dfc4250f821e046628
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4114dc6f5598f07af9af989c0e9bb1ae5d5f113ccc73d55f8d980b76bf1dd6e
e4fc6dedab5e13fa9350b36a3936cce18bf68d6e58c048b02806ed9e42bbe0b4
e966b7911fa7bb8d549feb4eb979b042486f775e4d7e23af0de033640b4733d6
ecd93802562255dff45c0aa90f8e57693ce3fc103c8e3033a5c1dbe2d1574769
ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe
f53178049f050e8a1258185b42ae091c5f84cea331ebb62db13726db5bdaa401
fa8ab6dcdd9eb53e6b8d5a661d4c254b3657a3e62cb81a13265f745e66d0b748

www.upi.com Open in urlscan Pro 104.18.19.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

0 %IPv6

17 Domains

31 Subdomains

25 IPs

4 Countries

2598 kBTransfer

6319 kBSize

11 Cookies

6 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upi.com Open in urlscan Pro
104.18.19.10 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

31
Subdomains

25
IPs

4
Countries

2598 kB
Transfer

6319 kB
Size

11
Cookies

87 HTTP transactions
0 data transactions