upbeatnews.com Open in urlscan Pro
52.206.50.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Effective URL:
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Submission: On June 19 via api (June 19th 2020, 5:56:50 pm UTC) from US

Summary HTTP 239 Redirects Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 43 domains to perform 239 HTTP transactions. The main IP is 52.206.50.159, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is upbeatnews.com.
TLS certificate: Issued by Amazon on November 3rd 2019. Valid for: a year.

This is the only time upbeatnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	52.206.50.159 52.206.50.159	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.247.225.192 72.247.225.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21f... 2600:9000:21f3:aa00:11:9a35:5280:21	16509 (AMAZON-02) (AMAZON-02)
1	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:c600:6:266a:9940:21	16509 (AMAZON-02) (AMAZON-02)
7	143.204.93.227 143.204.93.227	16509 (AMAZON-02) (AMAZON-02)
1 3	91.228.74.226 91.228.74.226	27281 (QUANTCAST) (QUANTCAST)
3	34.223.241.95 34.223.241.95	16509 (AMAZON-02) (AMAZON-02)
14	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.58.202.213 52.58.202.213	16509 (AMAZON-02) (AMAZON-02)
1	178.128.135.80 178.128.135.80	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-) (VCLK-EU-)
2	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
1	2.21.37.179 2.21.37.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	35.158.189.107 35.158.189.107	16509 (AMAZON-02) (AMAZON-02)
20 33	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
7	3.225.104.120 3.225.104.120	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	54.194.116.156 54.194.116.156	16509 (AMAZON-02) (AMAZON-02)
2	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
4	2606:4700:10:... 2606:4700:10::ac43:bac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:d200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	72.247.226.107 72.247.226.107	16625 (AKAMAI-AS) (AKAMAI-AS)
3	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	18.221.205.30 18.221.205.30	16509 (AMAZON-02) (AMAZON-02)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1		() ()
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
59	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
3	52.5.148.243 52.5.148.243	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1 1	134.209.129.254 134.209.129.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.100.64.146 95.100.64.146	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.225.87.58 13.225.87.58	16509 (AMAZON-02) (AMAZON-02)
1 2	52.59.125.145 52.59.125.145	16509 (AMAZON-02) (AMAZON-02)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
7	208.100.17.188 208.100.17.188	32748 (STEADFAST) (STEADFAST)
2	35.158.60.52 35.158.60.52	16509 (AMAZON-02) (AMAZON-02)
1	52.49.73.64 52.49.73.64	16509 (AMAZON-02) (AMAZON-02)
12	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-) (VCLK-EU-)
239	60

8 52.206.50.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-50-159.compute-1.amazonaws.com

upbeatnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2s.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.225.192 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-192.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:aa00:11:9a35:5280:21 (United States)

ASN16509 (AMAZON-02, US)

d10ttgjjowsnd6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c600:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02, US)

dw7nrwnn2bkh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.93.227 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-227.fra50.r.cloudfront.net

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.226 (United Kingdom) 1 redirects

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.223.241.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-241-95.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.30 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.89 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.202.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.80 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rx.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.37.179 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-179.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.158.189.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 20 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.225.104.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-104-120.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.116.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com

stats3.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)

rx-stats3.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:bac (United States)

ASN13335 (CLOUDFLARENET, US)

images.upbeatnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.226.107 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-107.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.221.205.30 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-205-30.us-east-2.compute.amazonaws.com

lo3trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

upbeatnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b6d4dd093fdc433d3c393b3c75963913.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.5.148.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-148-243.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.129.254 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.64.146 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-64-146.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.58 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-58.fra2.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.125.145 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-125-145.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.188 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip188.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.60.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-60-52.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.73.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-73-64.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:fa8:8806:12::1370 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com b6d4dd093fdc433d3c393b3c75963913.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	812 KB
35	advertising.com 20 redirects adserver-us.adtech.advertising.com pixel.advertising.com	18 KB
25	ampproject.org cdn.ampproject.org	533 KB
20	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	161 KB
14	unrulymedia.com video.unrulymedia.com stats3.unrulymedia.com rx-stats3.unrulymedia.com rx.targeting.unrulymedia.com	78 KB
13	dotomi.com web.hb.ad.cpe.dotomi.com aol-match.dotomi.com	2 KB
13	upbeatnews.com 1 redirects upbeatnews.com images.upbeatnews.com	2 MB
8	google.com 1 redirects adservice.google.com www.google.com	659 B
7	tynt.com de.tynt.com
7	33across.com ssc.33across.com	4 KB
7	proper.io global.proper.io bids.proper.io s2s.proper.io	57 KB
5	sharethrough.com btlr.sharethrough.com	560 B
5	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com	5 KB
4	3lift.com 2 redirects tlx.3lift.com ib.3lift.com eb2.3lift.com	1 KB
4	outbrain.com widgets.outbrain.com amplify.outbrain.com tr.outbrain.com amplifypixel.outbrain.com	48 KB
3	googletagservices.com www.googletagservices.com	82 KB
3	postrelease.com jadserve.postrelease.com	2 KB
3	google.de www.google.de adservice.google.de	443 B
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
3	pubmatic.com 2 redirects image6.pubmatic.com ads.pubmatic.com	970 B
3	lijit.com 2 redirects ap.lijit.com	2 KB
3	openx.net 1 redirects propermedia-d.openx.net eu-u.openx.net	861 B
3	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	9 KB
3	googletagmanager.com www.googletagmanager.com	98 KB
2	lo3trk.com lo3trk.com	5 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	teads.tv a.teads.tv sync.teads.tv	297 B
2	serverbid.com 1 redirects e.serverbid.com sync.serverbid.com	267 B
2	districtm.io dmx.districtm.io cdn.districtm.io	425 B
2	cloudfront.net d10ttgjjowsnd6.cloudfront.net dw7nrwnn2bkh1.cloudfront.net	38 KB
1	adsrvr.org match.adsrvr.org	264 B
1	brealtime.com biddr.brealtime.com
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	google.be adservice.google.be	168 B
1	quantcount.com rules.quantcount.com	346 B
1	googleadservices.com www.googleadservices.com	12 KB
1	emxdgt.com hb.emxdgt.com	306 B
1	1rx.io tag.1rx.io	269 B
1	sonobi.com apex.go.sonobi.com	857 B
1	casalemedia.com as-sec.casalemedia.com	3 KB
1	clean.gg i.clean.gg	104 B
1	ntv.io s.ntv.io	94 KB
239	43

	Domain	Requested by
34	tpc.googlesyndication.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
33	adserver-us.adtech.advertising.com	20 redirects upbeatnews.com
25	cdn.ampproject.org	d10ttgjjowsnd6.cloudfront.net
16	pagead2.googlesyndication.com	upbeatnews.com d10ttgjjowsnd6.cloudfront.net pagead2.googlesyndication.com securepubads.g.doubleclick.net
14	securepubads.g.doubleclick.net	d10ttgjjowsnd6.cloudfront.net securepubads.g.doubleclick.net upbeatnews.com
12	aol-match.dotomi.com	upbeatnews.com
9	upbeatnews.com	1 redirects upbeatnews.com d10ttgjjowsnd6.cloudfront.net
7	de.tynt.com	d10ttgjjowsnd6.cloudfront.net
7	ssc.33across.com	global.proper.io
7	video.unrulymedia.com	upbeatnews.com d10ttgjjowsnd6.cloudfront.net ajax.googleapis.com
5	www.google.com	1 redirects upbeatnews.com
5	googleads.g.doubleclick.net	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
5	btlr.sharethrough.com	global.proper.io
4	images.upbeatnews.com	upbeatnews.com
4	stats3.unrulymedia.com	upbeatnews.com
4	ib.adnxs.com	2 redirects global.proper.io
3	www.googletagservices.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
3	jadserve.postrelease.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
3	adservice.google.com	d10ttgjjowsnd6.cloudfront.net upbeatnews.com
3	s2s.proper.io	upbeatnews.com
3	ap.lijit.com	2 redirects global.proper.io
3	bids.proper.io	global.proper.io
3	www.googletagmanager.com	upbeatnews.com d10ttgjjowsnd6.cloudfront.net
2	pixel.advertising.com	upbeatnews.com
2	eu-u.openx.net	1 redirects d10ttgjjowsnd6.cloudfront.net
2	eb2.3lift.com	1 redirects d10ttgjjowsnd6.cloudfront.net
2	adservice.google.de	upbeatnews.com
2	lo3trk.com	d10ttgjjowsnd6.cloudfront.net lo3trk.com
2	log.outbrainimg.com	widgets.outbrain.com
2	pixel.quantserve.com	1 redirects upbeatnews.com
2	rx-stats3.unrulymedia.com	upbeatnews.com
2	www.google-analytics.com	1 redirects d10ttgjjowsnd6.cloudfront.net
2	image6.pubmatic.com	2 redirects
1	match.adsrvr.org	upbeatnews.com
1	biddr.brealtime.com	d10ttgjjowsnd6.cloudfront.net
1	ib.3lift.com	1 redirects
1	sync.teads.tv	d10ttgjjowsnd6.cloudfront.net
1	cdn.districtm.io	d10ttgjjowsnd6.cloudfront.net
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	d10ttgjjowsnd6.cloudfront.net
1	sync.serverbid.com	1 redirects
1	acdn.adnxs.com	d10ttgjjowsnd6.cloudfront.net
1	rx.targeting.unrulymedia.com	upbeatnews.com
1	b6d4dd093fdc433d3c393b3c75963913.safeframe.googlesyndication.com	d10ttgjjowsnd6.cloudfront.net
1	ajax.googleapis.com	d10ttgjjowsnd6.cloudfront.net
1	ads.pubmatic.com	d10ttgjjowsnd6.cloudfront.net
1	www.google.de	upbeatnews.com
1	fonts.googleapis.com	upbeatnews.com
1	amplifypixel.outbrain.com	upbeatnews.com
1	tr.outbrain.com	upbeatnews.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	stats.g.doubleclick.net	upbeatnews.com
1	adservice.google.be	d10ttgjjowsnd6.cloudfront.net
1	rules.quantcount.com	d10ttgjjowsnd6.cloudfront.net
1	www.googleadservices.com	d10ttgjjowsnd6.cloudfront.net
1	amplify.outbrain.com	d10ttgjjowsnd6.cloudfront.net
1	hb.emxdgt.com	global.proper.io
1	a.teads.tv	global.proper.io
1	tag.1rx.io	global.proper.io
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	e.serverbid.com	global.proper.io
1	tlx.3lift.com	global.proper.io
1	as-sec.casalemedia.com	d10ttgjjowsnd6.cloudfront.net
1	dmx.districtm.io	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	secure.quantserve.com	d10ttgjjowsnd6.cloudfront.net
1	dw7nrwnn2bkh1.cloudfront.net	d10ttgjjowsnd6.cloudfront.net
1	i.clean.gg	d10ttgjjowsnd6.cloudfront.net
1	d10ttgjjowsnd6.cloudfront.net	upbeatnews.com
1	s.ntv.io	upbeatnews.com
1	widgets.outbrain.com	upbeatnews.com
1	global.proper.io	upbeatnews.com
239	72

This site contains no links.

Subject Issuer	Validity	Valid
upbeatnews.com Amazon	`2019-11-03` - `2020-12-03`	a year	crt.sh
proper.io CloudFlare Inc ECC CA-2	`2019-12-10` - `2020-10-09`	10 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
i.clean.gg GTS CA 1D2	`2020-05-04` - `2020-08-02`	3 months	crt.sh
*.unrulymedia.com DigiCert SHA2 Secure Server CA	`2017-08-30` - `2020-11-27`	3 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2019-01-22` - `2021-01-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2020-02-25` - `2020-10-09`	7 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
e.serverbid.com Let's Encrypt Authority X3	`2020-03-24` - `2020-06-22`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-05-12` - `2020-08-10`	3 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2019-07-17` - `2020-07-17`	a year	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-26` - `2020-10-09`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
lo3trk.com Amazon	`2019-12-08` - `2021-01-08`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-04-14`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-03-11` - `2020-09-07`	6 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 33 frames:

Primary Page: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Frame ID: 024ED23D1C2F20B4CAC575BD179FEE51
Requests: 123 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Frame ID: E2545527192D331A377DD651D3334F9E
Requests: 1 HTTP requests in this frame

Frame: blob://https://upbeatnews.com/9d9510d9-2fdb-4485-97c1-5586ddc07cf0
Frame ID: 85BA1D177A246ECB04403C9AC173AEAA
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 0CD83017C794777242A8351493421549
Requests: 12 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1669-0-ge7ea92e&siteId=1120340
Frame ID: 366B5D856B9709B77A9DB04BEF0C881E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 6A211F58E6820403D05D2D877FEB4681
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: F2E3D023A3A1419F06878C7D73378208
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 2277DE97495CE2DE355A4508535D4EEF
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvg-j_NfeP7UfutVPTvPD105Lj9uCYAiv-NZ_dIiUPvxpDm3sUxreOoOH94QQ8wUAoeUe5rYIP3DBN3loVhVrKHVuMXyL7AqkNfIDj2RhmOGGd-bWF95ZKktLf79ZUTrJ6BPfQT_y3T4fhRQinLM2zxmwBeyKL9THwITnh1J1vdd0CyIDI-AVYbllPHf3kxM2TcSyF4g4HIKQTAHXHEt_R3D8EAeXfhu0c4L4u27ulDTiqrWFWSUVB1iKBNnMoaJ7R-oByceaDo_5C3joI&sig=Cg0ArKJSzIY6o0tWFIi0EAE&urlfix=1&adurl=
Frame ID: 019A35A37B11A945A297CE33B334D8E6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AD5F7B10B0EA6981147BCA91B17F7D09
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html
Frame ID: 677E5418A016E5AF3EFC78FF8BBA83D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=250&slotname=5140430151&adk=2462278425&adf=1842636958&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589390171&bpp=25&bdt=86&idt=105&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=3051074010490&frm=23&ife=1&pv=2&ga_vid=134596596.1592589390&ga_sid=1592589390&ga_hid=562492375&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=389&ady=3179&biw=1600&bih=1200&isw=300&ish=250&ifk=673758767&scr_x=0&scr_y=0&eid=21065531%2C21066415&oid=3&pvsid=838952820373162&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.zcvvrmv885fi&btvi=1&fsb=1&dtd=124
Frame ID: 7B2DB349463A1B8FD722F04D5D01C939
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 46A73460F9C8CCE1CD4D6093C93804A0
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsKk0jk_Xy6sgnjdTddaQEcpVltyFB0RNkCIkvijcwok_NWsHnHqK_wG8_ibXzTCJLtBlcQ6Ux--2PLRq3BuGaZF2g8O8RafhyT8IYTDV9EBQzDKaNE5j7LawTPJt3yyK7ypYFSlzRsHK-3aA5_PRG5VcDbFNrq4MrJScWkXGVzXQIScCh_R5A-JfW5ZvpxuCa5vweRdhp-8Qh0cdxiWxelvkwYgrqn2k1z_eN8Rk7TRJef9GBxu32kuz2f7IuWg7WP_N17aqxiCoR20pJ&sig=Cg0ArKJSzJNoShqlsOShEAE&urlfix=1&adurl=
Frame ID: D26D6BF66D797D566F202A8F5D0E68B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 55BF2D7317DAA747A4AC72AC3811B802
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=90&slotname=5140430151&adk=850169076&adf=3151382141&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589390618&bpp=31&bdt=52&idt=113&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=3051074010490&frm=23&ife=1&pv=1&ga_vid=1632206118.1592589391&ga_sid=1592589391&ga_hid=1952989466&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=366&ady=3572&biw=1600&bih=1200&isw=728&ish=90&ifk=1777893847&scr_x=0&scr_y=0&eid=21065531%2C36998751&oid=3&pvsid=2958270713882819&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.dv9rfnm2rz2t&btvi=1&fsb=1&dtd=130
Frame ID: 7E771C67D4D41EA008AD916EB57BB902
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: F4512435CCDCBC91B0CFB31350E16E59
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0E5E7FCB7D51F7C123F8F555220BF0EA
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html
Frame ID: 2C7BD49D5490070F71D589952EF0FFE1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C615D5FCA055BD8BAB9F668D50FA4FD7
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: 1FA559C491AEEFF4A1236B3F78DDD2B1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 9E18D1DEF82F9FA19D14060E0E8C5764
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: B051AE6A6BE4F369CC11DC815C65FB3E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 3C36EBFB3A69B2C0EF978BF25131E29C
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=c_pyYe7jir6yk_aKlId8sQ&gdpr_consent=undefined
Frame ID: 0DCBD2608C8136C010B827351C0CD933
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dh-5_W7jir6zrpaKkv7mNO&gdpr_consent=undefined
Frame ID: E9BC633A1F131F732C4B47E319D04596
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cSaxys7jir6zrpaKkv7mNO&gdpr_consent=undefined
Frame ID: 6D14B54E55A2C64928EEABC801B5AF68
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=c10tlm7jir6yk_aKlId8sQ&gdpr_consent=undefined
Frame ID: CB2C29FC4348693D1470260FBCBB5425
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cIh6HI7jir6ykDaKkGJozW&gdpr_consent=undefined
Frame ID: 5D2549BA75D43F4E04D34ABD82EE735F
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cwII6G7jir6ykqaKkGJozW&gdpr_consent=undefined
Frame ID: EF463E28702611460EE158C461D32C95
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=d-NZAo7jir6zrpaKkv7mNO&gdpr_consent=undefined
Frame ID: AFB261B84941ECBB67F89B5948D16BC5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: E221554F5C2663CF2503069F758EDD29
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 379513A63F19E53DF43B4E35D52EC9E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi HTTP 301
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /widgets\.outbrain\.com\/outbrain\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

239
Requests

99 %
HTTPS

31 %
IPv6

43
Domains

72
Subdomains

60
IPs

9
Countries

4460 kB
Transfer

8106 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi HTTP 301
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%24UID&callback=window.proper_6cc56d8b_d24cfb2e_2 HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%24UID&callback=window.proper_6cc56d8b_d24cfb2e_2&sovrn_retry=true HTTP 307
https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=65eadbbba1ff54fdd592f017

Request Chain 26

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%23PM_USER_ID&callback=window.proper_0272c3ae_eb2a0dcd_3 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%23PM_USER_ID&callback=window.proper_0272c3ae_eb2a0dcd_3&rdf=1 HTTP 302
https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=AF75905A-2A54-497E-9C84-6EC14A567DE0

Request Chain 27

https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Ddistrictm%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%24UID&callback=window.proper_b4445f45_90094513_4 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs2s.proper.io%252F%253Fsavecookie%253D1%2526bidder%253Ddistrictm%2526proper_uid%253D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%2526uid%253D%2524UID%26callback%3Dwindow.proper_b4445f45_90094513_4 HTTP 302
https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=4343563678676904354&callback=window.proper_b4445f45_90094513_4

Request Chain 29

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1A324f5d4a-b256-11ea-aaf8-12bd5c3e34a0;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1

Request Chain 30

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1A32724b34-b256-11ea-90f7-12e650fea264;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1

Request Chain 31

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;apid=1A32515c76-b256-11ea-8888-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1

Request Chain 34

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;apid=1A324b1578-b256-11ea-a4a0-124a081e334a;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1

Request Chain 35

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;apid=1A324f5b7e-b256-11ea-ad57-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1

Request Chain 36

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;apid=1A324d1f3a-b256-11ea-9378-12e7f4d03460;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1

Request Chain 39

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;apid=1A324d1490-b256-11ea-af4f-1249c31fdca2;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1

Request Chain 40

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589386747;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589386747;bidfloor=0.1

Request Chain 41

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589386747;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589386747;bidfloor=0.1

Request Chain 44

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589386748;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589386748;bidfloor=0.1

Request Chain 47

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589386748;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589386748;bidfloor=0.1

Request Chain 49

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589386749;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589386749;bidfloor=0.1

Request Chain 51

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589386749;bidfloor=0.1 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589386749;bidfloor=0.1

Request Chain 72

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=440684137&t=pageview&_s=1&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ul=en-us&de=UTF-8&dt=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=791703570&gjid=1748648122&cid=406534460.1592589387&tid=UA-75975501-2&_gid=918097124.1592589387&_r=1&gtm=2ou6a0&z=73184085 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=406534460.1592589387&jid=791703570&_gid=918097124.1592589387&gjid=1748648122&_v=j83&z=73184085

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 206

https://sync.serverbid.com/ss/1030626.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html

Request Chain 209

https://ib.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 212

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Request Chain 223

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=oEXYmfNDiZy4Q4nMoEOQw6YZ2c64RYSY9kNuCaMB

239 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi Show response
upbeatnews.com/
Redirect Chain

http://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

17 KB
7 KB

479ms
281ms

Document
text/html

52.206.50.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.50.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-50-159.compute-1.amazonaws.com
Software: Apache/2.4.43 () / PHP/7.2.30
Resource Hash: 607a4036642e128d2e45cb301e4c2748ee94ba6b9443e307668f080d275a0e44

Request headers

Host: upbeatnews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4870
Connection: keep-alive
Set-Cookie: AWSALB=s8EyfVY/9saYhN72I0rcrMY/lVVSCv9IwV/sVD37q1573d4eNHoCTW5/sgj4/bB9OmRS8uFCeCb3Vi3YalZdfW4dqKNi749BaFKynX5N3d5LPxV9e/u4XpqvwASV; Expires=Fri, 26 Jun 2020 17:56:26 GMT; Path=/ AWSALBCORS=s8EyfVY/9saYhN72I0rcrMY/lVVSCv9IwV/sVD37q1573d4eNHoCTW5/sgj4/bB9OmRS8uFCeCb3Vi3YalZdfW4dqKNi749BaFKynX5N3d5LPxV9e/u4XpqvwASV; Expires=Fri, 26 Jun 2020 17:56:26 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6IjZoY2dqM2xKUWtVMlNYZk5tMkFEZWc9PSIsInZhbHVlIjoiNkhLWnlZOTdyUncxWWo1djZXNmFacGpsd1FjbCsxWEdMNnQwdnJCTkNNVmdyTFdjRjU4RHRmbnJmaDlaXC9jK0QiLCJtYWMiOiIwNDBkNGE1YTQ4NzhjOTFjZWM0ZWY4NTgxNjJhYjEwYzUxNWRlMWMzNjJjZDFlMDMyM2VkMzQ0MTk5ZDc3ZmFkIn0%3D; expires=Fri, 19-Jun-2020 19:56:26 GMT; Max-Age=7200; path=/ ad_splits=eyJpdiI6Ijd5TFpXU08zbmZSS3BYc2FcL0dkeHZRPT0iLCJ2YWx1ZSI6IkxyY29PXC8rZ1VheVNtemlGR3JNU1ppMUJacHdialVxUzV0RFVhU2ZDNlAxc0I1UEEwT1ZGZGNtZ0wwbDBBWXFJN05vNlAxK1RieGw4NHp2NGp3cDB0V2VEVXBtVnVVOW1VTFppalpCanJ6Tit3MUFwdGw0UlhZMWdsMW5qMks1eDBvRStRMWZGeFBvdkJKU3VwOCtoS3p0bU9FUm5heFdMdVo3UTl3U3paa1hyeVNVb2dXQWFLSnpjMGM5d3ZKSjZ6Uk5JUWdaSVpkd3Z2bkI3TjNIMEVMQmoxZGg2R3laenhaTWY3cDlZWHE3SUVQb0JoR0lJSkw0eG5nWU9nT3FuQ3h3cWhPT1wveGVEeEpsUUw1ZTZDdTBDMGZvRFpYSlFlbFwvWVwvc0hZczdwU2dLdEx5cmJHWWxOSUtRcUduUExUc01LWEFIQmZ4MnpHS2QzcUhsa25uQTRvZWNZWjlIZUUwSndFWUFheGdDU21UU1REenRcL2k3OHVxUXdkOHhscjFLbmdPODZMOU81bVZcL0ltY1h0ZjR4M3JkQkJ5RDNHZ0k4Z2xYbUJWanM2WUZsU2tPQWtPK3VnYThMUzhOTFdKU1hJcklEUHk3SVJibGZXWllRRFVMaHU1TDZtWFBoZUh4dUZ4NGI0T0NiUWczWmNsNCt5SkkyUE1qc0VPVWN0VWlJY2szZjVieFZ6ZHBDeWgxU0VONlVTbTVPdGI5TjQwQ2FCMUkzbnJoTkpTMmZmOVQ2blwvc3VzdWJOOHVDcDBKd2ZXcjBUbVZWcXlQSEg0bHpjVW1rSytMeUNBRTlsblc2UjZ3Sm9sTUgzdXVUSTEydzVnN3Z4OGc1OGRaUXpRekdXNURxWlFjOTZ6dUdpMXVlRzhqQllJOXFzNjBNT21FV3FHOVZCR2p1Q2xvODArNVlZV0ZIKzU2dW9EZVNzWVdjeUFSRzBtU1ByNGZpY0VHUmNSUlNSWWVPdUlySWhVWXYzVlwvcFpMZDVMXC9BUkhxbjlGSVRKbkl3RGNHS1JSMUZFdUtaTnlMVW92ekxmWDN2QkJXOWFGck5GeWp3VXROY04wWFwvcjNqN2pWeWtwQkt4OVwvQm1sa0RyaEhEbmNlOUlkd05GUmwrdnJxY2E0bEZpUTZMTStPUmR5U1wvbDhwYW52VEUwN1A4ekxEOVpFSTlFQTFFMlpxZ2FPZjBEYUlmMjBUWVwvMjFtZlNYMjRzTzNLMmRyaCszY2swR2NpWlN5QldKdXpWd2U2cHR0OHl1Z1pWU3pGXC9FK1lhWEh1cVpjbDJ6YXdDTnBENjQzZTlSZ0FrR0VWYWhNd2N0aUo1RmZSWjlITWVEVXplSUJCMHd3S1pjQytxR2JzOEprcDduQ1Rsd283MDlaZ3hSMHNSSzBFZzdQYXd3dHBiMFBrZE9pUzZ4ZXBhTXBYWndmeGgxUjBTcWkxRlRkcHIrTlwvUEJJcUg0IiwibWFjIjoiODFjOWE4ZWU5MzQ1ZDdlODIwY2EyZWNkNzM3ZDBkNzA3NjQxNjJhN2M1ZDFlNTQ3N2E2ZWJhNWE4NGEzZGM1MyJ9; expires=Fri, 19-Jun-2020 18:56:26 GMT; Max-Age=3600; path=/; httponly
Server: Apache/2.4.43 ()
X-Powered-By: PHP/7.2.30
Cache-Control: no-cache, private
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: awselb/2.0
Date: Fri, 19 Jun 2020 17:56:26 GMT
Content-Type: text/html
Content-Length: 150
Connection: keep-alive
Location: https://upbeatnews.com:443/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

GET
H2 200 upbeatnews.min.js Show response
global.proper.io/ 214 KB
57 KB 27ms
27ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/upbeatnews.min.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a582dc7075847985960200027d68ca07dedaf4c15b18f085893805ce54781f9a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 May 2020 20:56:05 GMT
server: cloudflare
age: 1939069
etag: W/"5ec83c65-35674"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=300
cf-ray: 5a5f20729894178a-FRA
cf-request-id: 036f529b9f0000178a6d1b4200000001
expires: Fri, 19 Jun 2020 18:01:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75975501-2

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38b8d064e1a92195b1fad638407f7b77997c8c7e261dab7122ab25b9f51575ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33259
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jun 2020 17:56:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858332707

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25314a2204872bc1d65bdefd20c7b06721e38f3c30fe663b5e8ce4a5cc9d9495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33249
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jun 2020 17:56:26 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 134 KB
45 KB 74ms
25ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5d297fb22336630fd42f7a7bb883542ddb70cba5ec6a616ab3e3d415ff5cc33

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 08:04:06 GMT
status: 200
etag: W/"2161f-TyrWfkg28gOVnQ0g0Ohxe1xWN6c"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 45734
expires: Fri, 19 Jun 2020 21:56:26 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 321 KB
94 KB 3156ms
53ms Script
application/x-javascript 72.247.225.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.192 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-192.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cc36bd8e62f61a3f16b7bfc9289f64751f9f3ea51edeb87a9ec4de6dbdb1d1dc

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:29 GMT
Content-Encoding: gzip
x-amz-request-id: 6E6843944B73BA5B
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: YlFekJXhHf/oATQbaTvFj9EzQmyEN1XdBx6alP/HBA3xMz+cxeGfFS7/55ELMs6KTJ5o/tex4KY=
Last-Modified: Fri, 19 Jun 2020 00:43:11 GMT
Server: AmazonS3
ETag: "17e840ee182dfe43a640923e158c9b29"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 script.js Show response
d10ttgjjowsnd6.cloudfront.net/ 107 KB
36 KB 11ms
10ms Script
application/javascript 2600:9000:21f3:aa00:11:9a35:5280:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:aa00:11:9a35:5280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdab644b4bb7c94c8aa76816e07fd96291df886490cc418b8880c18057a386b1

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 14:49:32 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 10:28:04 GMT
server: AmazonS3
age: 11215
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tMBQ27gGiPmW8yxYUSqBygNlxrgqaaTGq21OhZWSzTPtXcUTyiZGaw==
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 107ms
107ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 2 KB
2 KB 9ms
8ms XHR
application/json 2600:9000:21f3:c600:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c600:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d79cbd9933b270b150eae65d47c0651403481c7a44c388e578ec4179688b5b10

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jun 2020 18:20:42 GMT
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 84946
x-cache: Hit from cloudfront
status: 200
content-length: 1849
last-modified: Thu, 18 Jun 2020 17:55:01 GMT
server: AmazonS3
etag: "58479709ece30f8918948550f46f848e"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: ExVU3Yl7dMnRCRkzPB58qmX16OoaZknlrbSBYde88vKnWf59UYhQ9Q==

GET
H2 200 native-loader.js Show response
video.unrulymedia.com/native/ 9 KB
4 KB 70ms
21ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native-loader.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.227 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1094ab40163ac7cf38f6b8047328beb6c5434e54dc45fc661e2a40b5687ec5f5

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:54:46 GMT
content-encoding: gzip
x-amz-expiration: expiry-date="Fri, 18 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Thu, 18 Jun 2020 12:14:59 GMT
server: AmazonS3
age: 108
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kG-4rp9avpDyLXWz_jYZ8ojCfsYsSjPxC0oXbCJI8-ZHQf7GsV0PeQ==
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 34ms
29ms Script
application/x-javascript 91.228.74.226
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
last-modified: Fri, 19-Jun-2020 17:56:26 GMT
etag: M0-4cca824e
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8082
expires: Fri, 26 Jun 2020 17:56:26 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 1189ms
174ms XHR
application/octet-stream 34.223.241.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.241.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-241-95.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Jun 2020 17:56:27 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
14 KB 62ms
56ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

746524a3d72954ffbbe092aa51c27c4d4120f5562268acf54236801cacf37bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "547 / 276 of 1000 / last-modified: 1592496527"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14476
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:26 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 175 B
559 B 263ms
221ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ch=UTF-8&res=1600x1200x24&tz=-120&tws=1600x1200&aus=300x250%7C300x250%7C728x90%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C160x600&auid=540994346%2C540994347%2C540994348%2C540994349%2C540994350%2C540994351%2C540994353&aumfs=100%2C100%2C100%2C100%2C100%2C100%2C100&dddid=f4c6bfa3-e3ef-4b81-ad3e-902306910bb0%2C48d42e0b-d69e-46c5-9f3a-c5295aa23947%2C4e74193d-8022-4484-a142-df0cff40e8d4%2C973c03fe-0944-4f11-a767-99a8a5aa26eb%2Cc4aaa4ee-2ce6-4f21-8e2d-cf67337e0604%2C7f9e5c67-03fb-4253-8e0d-c2cc1b00b215%2Cbb138d5c-d843-4711-be98-43ff9d9f81ac&divIds=proper-ad-upbeatnews_content_1%2Cproper-ad-upbeatnews_content_2%2Cproper-ad-upbeatnews_content_3%2Cproper-ad-upbeatnews_side_1%2Cproper-ad-upbeatnews_side_2%2Cproper-ad-upbeatnews_side_3%2Cproper-ad-upbeatnews_sticky&be=1&bc=hb_pb_2.1.6&nocache=1592589386730
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 0ed291f9dee94c24980c96d7587f83f5ed29d250c624f2de1438f32d54df334d

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://upbeatnews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
425 B 67ms
25ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true
cf-ray: 5a5f20736ac3d915-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 036f529c1c0000d915f0bd5200000001

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 68 B
745 B 269ms
227ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=2.3.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 722f770620f36f34ab280069271dbf9e2f9dd0913cb50608a6893c38e2c75c07

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 19 Jun 2020 17:56:26 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://upbeatnews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 84

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
3 KB 1244ms
164ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22608955572%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22upbeatnews_side_2%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_2%40160x600%22%2C%22siteID%22%3A343551%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_2%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_2%40300x250%22%2C%22siteID%22%3A343552%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_2%40300x600%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_2%40300x600%22%2C%22siteID%22%3A343553%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_1%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_1%40160x600%22%2C%22siteID%22%3A343548%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_1%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_1%40300x250%22%2C%22siteID%22%3A343549%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_1%40300x600%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_1%40300x600%22%2C%22siteID%22%3A343550%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_3%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_3%40160x600%22%2C%22siteID%22%3A343554%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_3%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_3%40300x250%22%2C%22siteID%22%3A343555%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_side_3%40300x600%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_side_3%40300x600%22%2C%22siteID%22%3A343556%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_content_1%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_content_1%40300x250%22%2C%22siteID%22%3A343545%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_content_2%40300x250%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_content_2%40300x250%22%2C%22siteID%22%3A343546%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_content_3%40728x90%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_content_3%40728x90%22%2C%22siteID%22%3A343547%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22upbeatnews_sticky%40160x600%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22upbeatnews_sticky%40160x600%22%2C%22siteID%22%3A343557%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e59641d6-eb92-11e9-a488-69e3386c7506%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&t=300&fn=window.proper_0e9cfe29_f44bd59a_1
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 90aa8da0c9a60b4f12d24194c3a15fecda3e936618e03b875b3e0889cf433a88

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1782
Expires: Fri, 19 Jun 2020 17:56:27 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 816 B
1 KB 85ms
46ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

375d38bfa4fecf97c49b055fa5b3fd5b3a516061be1976ce258978c311275d79

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 19 Jun 2020 17:56:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 56245045-1ad2-460f-a97a-0d37be8cb2e9
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://upbeatnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
476 B 203ms
155ms XHR
application/json 52.58.202.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.3.0&referrer=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.202.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-202-213.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
168 B 555ms
88ms XHR
application/json 178.128.135.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.128.135.80 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 200
date: Fri, 19 Jun 2020 17:56:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 412 B
857 B 130ms
86ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2263a5d6ef12e2a057dcd0%22%3A%2263a5d6ef12e2a057dcd0%7C160x600%7Cf%3D0.1%22%2C%22396393cbd38bea1a33bf%22%3A%22396393cbd38bea1a33bf%7C300x250%7Cf%3D0.1%22%2C%225cd1a09873ae3b50324b%22%3A%225cd1a09873ae3b50324b%7C300x600%7Cf%3D0.1%22%2C%22f70a92bebba876873ce7%22%3A%22f70a92bebba876873ce7%7C160x600%7Cf%3D0.1%22%2C%2289720839db73443ddeab%22%3A%2289720839db73443ddeab%7C300x250%7Cf%3D0.1%22%2C%22467da6f5561cff46ab1e%22%3A%22467da6f5561cff46ab1e%7C300x600%7Cf%3D0.1%22%2C%227936706d92bcb369326a%22%3A%227936706d92bcb369326a%7C160x600%7Cf%3D0.1%22%2C%224e751c2b14a91a229409%22%3A%224e751c2b14a91a229409%7C300x250%7Cf%3D0.1%22%2C%220a3c20009e26ac14f172%22%3A%220a3c20009e26ac14f172%7C300x600%7Cf%3D0.1%22%2C%22f6d96af2b6f3f7522267%22%3A%22f6d96af2b6f3f7522267%7C300x250%7Cf%3D0.1%22%2C%22832faf94ca85425931ce%22%3A%22832faf94ca85425931ce%7C300x250%7Cf%3D0.1%22%2C%22d2e44b65e94e4a8b846a%22%3A%22d2e44b65e94e4a8b846a%7C728x90%7Cf%3D0.1%22%2C%2214ba32cea427a6e17f6f%22%3A%2214ba32cea427a6e17f6f%7C160x600%7Cf%3D0.1%22%7D&ref=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&s=344d76ca-d7e6-4286-93bc-4b4012f6acf9&pv=38d77487-98ed-4ed1-b9ac-2d1c1359801c&vp=desktop&lib_name=prebid&lib_v=2.3.0&us=0&hfa=PRE-5e82ab56-13d4-4024-8b6f-bc549f11fa5d&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e59641d6-eb92-11e9-a488-69e3386c7506%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a97db28f56a6e034546dc3086cae6883b9eb20d520528839c7597a8f424656ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:26 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://upbeatnews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 271
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 611 B
794 B 13ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: b87f6f96716b711d79f30894012eae47df19e99fe799c96211aa937954097fa3

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 611
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 142 B
1 KB 78ms
41ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

bc6ae6ce96cbb53788c8a22716f33b8dd07cf84593b29c7c20a466b04f1d2063

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:28 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.146:80
AN-X-Request-Uuid: 16dbc893-c2d9-4610-9f0b-53c112e8b5f7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://upbeatnews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/80520/0/ 0
269 B 109ms
29ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/80520/0/mvo?z=1r&hbv=2.3,1.0.2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://upbeatnews.com
Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:27 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
297 B 98ms
55ms XHR
application/json 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://upbeatnews.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 19 Jun 2020 17:56:26 GMT

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ 0
306 B 102ms
29ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1592589386737
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 19 Jun 2020 17:56:26 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://upbeatnews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET
H2

530

/
s2s.proper.io/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%24UID&callback=window.proper_6cc56d8b_...
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dsovrn%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%24UID&callback=window.proper_6cc56d8b_...
https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=65eadbbba1ff54fdd592f017

0
0

34ms
33ms

Script
text/html

2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=65eadbbba1ff54fdd592f017
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 19 Jun 2020 17:56:26 GMT
Server: nginx
Location: https://s2s.proper.io/?savecookie=1&bidder=sovrn&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=65eadbbba1ff54fdd592f017
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

530

/
s2s.proper.io/
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%23PM_USE...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Dpubmatic%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%23PM_USE...
https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=AF75905A-2A54-497E-9C84-6EC14A567DE0

0
0

16ms
16ms

Script
text/html

2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=AF75905A-2A54-497E-9C84-6EC14A567DE0
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://s2s.proper.io/?savecookie=1&bidder=pubmatic&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=AF75905A-2A54-497E-9C84-6EC14A567DE0
Date: Fri, 19 Jun 2020 17:56:27 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

530

/
s2s.proper.io/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.proper.io%2F%3Fsavecookie%3D1%26bidder%3Ddistrictm%26proper_uid%3D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%26uid%3D%24UID&callback=window.proper_b4445f45_9...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs2s.proper.io%252F%253Fsavecookie%253D1%2526bidder%253Ddistrictm%2526proper_uid%253D5e82ab56-13d4-4024-8b6f-bc549f11fa5d%2526uid%253D%252...
https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=4343563678676904354&callback=window.proper_b4445f45_90094513_4

0
0

20ms
19ms

Script
text/html

2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=4343563678676904354&callback=window.proper_b4445f45_90094513_4
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:28 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.74:80
AN-X-Request-Uuid: ed6568da-c07d-40e7-90e4-5addd91eeabd
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s2s.proper.io/?savecookie=1&bidder=districtm&proper_uid=5e82ab56-13d4-4024-8b6f-bc549f11fa5d&uid=4343563678676904354&callback=window.proper_b4445f45_90094513_4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 80ms
30ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=eu2bThS5MJA4Amvuq9UXYp9o&bidId=upbeatnews_side_2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

GET
H2

200

ADTECH;apid=1A324f5d4a-b256-11ea-aaf8-12bd5c3e34a0;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1A324f5d4a-b256-11ea-aaf8-12bd5c3e34a0;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x...

943 B
1 KB

490ms
490ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1A324f5d4a-b256-11ea-aaf8-12bd5c3e34a0;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: b3b84ce728eacc7f4cd05dc93e62ffb02274ad8fd4545feff8b5b59bec2943f9

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 943
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045472/0/154/ADTECH;apid=1A324f5d4a-b256-11ea-aaf8-12bd5c3e34a0;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@160x600;misc=1592589386744;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A32724b34-b256-11ea-90f7-12e650fea264;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1A32724b34-b256-11ea-90f7-12e650fea264;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x...

944 B
1 KB

173ms
173ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1A32724b34-b256-11ea-90f7-12e650fea264;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 5f1eb8d45a92fe94e0bedfbe4a59ee6de1919e55b3ce5e4459002e80945bcec7

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045470/0/170/ADTECH;apid=1A32724b34-b256-11ea-90f7-12e650fea264;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x250;misc=1592589386744;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A32515c76-b256-11ea-8888-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;apid=1A32515c76-b256-11ea-8888-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x...

945 B
1 KB

442ms
442ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;apid=1A32515c76-b256-11ea-8888-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 086830fd37a242b1c7ff2cc1c46b8de97001e79f90a12ac03acbf85be19f0bd5

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045475/0/529/ADTECH;apid=1A32515c76-b256-11ea-8888-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_2@300x600;misc=1592589386744;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
657 B 305ms
103ms XHR
application/json 3.225.104.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.104.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-104-120.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 583d06f90ac1a92e535cfc9b27dd2ad8cf88b82c303fea1aa7f44fdce883be66

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 73ms
26ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Np6robxjkseLxE8bXTgHc3E2&bidId=upbeatnews_side_1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

GET
H2

200

ADTECH;apid=1A324b1578-b256-11ea-a4a0-124a081e334a;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;apid=1A324b1578-b256-11ea-a4a0-124a081e334a;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x...

945 B
1 KB

197ms
196ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;apid=1A324b1578-b256-11ea-a4a0-124a081e334a;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 68d7b376a53ebf825e0002dbb180cac758271d283a88967ec3b42c1ad2efdb8f

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045473/0/154/ADTECH;apid=1A324b1578-b256-11ea-a4a0-124a081e334a;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@160x600;misc=1592589386745;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A324f5b7e-b256-11ea-ad57-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;cfp=1;rndc=1592589385;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;apid=1A324f5b7e-b256-11ea-ad57-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x...

48 B
81 B

489ms
488ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;apid=1A324f5b7e-b256-11ea-ad57-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1e842ea550e52b9ca7ae8a09cf1cb4fd0e9419f826bf709fc57537ef3cab2d3d

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045467/0/170/ADTECH;apid=1A324f5b7e-b256-11ea-ad57-126272b4dea0;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x250;misc=1592589386746;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;apid=1A324d1f3a-b256-11ea-9378-12e7f4d03460;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;apid=1A324d1f3a-b256-11ea-9378-12e7f4d03460;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x...

945 B
1 KB

175ms
173ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;apid=1A324d1f3a-b256-11ea-9378-12e7f4d03460;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: cb2c96d3897863b6027af249c8ebff1dad1451ac8e55f944a8d7c6575bac8e86

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045471/0/529/ADTECH;apid=1A324d1f3a-b256-11ea-9378-12e7f4d03460;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_1@300x600;misc=1592589386746;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
654 B 381ms
181ms XHR
application/json 3.225.104.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.104.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-104-120.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 3c3bc5f64731b5305dde4a30bcbb4681f757c2fb1b4cb1581ce4f4c7e1c37e63

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 73ms
26ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=YZmS739wBSUsrb1J6LMLPwFU&bidId=upbeatnews_side_3&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

GET
H2

200

ADTECH;apid=1A324d1490-b256-11ea-af4f-1249c31fdca2;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;apid=1A324d1490-b256-11ea-af4f-1249c31fdca2;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x...

945 B
1 KB

254ms
253ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;apid=1A324d1490-b256-11ea-af4f-1249c31fdca2;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 19f78a61126840c44376ae620d767e9da5a02dc90495cd2deea7223aa84cf508

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045465/0/154/ADTECH;apid=1A324d1490-b256-11ea-af4f-1249c31fdca2;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@160x600;misc=1592589386747;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589386747;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589386747;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589386747;bidfloor=0.1

945 B
1 KB

158ms
158ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589386747;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: b7e4bb06b008ff36e6a283a07d91e16753b5b44a6161498d0fb3a7c919b6cc6f

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045466/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x250;misc=1592589386747;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589386747;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589386747;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589386747;bidfloor=0.1

945 B
1 KB

474ms
473ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589386747;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 34aefaae2663c1996ef436313b097d8f7f81910fdc5536d9312f2013447503c3

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select020c.us-east-1.prod.adtech.aolcloud.net", "UserId": "AEA3BA39999109FFED822B1BF73FD093"}}
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045474/0/529/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_side_3@300x600;misc=1592589386747;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
661 B 313ms
114ms XHR
application/json 3.225.104.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.104.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-104-120.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: a5b67b4ee75876b6aa6a4c9e4b3a92c565ec99482cd9633fe9de82e2c8421783

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 124ms
79ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=XACr4BnrekwjseVj1Gk791PZ&bidId=upbeatnews_content_1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

GET
H2

200

ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589386748;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589386748;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589386748;bidfloor=0.1

944 B
1 KB

162ms
161ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589386748;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1bae8e08985212899171ffd48149deae8aa00ae29173260d612e2b6b5f908b08

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045476/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_1@300x250;misc=1592589386748;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
657 B 380ms
181ms XHR
application/json 3.225.104.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.104.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-104-120.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 31ebfa859f8ee599462d55ad97ad6a563468248bc41c10667f51b5a784d3a32d

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 85ms
40ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6TECfWJ8a5K7t9fLxmG4CJnN&bidId=upbeatnews_content_2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-189-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://upbeatnews.com
vary: Origin

GET
H2

200

ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589386748;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589386748;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589386748;bidfloor=0.1

945 B
1 KB

163ms
163ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589386748;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: f543fd0a64a6c1a9287a97b5aefb929f79bb7db9f083f70b7df79ceedc8412b6

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select018c.us-east-1.prod.adtech.aolcloud.net", "UserId": "E6769106549C787AD77ECEE1FBECA3A8"}}
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045468/0/170/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_2@300x250;misc=1592589386748;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
654 B 380ms
182ms XHR
application/json 3.225.104.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.104.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-104-120.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 81006f6f280f22bd0e8c1b927a059e10883ba2a1b9d78ab167e6dfe005e3acd1

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true

GET
H2

200

ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589386749;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589386749;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589386749;bidfloor=0.1

945 B
1 KB

190ms
190ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589386749;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: b6b7fb0f1b91a0fc432ed47bff4d3937022128f71f41996a8af1d95e3f17fb1d

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045464/0/225/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_content_3@728x90;misc=1592589386749;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
655 B 312ms
114ms XHR
application/json 3.225.104.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.104.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-104-120.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: b386ee73aa430abffa1b23bb0e9f4c11123566124661e4b659dde9e6a3843fbf

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true

GET
H2

200

ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589386749;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589386749;bidfloor=0.1
https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589386749;bidfloor=0.1

945 B
1 KB

492ms
491ms

XHR
application/json

2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589386749;bidfloor=0.1
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: b6f64009b1789b6616a865aa079a42b9cb02d88313625db2eb2eae62b9078072

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5045469/0/154/ADTECH;cfp=1;rndc=1592589386;v=2;cmd=bid;cors=yes;alias=upbeatnews_sticky@160x600;misc=1592589386749;bidfloor=0.1
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://upbeatnews.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
653 B 379ms
182ms XHR
application/json 3.225.104.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.104.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-104-120.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 66e2fb17e0872039f014e5e2c78675381ed62545c7c7aa7207869292fdec6b0c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upbeatnews.com
access-control-allow-credentials: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3607
date: Fri, 19 Jun 2020 16:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 19 Jun 2020 18:56:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858332707&l=dataLayer&cx=c

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aeddc01f6b3ddd62d979eea63b0f8f4379a3c499fda6ca603d5c515e7381b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33270
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jun 2020 17:56:26 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ 43 B
346 B 113ms
37ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1120340&id=113440335&d=1592589386763&in_iframe=false&h=v1.0.1669-0-ge7ea92e&compat=CSS1Compat&pageLoadId=322812238&supplyMode=direct&unr.site.env=html&ts=2020-06-19T17%253A56%253A26.763-%252B02%253A00
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:26 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK img
rx-stats3.unrulymedia.com/trackedevent/ 43 B
337 B 334ms
21ms Image
image/gif 213.19.147.150
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rx-stats3.unrulymedia.com/trackedevent/img?event=tag_load&adslotid=113440335&clientver=v1.0.1669-0-ge7ea92e&siteid=1120340&iframe=false&compat=CSS1Compat&pageloadid=322812238&cb=1592589386764&siteenv=html&doc_type=outstream_tagload
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 26ms
25ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:37:32 GMT
server: AkamaiNetStorage
etag: "d96c66d3880781fb37c90849587edaa0:1587983852.14205"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 2563
expires: Fri, 19 Jun 2020 18:16:26 GMT

GET
H/1.1 200
OK app.css
upbeatnews.com/css/ 204 KB
37 KB 120ms
116ms Stylesheet
text/css 52.206.50.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/css/app.css?v=2.92
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.50.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-50-159.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 0bf35b79423e51b44390cede061a950585e6942a3c362cdda1cb6d1baa612d5a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "330a6-5a87182786390-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37575

GET
H/1.1 200
OK display.css
upbeatnews.com/css/ 45 KB
9 KB 308ms
104ms Stylesheet
text/css 52.206.50.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/css/display.css?v=2.92
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.50.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-50-159.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 5049dd13e1d95a93b788d16ddbdb742dca57e43ab81d6d80ffa1774219a14c3c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "b31f-5a871827853f0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8466

GET
H2 200 logo.png
images.upbeatnews.com/ 2 KB
2 KB 14ms
13ms Image
image/png 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/logo.png
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dccb479e3bca7bec87d4af01bb7c34c2f7ad6a99dc06e2c5d775e08a78b0f1a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
cf-cache-status: HIT
age: 4627
cf-ray: 5a5f2073e9a2dfad-FRA
status: 200
content-length: 2310
x-amz-id-2: ni6c/45EbqXrztgoN4XPXx3wo8nAQGarPXcigQG2lqap33Mo9KbUvQ1+0g9l0uS+NOtb7xT/8IQ=
last-modified: Mon, 04 Nov 2019 23:22:04 GMT
server: cloudflare
etag: "0f6011bc5c83dd1a9c631bde74534f0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 8DCE73F3AECB4400
cache-control: max-age=14400
cf-request-id: 036f529c6f0000dfad87219200000001
accept-ranges: bytes
content-type: image/png
cf-bgj: h2pri

GET
H2 200 ceiling1.png
images.upbeatnews.com/posts/4722/ 2 MB
2 MB 14ms
13ms Image
application/octet-stream 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/posts/4722/ceiling1.png
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e272c411a1af50bfdbff2a2e38fb509d00f0a115d0cf3ee6823a59c8b145988

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
cf-cache-status: HIT
age: 89
cf-ray: 5a5f20743a62dfad-FRA
status: 200
content-length: 1596051
x-amz-id-2: fatwWzUKyDl9yicTrtkbBK2eW8FVr2WZzlP1ZFgjdEt8IN31X/y3ov98PBo046Xst/p9sCRDyAY=
last-modified: Thu, 07 Nov 2019 05:23:05 GMT
server: cloudflare
etag: "d54bb9a281cae73d193c3bde93fc40d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 83E7C5FE281C6655
cache-control: max-age=14400
x-amz-version-id: null
cf-request-id: 036f529ca20000dfad87223200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 ceiling2.jpg
images.upbeatnews.com/posts/4722/ 559 KB
560 KB 19ms
19ms Image
application/octet-stream 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/posts/4722/ceiling2.jpg
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13d13604be838603d255d1eeec60485270415226981244249e9d64b9a54577e

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
cf-cache-status: HIT
age: 89
cf-ray: 5a5f20744a82dfad-FRA
status: 200
content-length: 572389
x-amz-id-2: QN4GwZuSyki+gS4o3xiN2xEt4xwtDzG4noFOgU1w9+B48mjSOztO6//FSegFxKRXrOMCEvFabRc=
last-modified: Thu, 07 Nov 2019 05:23:05 GMT
server: cloudflare
etag: "df124e51d3f5e3ef492eca9f5154eae0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: A23AE8B1BA78118A
cache-control: max-age=14400
x-amz-version-id: null
cf-request-id: 036f529cac0000dfad87225200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 ceiling26-1.jpg
images.upbeatnews.com/posts/4722/ 35 KB
36 KB 18ms
17ms Image
application/octet-stream 2606:4700:10::ac43:bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.upbeatnews.com/posts/4722/ceiling26-1.jpg
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a827cbccb5126844c9742e75d398b82587ff344e53a6147ddfc47501ba93daee

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
cf-cache-status: HIT
age: 89
cf-ray: 5a5f20746acadfad-FRA
status: 200
content-length: 36320
x-amz-id-2: m+3PhvRomG4LJ0dJp4udnzAYgomL3+Ylbrh1Yj9p9gFSWRFUG3G3gMrRMIZUv6N3C2eucOupLaQ=
last-modified: Thu, 07 Nov 2019 05:23:05 GMT
server: cloudflare
etag: "e6468237b28817d5892ee025a2d7b963"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 0061ADCD12884A97
cache-control: max-age=14400
x-amz-version-id: null
cf-request-id: 036f529cc30000dfad87227200000001
accept-ranges: bytes
content-type: application/octet-stream

GET
H/1.1 200
OK app.js Show response
upbeatnews.com/js/ 380 KB
121 KB 323ms
115ms Script
application/javascript 52.206.50.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/js/app.js?id=b27a69f8865c60def79c
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.50.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-50-159.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: fa21b489af9aed227458e677b43b498e30cc51ffdb6e51e36a69be32f26cd44d

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "5efa3-5a871827882d0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK proper-ads-updater.js Show response
upbeatnews.com/js/ 1 KB
1 KB 315ms
106ms Script
application/javascript 52.206.50.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/js/proper-ads-updater.js?v=2.92
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.50.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-50-159.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 54c663cdd7ccd37ba2b9d9a9d7bc533e7d5987865b055232b9aede7806a34fb2

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "4eb-5a871827bce90-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 561

GET
H/1.1 200
OK jquery.sticky.js Show response
upbeatnews.com/js/jquery-sticky/ 9 KB
3 KB 316ms
107ms Script
application/javascript 52.206.50.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/js/jquery-sticky/jquery.sticky.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.50.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-50-159.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: cc07dc22acd75d21ea2a03ced344d13aeeea586029288b1d7004739f8ce3c7be

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "2502-5a8718278b1b0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2507

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 79ms
33ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
server: cafe
etag: 13497728949557021888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:56:27 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
346 B 7ms
7ms Script
application/x-javascript 2600:9000:20eb:d200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:d200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:39:47 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
age: 1001
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 6RhUkEGpmmvM9fWQ8GvjM8c-qimsVlHzTtheE58jvIwduJBYI6ygdQ==

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061205.js Show response
securepubads.g.doubleclick.net/gpt/ 246 KB
88 KB 63ms
61ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

f8a71c83692923b567fcfc765b779f079d6eb1c421853fa4a0fc0fc8efcae164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jun 2020 18:39:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89797
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:26 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=440684137&t=pageview&_s=1&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ul=en-us&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=406534460.1592589387&jid=791703570&_gid=918097124.1592589387&gjid=1748648122&_v=j83&z=73184085

35 B
99 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=406534460.1592589387&jid=791703570&_gid=918097124.1592589387&gjid=1748648122&_v=j83&z=73184085

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Jun 2020 17:56:26 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:26 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75975501-2&cid=406534460.1592589387&jid=791703570&_gid=918097124.1592589387&gjid=1748648122&_v=j83&z=73184085
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 415
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dXBiZWF0bmV3cy5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
419 B 1134ms
42ms XHR
application/json 72.247.226.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/dXBiZWF0bmV3cy5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.107 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:28 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=25561
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 16
Expires: Sat, 20 Jun 2020 01:02:29 GMT

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 381ms
96ms Image
image/gif 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=00c2894e72894f68afee994fd70aa5448a&obApiVersion=1.1&obtpVersion=1.1.9&name=PAGE_VIEW&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&optOut=false&bust=06024355825323842
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:27 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 473a4d8db5d1b693da01e42d6c501c56
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 614ms
92ms Image
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=00c2894e72894f68afee994fd70aa5448a&dl=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&bust=006802835969425924
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:27 GMT
Cache-Control: no-cache
X-TraceId: 2d05a113509b25338bde3c526c13d2c6
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 pixel;r=2061376638;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi;fpan=1;fpa=P0-1892560388-1592589386971;ns=0;ce=1...
pixel.quantserve.com/ 35 B
371 B 27ms
27ms Image
image/gif 91.228.74.226
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2061376638;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi;fpan=1;fpa=P0-1892560388-1592589386971;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=upbeatnews.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1592589386971;tzo=-120;ogl=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
625 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 16:15:00 GMT
server: ESF
date: Fri, 19 Jun 2020 17:56:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jun 2020 17:56:26 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858332707/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858332707/?random=1592589387031&cv=9&fst=1592589387031&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6a0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&tiba=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fa878be315aca6bfa164bd9cfab9646b7a6166efc6636e60242f20588e1d0ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1107
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 386ms
97ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1592589387136&sessionId=ba034bf0-8cb5-e631-17b0-1ebedd17b558&url=upbeatnews.com&cheqSource=1&cheqEvent=0&exitReason=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:27 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5791812ec1cd68939626f93b8a1fd4c2
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK webfa-regular-400.woff2
upbeatnews.com/fonts/vendor/@fortawesome/fontawesome-free/ 13 KB
14 KB 109ms
109ms Font
application/octet-stream 52.206.50.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://upbeatnews.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2?ac21cac3f22cc9642f5af32e0c750797
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.50.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-50-159.compute-1.amazonaws.com
Software: Apache/2.4.43 () /
Resource Hash: 4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/css/app.css?v=2.92
Origin: https://upbeatnews.com

Response headers

Date: Fri, 19 Jun 2020 17:56:27 GMT
Last-Modified: Fri, 19 Jun 2020 15:25:57 GMT
Server: Apache/2.4.43 ()
ETag: "3510-5a871827ce7d0"
Vary: User-Agent
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13584

GET
H2 200 /
www.google.com/pagead/1p-user-list/858332707/ 42 B
108 B 24ms
24ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858332707/?random=1592589387031&cv=9&fst=1592586000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6a0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&tiba=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&async=1&fmt=3&is_vtc=1&random=293539963&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858332707/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858332707/?random=1592589387031&cv=9&fst=1592586000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6a0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&tiba=Upbeat%20News%20-%20An%20Ohio%20Home%20Renovation%20Leads%20To%20A%20Chilling%20Discovery%20Involving%20The%20FBI&async=1&fmt=3&is_vtc=1&random=293539963&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gda.js Show response
lo3trk.com/cdn/3.1/ 4 KB
4 KB 360ms
118ms Script
text/javascript 18.221.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lo3trk.com/cdn/3.1/gda.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.205.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-205-30.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: fe25f879f2e2de177a2f95bfbb0deb7d7b1c58bd8b792d9277f8225403a3653a

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 19 Jun 2020 17:56:27 GMT
last-modified: Thu, 05 Sep 2019 12:05:52 GMT
server: Apache
accept-ranges: bytes
content-length: 4285
content-type: text/javascript

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E254 0
0 75ms
25ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Last-Modified: Tue, 14 Apr 2020 10:28:34 GMT
ETag: "1300708-2eae-5a33da96f833f"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 4169
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=49680
Expires: Sat, 20 Jun 2020 07:44:27 GMT
Date: Fri, 19 Jun 2020 17:56:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
BLOB 200
OK 9d9510d9-2fdb-4485-97c1-5586ddc07cf0
https://upbeatnews.com/ Frame 85BA 0
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://upbeatnews.com/9d9510d9-2fdb-4485-97c1-5586ddc07cf0
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 110680
Content-Type: text/html

GET
H2 200 et_v1.0.1669-0-ge7ea92e.js Show response
video.unrulymedia.com/native/ Frame 85BA 3 KB
2 KB 1078ms
23ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/et_v1.0.1669-0-ge7ea92e.js
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.227 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95fb44bc2ba82395b06ce803c9dd04847a763be0c7ac9ea4df213a5c122d5c13

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Wed, 17 Jun 2020 21:59:23 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 158225
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Thu, 17 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 17 Jun 2020 19:26:45 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: G5JT5VgEz3g4WGJh7t8YR12-61H0Tt3B71MaODqSsMGHtUppJwiOkA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 85BA 85 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Thu, 11 Jun 2020 20:50:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680772
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 20:50:15 GMT

POST
H2 200 request Show response
lo3trk.com/api/v1/ 386 B
673 B 137ms
136ms XHR
application/json 18.221.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lo3trk.com/api/v1/request
Requested by: Host: lo3trk.com
URL: https://lo3trk.com/cdn/3.1/gda.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.205.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-205-30.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 5239ebb490edc8df732f5cce3037b2e871bb69fc5570e50c497a6eeaed7b96c4

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jun 2020 17:56:29 GMT
server: Apache
status: 200
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
content-length: 386

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 400ms
400ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1321636101710496&correlator=791337701084053&output=ldjh&impl=fif&adsid=NT&eid=21066454%2C21064170&vrg=2020061205&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D13%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1592589388&dt=1592589388028&dlt=1592589386648&idt=596&frm=20&biw=1600&bih=1200&oid=3&adxs=190&adys=98&adks=2144769577&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=40&icsg=137440094911&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=406534460.1592589387&ga_sid=1592589388&ga_hid=440684137&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

633fe1b26f2d7b696e04c8ce558ec4957ba2092afe19a4378e560250d821b7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10510
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b6d4dd093fdc433d3c393b3c75963913.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 82ms
39ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b6d4dd093fdc433d3c393b3c75963913.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 97ms
96ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1592589388041&sessionId=ba034bf0-8cb5-e631-17b0-1ebedd17b558&url=upbeatnews.com&cheqSource=1&cheqEvent=3&responseTime=1147
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:28 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a610ddd4966897594b9774ea69273ead
Content-Length: 4
Expires: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 0CD8 202 KB
55 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9582
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CD8 16 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31834
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CD8 97 KB
29 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9582
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CD8 4 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31834
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CD8 48 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31834
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
DATA 200
OK truncated
/ Frame 0CD8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a14fae34bc801e9d17434212ad4ddc4e4bb25425d302d1632f3ddf1f0758e0b

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 16ms
11ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1321636101710496&r=1x1%7C160x600&w=160&h=600&a=0

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 932065060294323546
tpc.googlesyndication.com/simgad/ Frame 0CD8 44 KB
44 KB 8ms
4ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/932065060294323546?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmeJ51TeZLBTezwU8s_gGKnYg5YVg

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c531892916edf57154efe27d41791747b4ae45384596b7667711b553aa3395c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 06:24:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 May 2020 11:12:42 GMT
server: sffe
age: 646347
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45165
x-xss-protection: 0
expires: Sat, 12 Jun 2021 06:24:01 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0CD8 2 KB
3 KB 10ms
5ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66151
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0CD8 295 B
369 B 9ms
5ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72188
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0CD8 0
0 40ms
34ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA_8NTPzsXoz5BIP33gPW16G4Arzh5sVdm4LFstcLFBABINjqtiBguei-gNQBoAHxg_2VA8gBAuACAKgDAcgDCKoEngJP0MoNCf_twpNJPUsuQbmdKN_5_wMZvowBpzjl156ploxc_8xwnPTPkctDfQKfjRldTS-z2_EX8ThE_3VWWDkJfsE7NvxuzI3andeUvTCf5IYNl9tu647mOQZ5D47buVUOl-qLzpfDxz323dQKUb6IzsumTIrWMegEtdYN8YEDVUiSJA96g24QSmG6Zr0XR6WFLPHqas0hFLvFTHGxToBH0Di9lFhDF3qKn215NqCV8-Oc8G75Lu-PtyHdq31eZj367qJIthWEI7pkSd7tcbscI1EUExto3mo3c0TuZ20aWHWA7hO8LnZnueXlbjDtuHTlaO4lyyhhraxNGeAlLw-bIUQxr7aFyIZUfUQkplDUprWF6eDiggLXTlXPFNY7wASplIK9rgLgBAGSBQQIBBgBkgUECAUYBKAGAoAHv5KefqgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDYqwvSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTY1NzQzNjYxMzg1NjcxNjmACgPICwHYEww&sigh=GgWQxFM_PXk&tpd=AGWhJmu9Pk1bt2iMaIHWaIbqLjMRGtz6Su_eXG9T9Z18wz7CZw
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 native_v1.0.1669-0-ge7ea92e.js Show response
video.unrulymedia.com/native/ Frame 85BA 62 KB
17 KB 27ms
27ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native_v1.0.1669-0-ge7ea92e.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.227 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 719e12b715dee65ad5ed4f8c92e26d8902bae5c61ec28ef230a9572aac362c3c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Wed, 17 Jun 2020 22:56:42 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 154786
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Thu, 17 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 17 Jun 2020 19:26:44 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BfxEshxrWTXpKLKFhhfwKavjm5a5yQ7ZS1XBluIUc9uc1J9TdQ-uHQ==

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0CD8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 19 Jun 2020 17:56:28 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 85BA 43 B
346 B 35ms
35ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=consent&message=could%20not%20find%20__cmp%20function%20on%20any%20window&app=native&pid=1120340&supplyMode=direct&isMobile=false&pageLoadId=322812238&unr.site.env=html&ts=2020-06-19T17%253A56%253A28.605-%252B02%253A00&perf_consent_start=1592589388603&perf_consent_end=1592589388604&id=113440335&d=1592589388606&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:28 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 skin-1120340.json Show response
video.unrulymedia.com/native/skins/ Frame 85BA 439 B
1 KB 23ms
23ms XHR
application/json 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/skins/skin-1120340.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.227 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 924c2ace675d304d2492000849d6e2b8aa85b1a5e0817923cf97344dcd4cb213

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:20:46 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2143
x-cache: Hit from cloudfront
status: 200
content-length: 439
x-amz-expiration: expiry-date="Thu, 17 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 17 Jun 2020 23:27:04 GMT
server: AmazonS3
etag: "e9a0f10a249572eb1ddf3d69f8fe4757"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: https://upbeatnews.com
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: sbM97vk-2uS0uv2Tpveb6IB5wYklWbl14kx8yBPPno9TJOhpSUolfw==

GET
H2 200 third-party-iframes.html
video.unrulymedia.com/iframes/ Frame 366B 0
0 424ms
424ms Document
text/html 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1669-0-ge7ea92e&siteId=1120340
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.227 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: video.unrulymedia.com
:scheme: https
:path: /iframes/third-party-iframes.html?h=v1.0.1669-0-ge7ea92e&siteId=1120340
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
content-type: text/html
content-length: 466
last-modified: Thu, 18 Jun 2020 12:15:02 GMT
x-amz-expiration: expiry-date="Fri, 18 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges: bytes
server: AmazonS3
date: Fri, 19 Jun 2020 17:56:29 GMT
etag: "65651425cff1104b1d6f87415cae468b"
cache-control: max-age=600
x-cache: RefreshHit from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4DhLzrrsd02eho8zcSW7dQjBkCB9IbT1di8o9jQQmeiI2n2tWDWE9A==

GET
H2 200 chunk-vendors~populatePlacement-3c90f8dec614439c8cf7.js Show response
video.unrulymedia.com/native/chunks/ Frame 85BA 111 KB
30 KB 28ms
28ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-3c90f8dec614439c8cf7.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.227 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f2e1bf12b6b3376f0b8ec118296938033b2c04b8f41188d81555b9b7a972fe3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Sun, 14 Jun 2020 22:46:50 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 414579
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Mon, 07 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Sun, 07 Jun 2020 08:51:23 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: s-6YULh_BxqNtDz1kkhuwgdZeFVeExufnRnvu4T0q1ht7064cH5kjA==

GET
H2 200 chunk-populatePlacement-66d80d59ae59b8c83283.js Show response
video.unrulymedia.com/native/chunks/ Frame 85BA 80 KB
22 KB 79ms
79ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-66d80d59ae59b8c83283.js
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.93.227 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6e1c3ea4e68f80942aa122f08779d5a6d9a777a923ea9ed09d2061fb02a3da3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Origin: https://upbeatnews.com

Response headers

date: Wed, 17 Jun 2020 22:56:48 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 154782
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: https://upbeatnews.com
x-amz-expiration: expiry-date="Thu, 17 Jun 2027 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 17 Jun 2020 19:26:48 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VL5-HOeiUhmGFc48U80KuZWe7CdPnP5Hb9tlcgXjO-17BrrwLAj2MA==

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 85BA 43 B
346 B 35ms
34ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_adcall&site.page=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&site.domain=upbeatnews.com&placementName=upbeatnews.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&app=native&pid=1120340&isMobile=false&pageLoadId=322812238&unr.site.env=html&ts=2020-06-19T17%253A56%253A28.755-%252B02%253A00&perf_consent_start=1592589388603&perf_consent_end=1592589388604&perf_corejs_start=1592589386763&perf_corejs_end=1592589388606&perf_skin_start=1592589388607&perf_skin_end=1592589388645&perf_adAge_start=1592589388754&id=113440335&d=1592589388755&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:28 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK img
rx-stats3.unrulymedia.com/trackedevent/ Frame 85BA 43 B
337 B 22ms
21ms Image
image/gif 213.19.147.150
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rx-stats3.unrulymedia.com/trackedevent/img?event=adcall&page=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&domain=upbeatnews.com&videoplcmt=%5B3%5D&siteid=1120340&devicetype=desktop&pageloadid=322812238&siteenv=html&perfconsentstart=1592589388603&perfconsentend=1592589388604&perfcorejsstart=1592589386763&perfcorejsend=1592589388606&perfskinstart=1592589388607&perfskinend=1592589388645&perfadagestart=1592589388754&doc_type=outstream_adcall&clientver=v1.0.1669-0-ge7ea92e&adslotloadid=113440335&cb=1592589388756&id=113440335&d=1592589388756&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:29 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 204
No Content 2.2
rx.targeting.unrulymedia.com/openrtb/ Frame 85BA 0
0 339ms
28ms Fetch 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://rx.targeting.unrulymedia.com/openrtb/2.2?uuid=c70b6a71-da32-46cd-9715-b21397ce58a8&site.page=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&site.domain=upbeatnews.com&video_width=640&video_height=360&allowDisplay=false&imp%5B0%5D.placement=3&unr.site.env=html&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://upbeatnews.com
Pragma: no-cache
Date: Fri, 19 Jun 2020 17:56:29 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 334ms
334ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1321636101710496&correlator=791337701084053&output=ldjh&impl=fif&adsid=NT&eid=21066454%2C21064170%2C21064500%2C21065571&vrg=2020061205&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_side_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D5%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie=ID%3D01c62d8be123c51e%3AT%3D1592589388%3AS%3DALNI_MYHLLivYLUc15YOUMBLDJ1ZtYpc1w&bc=31&abxe=1&lmt=1592589388&dt=1592589388848&dlt=1592589386648&idt=596&frm=20&biw=1600&bih=1200&oid=3&adxs=1110&adys=98&adks=1561089790&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=39&icsg=137440094911&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1&msz=300x1&ga_vid=406534460.1592589387&ga_sid=1592589388&ga_hid=440684137&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

73c06bcc20383a39f56b08f1bbec12bb77f095a58e6dbf9bcd9b9ade2d465934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10438
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 574ms
574ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1321636101710496&correlator=791337701084053&output=ldjh&impl=fif&adsid=NT&eid=21066454%2C21064170%2C21064500%2C21065571&vrg=2020061205&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_side_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D7%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie=ID%3D01c62d8be123c51e%3AT%3D1592589388%3AS%3DALNI_MYHLLivYLUc15YOUMBLDJ1ZtYpc1w&bc=31&abxe=1&lmt=1592589388&dt=1592589388857&dlt=1592589386648&idt=596&frm=20&biw=1600&bih=1200&oid=3&adxs=1110&adys=98&adks=1406267668&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=39&icsg=137440094911&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1&msz=300x1&ga_vid=406534460.1592589387&ga_sid=1592589388&ga_hid=440684137&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

fcbed4280811fa982a4d5100ccc512a9b7bdff3d36606cf80a7b041d75e4ac79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10596
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 769ms
769ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1321636101710496&correlator=791337701084053&output=ldjh&impl=fif&adsid=NT&eid=21066454%2C21064170%2C21064500%2C21065571&vrg=2020061205&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_side_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D8%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie=ID%3D01c62d8be123c51e%3AT%3D1592589388%3AS%3DALNI_MYHLLivYLUc15YOUMBLDJ1ZtYpc1w&bc=31&abxe=1&lmt=1592589388&dt=1592589388864&dlt=1592589386648&idt=596&frm=20&biw=1600&bih=1200&oid=3&adxs=1110&adys=100&adks=503551445&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=39&icsg=137440094911&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=406534460.1592589387&ga_sid=1592589388&ga_hid=440684137&fws=4&ohw=1220&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

1fc43d69c34c077e60358d34286909461c5455441ec277a64f475e72d784aec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10597
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 1171ms
1171ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1321636101710496&correlator=791337701084053&output=ldjh&impl=fif&adsid=NT&eid=21066454%2C21064170%2C21064500%2C21065571&vrg=2020061205&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_content_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D9%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie=ID%3D01c62d8be123c51e%3AT%3D1592589388%3AS%3DALNI_MYHLLivYLUc15YOUMBLDJ1ZtYpc1w&bc=31&abxe=1&lmt=1592589388&dt=1592589388870&dlt=1592589386648&idt=596&frm=20&biw=1600&bih=1200&oid=3&adxs=362&adys=3179&adks=2199804527&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=39&icsg=137440094911&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=353x1&msz=353x1&ga_vid=406534460.1592589387&ga_sid=1592589388&ga_hid=440684137&fws=4&ohw=1220&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a0ccd048cfa8783d45f2c322f46261ee980d9526f2f085536e3b33c4d575f089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2128
x-xss-protection: 0
google-lineitem-id: 2151234376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138203123497
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 1422ms
1422ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1321636101710496&correlator=791337701084053&output=ldjh&impl=fif&adsid=NT&eid=21066454%2C21064170%2C21064500%2C21065571&vrg=2020061205&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_content_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D10%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie=ID%3D01c62d8be123c51e%3AT%3D1592589388%3AS%3DALNI_MYHLLivYLUc15YOUMBLDJ1ZtYpc1w&bc=31&abxe=1&lmt=1592589388&dt=1592589388876&dlt=1592589386648&idt=596&frm=20&biw=1600&bih=1200&oid=3&adxs=745&adys=3179&adks=1973152569&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=39&icsg=137440094911&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=353x1&msz=353x1&ga_vid=406534460.1592589387&ga_sid=1592589388&ga_hid=440684137&fws=4&ohw=1220&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

d6e0802a563a5bb6393b892918bb6c1dfddaaee19b112884e4731fae4f205a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11051
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 174ms
173ms XHR
application/octet-stream 34.223.241.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.241.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-241-95.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Jun 2020 17:56:29 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 1467ms
1467ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1321636101710496&correlator=791337701084053&output=ldjh&impl=fif&adsid=NT&eid=21066454%2C21064170%2C21064500%2C21065571&vrg=2020061205&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200619&iu_parts=5376056%2Cupbeatnews_content_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D17469%26is_mobile%3D0%26proper_site%3Dupbeatnews%26proper_slot%3D11%26proper_page%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%26auction_count%3D0&cookie=ID%3D01c62d8be123c51e%3AT%3D1592589388%3AS%3DALNI_MYHLLivYLUc15YOUMBLDJ1ZtYpc1w&bc=31&abxe=1&lmt=1592589389&dt=1592589389063&dlt=1592589386648&idt=596&frm=20&biw=1600&bih=1200&oid=3&adxs=362&adys=3300&adks=2636858604&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&dssz=39&icsg=137440094911&mso=2208&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=736x1&msz=736x1&ga_vid=406534460.1592589387&ga_sid=1592589388&ga_hid=440684137&fws=4&ohw=1220&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

3bd3919ac25928b22ddf04f0c9d4e51ef207375a3638e625948de96ede02b9c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2112
x-xss-protection: 0
google-lineitem-id: 2151234376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138203123761
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upbeatnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 85BA 43 B
346 B 35ms
34ms Image
image/gif 54.194.116.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=no_ads&placementName=upbeatnews.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=Empty%20VAST%20Response&app=native&pid=1120340&isMobile=false&pageLoadId=322812238&unr.site.env=html&ts=2020-06-19T17%253A56%253A29.099-%252B02%253A00&perf_consent_start=1592589388603&perf_consent_end=1592589388604&perf_corejs_start=1592589386763&perf_corejs_end=1592589388606&perf_skin_start=1592589388607&perf_skin_end=1592589388645&perf_adAge_start=1592589388754&perf_vast_0_start=1592589388758&id=113440335&d=1592589389100&h=v1.0.1669-0-ge7ea92e
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 54.194.116.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-116-156.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Jun 2020 17:56:29 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-076.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 6A21 202 KB
55 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9583
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 6A21 16 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 6A21 97 KB
29 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9583
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 6A21 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 6A21 48 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A21 2 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66152
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A21 295 B
369 B 8ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72189
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 6A21 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a263cd8512fe615f4ef64a7a2a62d06abb72b539d798557407bbd5485dd3d4a

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9255129688887693200
tpc.googlesyndication.com/simgad/ Frame 6A21 79 KB
79 KB 8ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9255129688887693200?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkqyocRJMKD2Q0KARmGnAHKNCa1kw

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9cac9bb9533d08c32995cd7085dede54cb3f24c28da3406349515e2ee3bf76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 03:41:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 07:35:33 GMT
server: sffe
age: 915312
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80819
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:41:17 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6A21 0
0 36ms
36ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYwLHTPzsXvGRN9uHrATj6KiYBrzh5sVdxfDVvr0LFBABINjqtiBguei-gNQBoAHxg_2VA8gBAuACAKgDAcgDCKoEngJP0DGcLQM3Tx0p-7CAgStsQEBTqmUcXL_BEaSr82J7rWUcIPu5XLq1_YRrayL0XFWldvhNDv42usONrxXCHM5TJ_eZ-ZLx6KmyxcAwaN4WxHKuhXMX9aMEdak_3-2QTejdQHlG8RqYUGy9dZd7zXENQtXPBRPKcfT6s9_E2JFbr2J3EybQDmXyFJjhQlq4mYztbtzHx-PqbCShZ1yAZef2pdOs4X8RHEhqmV2js4X5-qGo6eZFhxsGTI2o75JjyJ1a_liYnMbN7aM0AZNQp2S_G64Cc1x1Bny_bIwTPbZxU6uoohWx6DJwoQGbdEeiuegzgD_32DM84WABsHcVxXCzqnPzB6od_dyWvH3-NRYJnAjIEwtaISJeZUyMwHz7wASplIK9rgLgBAGSBQQIBBgBkgUECAUYBKAGAoAHv5KefqgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDuxQnSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTY1NzQzNjYxMzg1NjcxNjmACgPICwHYEww&sigh=gicF_F6CutE&tpd=AGWhJmvkUZrAjsU0qhizH4ExqGe8e3_qdrMb0MHMJEG3-1oGtg
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 9255129688887693200
tpc.googlesyndication.com/simgad/ Frame 6A21 79 KB
79 KB 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9255129688887693200?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkqyocRJMKD2Q0KARmGnAHKNCa1kw

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9cac9bb9533d08c32995cd7085dede54cb3f24c28da3406349515e2ee3bf76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 03:41:17 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 07:35:33 GMT
server: sffe
age: 915312
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80819
x-xss-protection: 0
expires: Wed, 09 Jun 2021 03:41:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A21 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66152
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6A21 295 B
364 B 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72189
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame F2E3 202 KB
55 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9583
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F2E3 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F2E3 97 KB
29 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9583
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F2E3 4 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame F2E3 48 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2E3 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66152
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2E3 295 B
364 B 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72189
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame F2E3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c36176cd529f88f965e211afe403bf9c5710dd990f2611aabc5d95996bbfffb

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1321636101710496&r=1x1%7C160x600%7C300x250%7C300x600&w=300&h=600&a=0

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7725498009685795173
tpc.googlesyndication.com/simgad/ Frame F2E3 54 KB
54 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7725498009685795173?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkPjIPt11CRX0tYQsyAELT0E4cB8g

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341fbfe4f4e92a0dea5b5ef7ac9b92447923c35fb13d691b071836eb02cce919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 07:51:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 12:58:05 GMT
server: sffe
age: 209084
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55310
x-xss-protection: 0
expires: Thu, 17 Jun 2021 07:51:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F2E3 0
0 14ms
13ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm-iiOxuM7jApvGkpvz216MTIfUPRoHA6LDGC48n6gJygglO8JpMSTDvAdee8HQpzp32o9waocof6PZ1EYlB5eJe2OXA
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F2E3 0
0 44ms
35ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgtaCTfzsXungCd6q3gPFzZeYAtSl4eBd1eTArM8LloLNhYgWEAEg2Oq2IGC56L6A1AGgAaunqKkCyAECqQIlhXmDatGyPuACAKgDAcgDCKoEmQJP0MmvySZi34csLKTsC5Gg2jkvtE5e6cAEyuc1c_g7Rj5k54ygMjj_Q8uQInaV4ESwkirTGDDgFqpwQIhRq3EW4-ueYDXtethHq6PuD3iunGtbhN9IHgpZ8bsQ8OyUegb9LqPWG2bGs2UpHAD6Hz1IQ0YQ4vxqKo4RBNCzzYDBxG0TlFajtN2jYnOxb2EV3xmJLBADGfzWU6MXMVFM5Ssoo8nAhbOYbXmL9Sgk9QmV1WqbqNNuCNp3-oEp_9nQSoITLX6aJfMHR1z6ihiOgctxStSwZSudKBwWYICfuNb4llnPDoYFc2wnVFBAwfEbdC_jE7Uo7xTaI_2uo1RNIQC-6pm8g1_MS8n9dWR5iAx615CtS3gJvD0t68AE4q-BxIQD4AQBkgUECAQYAZIFBAgFGASgBgKAB73Y19YBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEP3OCtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjU3NDM2NjEzODU2NzE2OYAKA8gLAdgTDA&sigh=yfR80mFCNHA&tpd=AGWhJmtv7WazQSW3EjIHe9ooxJjMPepe-r6PN5p2VFmVEfGg2Q
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 7725498009685795173
tpc.googlesyndication.com/simgad/ Frame F2E3 54 KB
54 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7725498009685795173?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkPjIPt11CRX0tYQsyAELT0E4cB8g

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341fbfe4f4e92a0dea5b5ef7ac9b92447923c35fb13d691b071836eb02cce919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 07:51:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 12:58:05 GMT
server: sffe
age: 209084
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55310
x-xss-protection: 0
expires: Thu, 17 Jun 2021 07:51:45 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2E3 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66152
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F2E3 295 B
364 B 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72189
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 2277 202 KB
55 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9583
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2277 16 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2277 97 KB
29 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9583
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2277 4 KB
2 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2277 48 KB
15 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31835
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 7725498009685795173
tpc.googlesyndication.com/simgad/ Frame 2277 54 KB
54 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7725498009685795173?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkPjIPt11CRX0tYQsyAELT0E4cB8g

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341fbfe4f4e92a0dea5b5ef7ac9b92447923c35fb13d691b071836eb02cce919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 07:51:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 12:58:05 GMT
server: sffe
age: 209084
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55310
x-xss-protection: 0
expires: Thu, 17 Jun 2021 07:51:45 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2277 2 KB
3 KB 14ms
12ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66152
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2277 295 B
364 B 13ms
12ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72189
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 2277 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7bfe77dad6f6ea43ce15c11653bee32ac99fb1155abfb43ac2e60b9834e9369

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2277 0
0 30ms
20ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQV8UYEIIJcqRm85nrrGLDr1DS0DDllTiWh3R1Qklc2bWOdT14HL49oXtyxgjqNQMd5qLgZWSWkEtZ1enmKF8HXk6UCzQ
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2277 0
0 49ms
39ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQwXdTfzsXvCMGfSqrATHoZLoBtSl4eBd1eTArM8LloLNhYgWEAEg2Oq2IGC56L6A1AGgAaunqKkCyAECqQIlhXmDatGyPuACAKgDAcgDCKoEmQJP0OkUJaEsZw46GiKgNA9FKicXvZP09Q9CE-9S6zgUcNtsHQUb1VpRTlg4nF2i9mzy0tQ_8g6lY0KQIR8-qTRUjGghWn0Qo9_TUeeqWsmCj2IyXxnQlXvZJY9h0yRbAP-x7w0Od8IhHqpGJ2bYS6qM8p0ZHN2EYyq3TcLDURS3b5ThRQRtoEvxdYGvAItirDa8dxIb4YU_ocRhf50Tm_ToShc_g1DzzMoOAyENCWdIflqy4-cKi7Oj3dE8vzCX8S2qKD4GGEbVwPtr3TUJk5Mje7TrboRzGmlyh1SqBEXF1LnHa_gJX0jQnMhk3_04vzfuoJXJ6gPVr_vSJR9NjjiOk_hoQiqG3cBcNryr_Sdjj-Ecjh_mc3RQOsAE4q-BxIQD4AQBkgUECAQYAZIFBAgFGASgBgKAB73Y19YBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJnZC9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjU3NDM2NjEzODU2NzE2OYAKA8gLAdgTDA&sigh=bNH9jLKlhsk&tpd=AGWhJmtzQPx2vq0wSrRfEZ5upBMLOG8iqO46ds6ZU6Fu3H31ig
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0CD8 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshSW9rbHmP25iI8jqZIpLmZhXyzxQx-pbsoftGyW86_d6XAOnwT5HsYemXknSYsYmww4_Ch-jxy9HsRrs9e0qyhbWGrIT_IlLd9-q1WfIQDf-7HwDmH7lmZeerfQ&sai=AMfl-YQ_qCeWYlwvyibVu7-Jnw12pHpAylRH8WNmMoAdAKAS2qyOubYoFs10byYE8tfEhC34jhZ4dK6wjnXCVjq7DZrSeGPlmOpcBq4w6eLamb2yVxXOpE9vL0PuJww&sig=Cg0ArKJSzPmz6SQn8uk0EAE&cid=CAASF-Roa6vdwpPCIsqjQA8kAS4s6R2UO3n9&id=ampim&o=190,98&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1067&mtos=0,0,1067,1067,1067&tos=0,0,1067,0,0&tfs=107&tls=1174&g=100&h=100&tt=1174&r=v&avms=ampa&adk=2144769577

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7725498009685795173
tpc.googlesyndication.com/simgad/ Frame 2277 54 KB
54 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7725498009685795173?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkPjIPt11CRX0tYQsyAELT0E4cB8g

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341fbfe4f4e92a0dea5b5ef7ac9b92447923c35fb13d691b071836eb02cce919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 07:51:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 12:58:05 GMT
server: sffe
age: 209084
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55310
x-xss-protection: 0
expires: Thu, 17 Jun 2021 07:51:45 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2277 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66152
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2277 295 B
364 B 7ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72189
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 394ms
192ms Script
text/javascript 52.5.148.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ntv_mvi
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.148.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-148-243.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 1a6149a5c79e9422c3209853bea19623a89bc6d587fb1a926ca538a1aeec1110

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 726
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 019A 0
0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AD5F 81 KB
30 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de5717a0c9762a69ef957984118420fec1617e7042f216e4f468bfc3e24e4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 30650
x-xss-protection: 0
server: cafe
etag: 11935737474457189578
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:56:30 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame AD5F 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame AD5F 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_polyfill_isolation_control_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/ Frame AD5F 218 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_polyfill_isolation_control_fy2019.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99692fc9959591cea5ef5cc8636b71250e98518dc5901fe805fe3f0d81bfaf82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84019
x-xss-protection: 0
server: cafe
etag: 11652805065180605023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:56:30 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/ Frame 677E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200610/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlryWrtPC9mipB4EwNCtZulkJ1OYlvofkdmd6GWGI6GVyitlQ0yHwY14-oE; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 10 Jun 2020 22:00:32 GMT
expires: Wed, 24 Jun 2020 22:00:32 GMT
content-type: text/html; charset=UTF-8
etag: 12274286891180784318
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4510
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 762958
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7B2D 0
0 835ms
834ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=250&slotname=5140430151&adk=2462278425&adf=1842636958&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589390171&bpp=25&bdt=86&idt=105&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=3051074010490&frm=23&ife=1&pv=2&ga_vid=134596596.1592589390&ga_sid=1592589390&ga_hid=562492375&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=389&ady=3179&biw=1600&bih=1200&isw=300&ish=250&ifk=673758767&scr_x=0&scr_y=0&eid=21065531%2C21066415&oid=3&pvsid=838952820373162&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.zcvvrmv885fi&btvi=1&fsb=1&dtd=124

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6897902191714833&output=html&h=250&slotname=5140430151&adk=2462278425&adf=1842636958&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589390171&bpp=25&bdt=86&idt=105&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=3051074010490&frm=23&ife=1&pv=2&ga_vid=134596596.1592589390&ga_sid=1592589390&ga_hid=562492375&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=389&ady=3179&biw=1600&bih=1200&isw=300&ish=250&ifk=673758767&scr_x=0&scr_y=0&eid=21065531%2C21066415&oid=3&pvsid=838952820373162&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.zcvvrmv885fi&btvi=1&fsb=1&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Jun 2020 17:56:31 GMT
server: cafe
content-length: 19381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Jun-2020 18:11:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Jun 2020 17:56:31 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD5F 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:30 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 46A7 202 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9584
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 46A7 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31836
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 46A7 97 KB
29 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9584
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 15:16:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 15:16:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 46A7 4 KB
2 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31836
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 46A7 48 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 31836
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 19 Jun 2020 09:05:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jun 2021 09:05:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46A7 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66153
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46A7 295 B
369 B 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72190
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 46A7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e459348235eec72988b75b4d5af01b7ec9345406b9a72e4832a5605d3885e50c

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 14ms
13ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1321636101710496&r=1x1%7C300x250&w=300&h=250&a=0

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9711717427168487879
tpc.googlesyndication.com/simgad/ Frame 46A7 54 KB
54 KB 8ms
7ms Image
image/gif 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9711717427168487879

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc2d4496a1f8f759b29c49639cad1268eca84a35870cc3c6984cf9092725095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 06:31:29 GMT
x-content-type-options: nosniff
age: 732301
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55505
x-xss-protection: 0
last-modified: Fri, 30 Aug 2019 13:32:31 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 06:31:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 46A7 0
0 15ms
15ms Image
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1L6O67FqaWbxFkL5PcxjQfBCpbt3pf1FT884z9ZczQLpFxdprvcxUVSTKmEa9IODeI385sxdrRbJdYIobFAJV3erkfw
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 46A7 0
0 41ms
33ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvYyFTvzsXq3OAYaK3wONobTgBZu99v1c7Y_wpv4Jw6PimbgCEAEg2Oq2IGC56L6A1AGgAe_J_O8DyAEDqQIlhXmDatGyPuACAKgDAcgDCKoElwJP0JnxRB0_SDM5sz1p3M9UOzsMBkHwz3ZZUt6UrQxM6sTFqlvZM0yappAZBPr_dBJc_ck5EibUFcqqCyvbyWH2MU-LOx_NrrMvzhxAqnwo9t9SI__Ek5RdaINMRM5vcvLeeDgTsqgkhc_quxEEmQm9BBSQN3767wlouv0s3Ph5Y7yOLMM_1g7PAhf8DXTJlg6XGDK09DIVdzA89YAJoNACqiaxLTGS9IlZRlJELA2Pa93lci1UhiBIOhOI6Brfek1Kk9dgZ1DiITAKePMcxc-AC-WsLlK3fcbmtbLGRg-DKrgGPpwTeu8Ql-24Usi2_ca9zg6Ki87JRRIRegVqdh27BS39S_-HFPmnEejXlYiCl8Qjdn__NKDABPHHyujuAeAEAZIFBAgEGAGSBQQIBRgEoAYDgAf5tYMQqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEELOUBtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjU3NDM2NjEzODU2NzE2OYAKA8gLAdgTCg&sigh=4JGvcaezNco&tpd=AGWhJmt-M1tIpaPdZFf10mRpxdjeZsHBIXmC7kVSGZv8A8OGZQ
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6A21 42 B
108 B 37ms
36ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjste7D4-vlHICrySkHdKjBTfy4xGQZ06xEiN6SCREkuxK2tOJJP5y2JftXHxs6mlr2QqTQUecI5Un3ak1MTdknZTzs4X2iUXfQ4JSXmZdQsDg62SDXFQ22WjXp4wNQ&sai=AMfl-YSjWQ_9TaMJMFdrJf5Z5ONxOPJsZQHjPmVg5egKJEInPKyPj67KnaigcC14S7pHNyqaMh3UERcK7x8hepZNCBkAA_WMr31Hd5IgZngSEAwx2ZA4t6Dle_2VwgM&sig=Cg0ArKJSzGCvbNeU6SSyEAE&cid=CAASF-Roc5IxjNWwUe3XbYt2y3Co591CqcTj&id=ampim&o=1110,99&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=111&tls=1114&g=79.83333468437195&h=100&tt=1114&r=v&avms=ampa&adk=1561089790

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rt.gif
jadserve.postrelease.com/ 43 B
427 B 101ms
100ms Image
image/gif 52.5.148.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/rt.gif?ntv_tg=207ebbb5ca0f423097e60d3833aa0b31&ord=[cache_buster]
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.148.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-148-243.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:30 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 99ms
99ms Image
image/gif 52.5.148.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1096380&ntv_gdpr_consent=&ntv_it
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.148.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-148-243.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:30 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 9711717427168487879
tpc.googlesyndication.com/simgad/ Frame 46A7 54 KB
54 KB 7ms
7ms Image
image/gif 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9711717427168487879

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc2d4496a1f8f759b29c49639cad1268eca84a35870cc3c6984cf9092725095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 06:31:29 GMT
x-content-type-options: nosniff
age: 732301
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55505
x-xss-protection: 0
last-modified: Fri, 30 Aug 2019 13:32:31 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 06:31:29 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46A7 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 66153
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 19 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46A7 295 B
364 B 7ms
7ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 72190
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 19 Jun 2020 21:53:20 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame D26D 0
0

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 55BF 81 KB
30 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f86343c7273c0a989cb58267bdddc4a2d8a7a26f84aea08e844a8774b7c7776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 30628
x-xss-protection: 0
server: cafe
etag: 17882392006133441091
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:56:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 55BF 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 55BF 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=upbeatnews.com

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/ Frame 55BF 218 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83998
x-xss-protection: 0
server: cafe
etag: 419886144849044271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jun 2020 17:56:30 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F2E3 42 B
108 B 41ms
41ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu16zm5GIbahVUAtetbWtmMn7lQOxiH_lN0A4GaiXIZXFpYQOW5RZfc8qF16Yb1tBSyn9cNcy09rBbhNmQ5Od4wiP2cGsuPP28-s9K71rd69tXxwMSBiKSu6QYl_w&sai=AMfl-YS8ukMB95fgNt71u8i8PUbYS0htz-49bGYJrw9Gu5aHp2BZ1eVa-aFqhfIZJ_o-qmfp-3tu_xWqaCTvYJc3v1Ee6vnwoFGJygpsjWUhyqwk5bEG1VrnXEjsTjc&sig=Cg0ArKJSzMFFX4J3hNR4EAE&cid=CAASF-RoeMFU-8K-ehJqF7ezAmHdHcj55CjQ&id=ampim&o=1110,98&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1033&mtos=0,0,1033,1033,1033&tos=0,0,1033,0,0&tfs=114&tls=1147&g=100&h=100&tt=1147&r=v&avms=ampa&adk=1406267668

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7E77 0
0 1116ms
1116ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6897902191714833&output=html&h=90&slotname=5140430151&adk=850169076&adf=3151382141&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589390618&bpp=31&bdt=52&idt=113&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=3051074010490&frm=23&ife=1&pv=1&ga_vid=1632206118.1592589391&ga_sid=1592589391&ga_hid=1952989466&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=366&ady=3572&biw=1600&bih=1200&isw=728&ish=90&ifk=1777893847&scr_x=0&scr_y=0&eid=21065531%2C36998751&oid=3&pvsid=2958270713882819&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.dv9rfnm2rz2t&btvi=1&fsb=1&dtd=130

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6897902191714833&output=html&h=90&slotname=5140430151&adk=850169076&adf=3151382141&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fupbeatnews.com%2Fan-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi&ea=0&flash=0&wgl=1&adsid=NT&dt=1592589390618&bpp=31&bdt=52&idt=113&shv=r20200610&cbv=r20190131&ptt=5&saldr=sa&correlator=3051074010490&frm=23&ife=1&pv=1&ga_vid=1632206118.1592589391&ga_sid=1592589391&ga_hid=1952989466&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=366&ady=3572&biw=1600&bih=1200&isw=728&ish=90&ifk=1777893847&scr_x=0&scr_y=0&eid=21065531%2C36998751&oid=3&pvsid=2958270713882819&pem=535&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.dv9rfnm2rz2t&btvi=1&fsb=1&dtd=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm7zcD47FBBPYwhvgmoldYbWFk3u-fkM3H52yRLWxBtt4GUzBcFN8eBUos3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Jun 2020 17:56:31 GMT
server: cafe
content-length: 15806
x-xss-protection: 0
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 55BF 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:30 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 174ms
174ms XHR
application/octet-stream 34.223.241.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/upbeatnews.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.223.241.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-223-241-95.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 19 Jun 2020 17:56:31 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AD5F 7 KB
6 KB 22ms
22ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200610&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_polyfill_isolation_control_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22702281966867bd5ea02784efbb457eaf50c3b1ac9f2c06b7e41714f5dddf6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5646
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AD5F 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:31 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame F451 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 19 Jun 2020 17:40:48 GMT
expires: Sat, 19 Jun 2021 17:40:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 943
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0E5E 0
0 64ms
21ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 19 Jun 2020 17:56:31 GMT
Age: 27504875
X-Served-By: cache-jfk8123-JFK, cache-hhn4064-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 3308522
X-Timer: S1592589392.546983,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

1030626.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 2C7B
Redirect Chain

https://sync.serverbid.com/ss/1030626.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html

0
0

91ms
31ms

Document
text/html

205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Date: Fri, 19 Jun 2020 17:56:31 GMT
Connection: Keep-Alive
Cache-Control: max-age=3667
Content-Length: 6090
Content-Type: text/html
Last-Modified: Tue, 16 Oct 2018 19:39:24 GMT
Accept-Ranges: bytes
ETag: "153d3f9561afa7e070ae4eea757102cb"
x-amz-request-id: tx000000000000019ac359b-005eebb922-35d9c92-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1592589391.dop002.pa1.shc,1592589391.dop002.pa1.t,1592589391.cds030.pa1.c

Redirect headers

status: 302
content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1030626.html
cache-control: no-cache

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame C615 0
0 25ms
23ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:31 GMT
set-cookie: __cfduid=dc785b97367ae39e5a77dbde833aaac8d1592589391; expires=Sun, 19-Jul-20 17:56:31 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 036f52ae9c0000d915f0920200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5a5f2090ff97d915-AMS

GET
H2 200 iframe
sync.teads.tv/ Frame 1FA5 0
0 102ms
54ms Document
text/html 95.100.64.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.64.146 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-64-146.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?gdprIab=%7B%22status%22%3A0%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 153
expires: Fri, 19 Jun 2020 17:56:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
set-cookie: tt_bluekai=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Thu, 18 Jun 2020 16:56:31 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2

200

sync
eb2.3lift.com/ Frame 9E18
Redirect Chain

https://ib.3lift.com/sync?
https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

0
0

24ms
24ms

Document
text/html

52.59.125.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.125.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-125-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=4020440991592660632
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
date: Fri, 19 Jun 2020 17:56:32 GMT
content-type: text/html; charset=utf-8
content-length: 454
set-cookie: sync=CgoIgQIQybbm7awuCgoIoQEQybbm7awuCgoI4gEQybbm7awuCgoI5gEQybbm7awuCgoI1gEQybbm7awuCgoIhwIQybbm7awuCgkIOhDJtubtrC4KCQgLEMm25u2sLgoJCF8Qybbm7awuCgkIHxDJtubtrC4=; Max-Age=7776000; Expires=Thu, 17 Sep 2020 17:56:32 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=4020440991592660632; Max-Age=7776000; Expires=Thu, 17 Sep 2020 17:56:32 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

status: 302
date: Fri, 19 Jun 2020 17:56:32 GMT
content-length: 0
set-cookie: tluid=4020440991592660632; Max-Age=7776000; Expires=Thu, 17 Sep 2020 17:56:32 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD5F 0
60 B 15ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200610&jk=838952820373162&bg=!IiGlITlYATaUPJTu7-wCAAAAT1IAAAATmQGX99SGpfcqW0cmdQXh3x1akoS5uwjyUwegqGN5YZgFydH62xXBH84XcO6BtVlqag9o9F1RbQc5lrntKu1FY6OFitIZEU2lSJYyRC4H-gojwNhnDZwE-UdgUwcyxU49E9mhAVvca_ELZOVRHZaSE1YhCd8gwL6Szd0Gc6y7AOQpr1GCyJ0Y0buD0bmLWTvtix8GAyXnC2tCjx8xKglHXIW0EGJS8oEqu50SCj23DAzPtKJXQrtLPpdKcasiGWKB7EltGMlww9Za1Hnio3i2_HphoHi95tAjKcOlKrd1d_gHaxRKYJTeUeluAvF3OSf4miKmnu83TeK5RaI11MfAeBo5OcDc0coiDuLC6bLrilM_DeWXsp7hjpcRz9nJjWtrrRcPPgUgMzmIETiEkf6l4SW9rAedzs8YJRnNpXzrzj6bGr78Th4L7LgXI8p-4ZsQlu1yoxzaEDprrNZDdlbSEhRVPNGqTQBUytjRcUi1eYbIAvdlB6lTDUKba8Jy_1o7T1WJ9pEn-ZYAZ0zWf7zyZsvcRzX7DCthEFI

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set check.html
biddr.brealtime.com/ Frame B051 0
0 320ms
28ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

Date: Fri, 19 Jun 2020 17:56:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d6a862728fcd3fbe871c7ce3cb18627aa1592589391; expires=Sun, 19-Jul-20 17:56:31 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: hOEro0LbQc06F0df/Pn7NbkuZU/aoyCwlVxiRDJSLWvlIteejcoc9C9PerP/zeWpLrBCSQrnIBg=
x-amz-request-id: D365737EFD1F1551
Last-Modified: Tue, 11 Feb 2020 20:09:03 GMT
CF-Cache-Status: HIT
Age: 3761
Expires: Fri, 19 Jun 2020 17:57:31 GMT
Cache-Control: public, max-age=60
cf-request-id: 036f52b0170000fa7031191200000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5a5f20935b67fa70-AMS
Content-Encoding: gzip

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 3C36
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

0
0

28ms
27ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=485e13fa-a58e-0117-1041-93ebe6de7543|1592589391
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=485e13fa-a58e-0117-1041-93ebe6de7543|1592589391; Version=1; Expires=Sat, 19-Jun-2021 17:56:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592589391|mOgqgikin0fcvNmWiygu; Version=1; Expires=Sat, 04-Jul-2020 17:56:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 19 Jun 2020 17:56:31 GMT
content-type: text/html
content-length: 534
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=485e13fa-a58e-0117-1041-93ebe6de7543|1592589391; Version=1; Expires=Sat, 19-Jun-2021 17:56:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
date: Fri, 19 Jun 2020 17:56:31 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 v2
de.tynt.com/deb/ Frame 0DCB 0
0 334ms
113ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=c_pyYe7jir6yk_aKlId8sQ&gdpr_consent=undefined
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=c_pyYe7jir6yk_aKlId8sQ&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
cache-control: max-age=86400
expires: Sat, 20 Jun 2020 17:56:31 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 19 Jun 2020 17:56:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame E9BC 0
0 332ms
114ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dh-5_W7jir6zrpaKkv7mNO&gdpr_consent=undefined
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=dh-5_W7jir6zrpaKkv7mNO&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
cache-control: max-age=86400
expires: Sat, 20 Jun 2020 17:56:31 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 19 Jun 2020 17:56:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame 6D14 0
0 326ms
112ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cSaxys7jir6zrpaKkv7mNO&gdpr_consent=undefined
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=cSaxys7jir6zrpaKkv7mNO&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
cache-control: max-age=86400
expires: Sat, 20 Jun 2020 17:56:31 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 19 Jun 2020 17:56:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame CB2C 0
0 243ms
112ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=c10tlm7jir6yk_aKlId8sQ&gdpr_consent=undefined
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=c10tlm7jir6yk_aKlId8sQ&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
cache-control: max-age=86400
expires: Sat, 20 Jun 2020 17:56:31 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 19 Jun 2020 17:56:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame 5D25 0
0 244ms
115ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cIh6HI7jir6ykDaKkGJozW&gdpr_consent=undefined
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=cIh6HI7jir6ykDaKkGJozW&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
cache-control: max-age=86400
expires: Sat, 20 Jun 2020 17:56:31 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 19 Jun 2020 17:56:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame EF46 0
0 240ms
115ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cwII6G7jir6ykqaKkGJozW&gdpr_consent=undefined
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=cwII6G7jir6ykqaKkGJozW&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
cache-control: max-age=86400
expires: Sat, 20 Jun 2020 17:56:31 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 19 Jun 2020 17:56:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2
de.tynt.com/deb/ Frame AFB2 0
0 237ms
113ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=d-NZAo7jir6zrpaKkv7mNO&gdpr_consent=undefined
Requested by: Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=d-NZAo7jir6zrpaKkv7mNO&gdpr_consent=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
cache-control: max-age=86400
expires: Sat, 20 Jun 2020 17:56:31 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Fri, 19 Jun 2020 17:56:31 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 sync
pixel.advertising.com/ups/56465/ 0
124 B 1101ms
25ms Image
text/plain 35.158.60.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.60.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-60-52.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:32 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 36ms
35ms Image
image/gif 52.49.73.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.73.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-73-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 22ms
22ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A324b1578-b256-11ea-a4a0-124a081e334a&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=oEXYmfNDiZy4Q4nMoEOQw6YZ2c64RYSY9kNuCaMB

0
124 B

978ms
24ms

Image
text/plain

35.158.60.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=oEXYmfNDiZy4Q4nMoEOQw6YZ2c64RYSY9kNuCaMB

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.60.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-60-52.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 19 Jun 2020 17:56:32 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=oEXYmfNDiZy4Q4nMoEOQw6YZ2c64RYSY9kNuCaMB
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 22ms
22ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A324d1f3a-b256-11ea-9378-12e7f4d03460&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A324d1490-b256-11ea-af4f-1249c31fdca2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 11ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32515c76-b256-11ea-8888-126272b4dea0&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 13ms
12ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32724b34-b256-11ea-90f7-12e650fea264&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55BF 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200610&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22323cfbfd6625215e72769da07077363291c519a8741436a7b88239e29db07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 11ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32724b34-b256-11ea-90f7-12e650fea264&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55BF 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:32 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame E221 0
0 8ms
8ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 19 Jun 2020 17:40:48 GMT
expires: Sat, 19 Jun 2021 17:40:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 944
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32515c76-b256-11ea-8888-126272b4dea0&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 22ms
22ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32724b34-b256-11ea-90f7-12e650fea264&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 13ms
12ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32724b34-b256-11ea-90f7-12e650fea264&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55BF 0
61 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200610&jk=2958270713882819&bg=!-fql-uJYbzfsvXLRy5UCAAAAb1IAAAAWmQGXbQcLl4TlQZigfrrCH9kyBKmC1JVCpGK0ynm5j66d8VyJL001XRnmkaG2-YBrBoISdoBK9dqDL9CtGyLvm53zZ_rMnl9aehNb4ex1k7kfboc0PM_s5MvZl11cVPFTAjpSWnqSjLmIBNB4V4GEfcp8xcWZsKeqsPtxS4nci5_DWEbKcNKHNdqa9qpjInDW_jUwY4IL6mNilmR_8yOpXHINlENcDM_uL8mTkttNkRfVasYvRYZ6cgP4d1w35TF1rluUQlAChSbMlfvqzb7ct2pO1MLZ6pq4UPlWNgGjMFhd62yHJhs67dPv_NAYm9ojfIi56tzyufkJlt8fm_N7QlMEJrkRp8frJbTSI1EG6T1QOQotVYok0wNWdDXzX3iBjxlfkeZ40pYMwU1g9vZGLp916Piy_8PlQJo3LRCejeDqMoaCkbbzyeuU1Dw-udrJ9pCG-k8VOMJf3mOQE5CR6efbCPkqt-qD95dhmw7AHU5lKxm7UArRzOKRNRNlWlMRcN146pDbBJca5FtdBfx9PYcxNnFeUgZHr2o

Requested by

Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A324f5d4a-b256-11ea-aaf8-12bd5c3e34a0&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 11ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32515c76-b256-11ea-8888-126272b4dea0&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
103 B 12ms
11ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32515c76-b256-11ea-8888-126272b4dea0&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: upbeatnews.com
URL: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 19 Jun 2020 17:56:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061205&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js?21066454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b6e28b59e0c92102098cc2d339783b25e2c54afb050454d78e455d4e297edb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Jun 2020 17:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5673
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 17:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 19 Jun 2020 17:56:33 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 3795 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: d10ttgjjowsnd6.cloudfront.net
URL: https://d10ttgjjowsnd6.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 19 Jun 2020 17:40:48 GMT
expires: Sat, 19 Jun 2021 17:40:48 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 945
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
61 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061205&jk=1321636101710496&bg=!rq2lrbVYdUQ8tBJiT-ACAAAAV1IAAAATmQF_h11_A0FsnoR8_gRCqa17kaLSTAixPBFyiPRGaMrY5MT6oEjDWnc8OQwCvESu264fowKxWh3w7Ot7VUSXCuqGNO_z8k7k767QU6cBzlvvHzAncyTV05n1x2g6F2KBUy1lJFNzzsKxwF5hcmpMWJ2Qsda3bp3lCYVGRE64wgoHUuwicrzdHW3hR4TdB_Qc1TOobKmJ2Eo3eUbENQ3X6JJqCy7NcHhAytnbOtPvh4sum91x65Xox-WQ9bDb2z2n9wb66vkSLXHjLqdEbwyDdBHymRN1Mqbmq5R71HlKY5gghVggV3_pfFPcXQMXuI5shgQ_mrjTetQobejjxKW0QS8w75YzpEx-0PGgdkWC0jfzsN-EZxVbfqjwefkAIBTIKUGCUCEbMNxOePlW-l8273xhR1Wy1-Xa79LxbzS7Kpyxh-lo-HUyXvFZXpg1WBtgmH4raWMjoE5qY4OdtuCQymg_JNz3QyaztbNqM52jWo9ftbHoWa3u_q-Fhmb8CXn0dEY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jun 2020 17:56:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvg-j_NfeP7UfutVPTvPD105Lj9uCYAiv-NZ_dIiUPvxpDm3sUxreOoOH94QQ8wUAoeUe5rYIP3DBN3loVhVrKHVuMXyL7AqkNfIDj2RhmOGGd-bWF95ZKktLf79ZUTrJ6BPfQT_y3T4fhRQinLM2zxmwBeyKL9THwITnh1J1vdd0CyIDI-AVYbllPHf3kxM2TcSyF4g4HIKQTAHXHEt_R3D8EAeXfhu0c4L4u27ulDTiqrWFWSUVB1iKBNnMoaJ7R-oByceaDo_5C3joI&sig=Cg0ArKJSzIY6o0tWFIi0EAE&urlfix=1&adurl=

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsKk0jk_Xy6sgnjdTddaQEcpVltyFB0RNkCIkvijcwok_NWsHnHqK_wG8_ibXzTCJLtBlcQ6Ux--2PLRq3BuGaZF2g8O8RafhyT8IYTDV9EBQzDKaNE5j7LawTPJt3yyK7ypYFSlzRsHK-3aA5_PRG5VcDbFNrq4MrJScWkXGVzXQIScCh_R5A-JfW5ZvpxuCa5vweRdhp-8Qh0cdxiWxelvkwYgrqn2k1z_eN8Rk7TRJef9GBxu32kuz2f7IuWg7WP_N17aqxiCoR20pJ&sig=Cg0ArKJSzJNoShqlsOShEAE&urlfix=1&adurl=

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yahoo.com/	1970-01-19 19:09:06	Name: GUC Value: AQEBAQFe7k1e9kIjsAUT
.yahoo.com/	1970-01-19 15:04:19	Name: APID Value: UP35ce3813-b256-11ea-97d5-027f5404a8aa
.doubleclick.net/	1970-01-19 10:23:12	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 19:44:45	Name: IDE Value: AHWqTUm7zcD47FBBPYwhvgmoldYbWFk3u-fkM3H52yRLWxBtt4GUzBcFN8eBUos3
.yahoo.com/	1970-01-19 10:24:35	Name: APIDTS Value: 1592589392
.3lift.com/	1970-01-19 12:32:45	Name: tluid Value: 4020440991592660632
biddr.brealtime.com/	1969-12-31 23:59:59	Name: dt Value: 2020-06-19T17:56:31.927Z
.3lift.com/sync	1970-01-19 12:32:45	Name: sync Value: CgoIgQIQybbm7awuCgoIoQEQybbm7awuCgoI4gEQybbm7awuCgoI5gEQybbm7awuCgoI1gEQybbm7awuCgoIhwIQybbm7awuCgkIOhDJtubtrC4KCQgLEMm25u2sLgoJCF8Qybbm7awuCgkIHxDJtubtrC4=
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss	1970-01-19 10:24:35	Name: sync1 Value: 1
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss	1970-01-19 10:24:35	Name: sync0 Value: 1
.adform.net/	1970-01-19 11:49:33	Name: uid Value: 6375219759257991749
.openx.net/	1970-01-19 19:08:45	Name: i Value: 485e13fa-a58e-0117-1041-93ebe6de7543\|1592589391
.yahoo.com/	1970-01-19 19:09:06	Name: B Value: 7vlsephfepv2f&b=3&s=8f
.pubmatic.com/	1970-01-19 11:06:21	Name: KRTBCOOKIE_1101 Value: 23040-6840119346035357845
.pubmatic.com/	1970-01-19 12:32:45	Name: KRTBCOOKIE_80 Value: 16514-CAESEA2ALvZpzukiri-qsU5HKHE&KRTB&22987-CAESEA2ALvZpzukiri-qsU5HKHE&KRTB&22995-CAESEA2ALvZpzukiri-qsU5HKHE&KRTB&23025-CAESEA2ALvZpzukiri-qsU5HKHE
.yahoo.com/	1970-01-19 19:09:06	Name: A3 Value: d=AQABBE_87F4CEP4sbdub-K8c4l72q8yO138FEgEBAQFN7l72XgAAAAAA_SMAAAcIT_zsXsyO138&S=AQAAAldkLAYrqy-MgspNlhkQFY0
.pubmatic.com/	1970-01-19 12:32:45	Name: PUBMDCID Value: 3
.openx.net/	1970-01-19 10:44:45	Name: pd Value: v2\|1592589391\|mOgqgikin0fcvNmWiygu
.pubmatic.com/	1970-01-19 11:06:21	Name: PugT Value: 1592589390

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://lo3trk.com/cdn/3.1/gda.js(Line 136) Message: creating cookie
console-api	log	URL: https://lo3trk.com/cdn/3.1/gda.js(Line 146) Message: sending
console-api	log	URL: https://lo3trk.com/cdn/3.1/gda.js(Line 147) Message: [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://upbeatnews.com/an-ohio-home-renovation-leads-to-a-chilling-discovery-involving-the-fbi

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.be
adservice.google.com
adservice.google.de
ajax.googleapis.com
amplify.outbrain.com
amplifypixel.outbrain.com
aol-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
as-sec.casalemedia.com
b6d4dd093fdc433d3c393b3c75963913.safeframe.googlesyndication.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
cdn.ampproject.org
cdn.districtm.io
d10ttgjjowsnd6.cloudfront.net
de.tynt.com
dmx.districtm.io
dw7nrwnn2bkh1.cloudfront.net
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
global.proper.io
googleads.g.doubleclick.net
hb.emxdgt.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
image6.pubmatic.com
images.upbeatnews.com
jadserve.postrelease.com
lo3trk.com
log.outbrainimg.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
propermedia-d.openx.net
rules.quantcount.com
rx-stats3.unrulymedia.com
rx.targeting.unrulymedia.com
s.ntv.io
s2s.proper.io
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ssc.33across.com
stats.g.doubleclick.net
stats3.unrulymedia.com
sync.serverbid.com
sync.teads.tv
tag.1rx.io
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
tr.outbrain.com
upbeatnews.com
video.unrulymedia.com
web.hb.ad.cpe.dotomi.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
securepubads.g.doubleclick.net

104.16.68.69
104.17.119.107
13.225.87.58
134.209.129.254
143.204.93.227
151.101.113.108
172.217.16.130
172.217.18.98
178.128.135.80
178.162.133.150
18.196.104.43
18.221.205.30
185.33.221.89
185.64.190.78
2.21.37.179
205.185.216.42
208.100.17.188
213.19.147.150
213.19.147.210
216.52.2.30
23.210.249.164
23.210.249.92
23.210.250.44
2600:9000:20eb:d200:6:44e3:f8c0:93a1
2600:9000:21f3:aa00:11:9a35:5280:21
2600:9000:21f3:c600:6:266a:9940:21
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:10::ac43:bac
2606:4700::6811:4e22
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:816::200a
2a00:1450:4001:818::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:820::2004
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:400c:c04::9c
2a02:fa8:8806:12::1370
2a02:fa8:8806:16::1460
3.225.104.120
34.223.241.95
34.95.69.49
34.98.64.218
35.158.189.107
35.158.60.52
35.244.159.8
52.206.50.159
52.49.73.64
52.5.148.243
52.58.202.213
52.59.125.145
54.194.116.156
64.202.112.31
70.42.32.127
72.247.225.192
72.247.226.107
91.228.74.226
95.100.64.146
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
086830fd37a242b1c7ff2cc1c46b8de97001e79f90a12ac03acbf85be19f0bd5
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4
0bf35b79423e51b44390cede061a950585e6942a3c362cdda1cb6d1baa612d5a
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
0ed291f9dee94c24980c96d7587f83f5ed29d250c624f2de1438f32d54df334d
1094ab40163ac7cf38f6b8047328beb6c5434e54dc45fc661e2a40b5687ec5f5
19f78a61126840c44376ae620d767e9da5a02dc90495cd2deea7223aa84cf508
1a6149a5c79e9422c3209853bea19623a89bc6d587fb1a926ca538a1aeec1110
1b6e28b59e0c92102098cc2d339783b25e2c54afb050454d78e455d4e297edb8
1bae8e08985212899171ffd48149deae8aa00ae29173260d612e2b6b5f908b08
1dc2d4496a1f8f759b29c49639cad1268eca84a35870cc3c6984cf9092725095
1e842ea550e52b9ca7ae8a09cf1cb4fd0e9419f826bf709fc57537ef3cab2d3d
1fc43d69c34c077e60358d34286909461c5455441ec277a64f475e72d784aec9
22323cfbfd6625215e72769da07077363291c519a8741436a7b88239e29db07f
22702281966867bd5ea02784efbb457eaf50c3b1ac9f2c06b7e41714f5dddf6e
25314a2204872bc1d65bdefd20c7b06721e38f3c30fe663b5e8ce4a5cc9d9495
2a263cd8512fe615f4ef64a7a2a62d06abb72b539d798557407bbd5485dd3d4a
2c36176cd529f88f965e211afe403bf9c5710dd990f2611aabc5d95996bbfffb
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
2fa878be315aca6bfa164bd9cfab9646b7a6166efc6636e60242f20588e1d0ce
31ebfa859f8ee599462d55ad97ad6a563468248bc41c10667f51b5a784d3a32d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
341fbfe4f4e92a0dea5b5ef7ac9b92447923c35fb13d691b071836eb02cce919
34aefaae2663c1996ef436313b097d8f7f81910fdc5536d9312f2013447503c3
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
375d38bfa4fecf97c49b055fa5b3fd5b3a516061be1976ce258978c311275d79
38b8d064e1a92195b1fad638407f7b77997c8c7e261dab7122ab25b9f51575ba
3bd3919ac25928b22ddf04f0c9d4e51ef207375a3638e625948de96ede02b9c6
3c3bc5f64731b5305dde4a30bcbb4681f757c2fb1b4cb1581ce4f4c7e1c37e63
4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb
4dccb479e3bca7bec87d4af01bb7c34c2f7ad6a99dc06e2c5d775e08a78b0f1a
5049dd13e1d95a93b788d16ddbdb742dca57e43ab81d6d80ffa1774219a14c3c
5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a
5239ebb490edc8df732f5cce3037b2e871bb69fc5570e50c497a6eeaed7b96c4
54c663cdd7ccd37ba2b9d9a9d7bc533e7d5987865b055232b9aede7806a34fb2
583d06f90ac1a92e535cfc9b27dd2ad8cf88b82c303fea1aa7f44fdce883be66
5f1eb8d45a92fe94e0bedfbe4a59ee6de1919e55b3ce5e4459002e80945bcec7
607a4036642e128d2e45cb301e4c2748ee94ba6b9443e307668f080d275a0e44
633fe1b26f2d7b696e04c8ce558ec4957ba2092afe19a4378e560250d821b7fd
66e2fb17e0872039f014e5e2c78675381ed62545c7c7aa7207869292fdec6b0c
68d7b376a53ebf825e0002dbb180cac758271d283a88967ec3b42c1ad2efdb8f
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6e272c411a1af50bfdbff2a2e38fb509d00f0a115d0cf3ee6823a59c8b145988
719e12b715dee65ad5ed4f8c92e26d8902bae5c61ec28ef230a9572aac362c3c
722f770620f36f34ab280069271dbf9e2f9dd0913cb50608a6893c38e2c75c07
73c06bcc20383a39f56b08f1bbec12bb77f095a58e6dbf9bcd9b9ade2d465934
746524a3d72954ffbbe092aa51c27c4d4120f5562268acf54236801cacf37bf4
7a14fae34bc801e9d17434212ad4ddc4e4bb25425d302d1632f3ddf1f0758e0b
7f2e1bf12b6b3376f0b8ec118296938033b2c04b8f41188d81555b9b7a972fe3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81006f6f280f22bd0e8c1b927a059e10883ba2a1b9d78ab167e6dfe005e3acd1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f86343c7273c0a989cb58267bdddc4a2d8a7a26f84aea08e844a8774b7c7776
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90aa8da0c9a60b4f12d24194c3a15fecda3e936618e03b875b3e0889cf433a88
924c2ace675d304d2492000849d6e2b8aa85b1a5e0817923cf97344dcd4cb213
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979
95fb44bc2ba82395b06ce803c9dd04847a763be0c7ac9ea4df213a5c122d5c13
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
99692fc9959591cea5ef5cc8636b71250e98518dc5901fe805fe3f0d81bfaf82
9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ccd048cfa8783d45f2c322f46261ee980d9526f2f085536e3b33c4d575f089
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a582dc7075847985960200027d68ca07dedaf4c15b18f085893805ce54781f9a
a5b67b4ee75876b6aa6a4c9e4b3a92c565ec99482cd9633fe9de82e2c8421783
a693efa7265b630e27e537f6ba09c5558a23b9ed2f57abdbf417c237a50a5156
a827cbccb5126844c9742e75d398b82587ff344e53a6147ddfc47501ba93daee
a97db28f56a6e034546dc3086cae6883b9eb20d520528839c7597a8f424656ca
aeddc01f6b3ddd62d979eea63b0f8f4379a3c499fda6ca603d5c515e7381b79b
b386ee73aa430abffa1b23bb0e9f4c11123566124661e4b659dde9e6a3843fbf
b3b84ce728eacc7f4cd05dc93e62ffb02274ad8fd4545feff8b5b59bec2943f9
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6b7fb0f1b91a0fc432ed47bff4d3937022128f71f41996a8af1d95e3f17fb1d
b6e1c3ea4e68f80942aa122f08779d5a6d9a777a923ea9ed09d2061fb02a3da3
b6f64009b1789b6616a865aa079a42b9cb02d88313625db2eb2eae62b9078072
b7e4bb06b008ff36e6a283a07d91e16753b5b44a6161498d0fb3a7c919b6cc6f
b87f6f96716b711d79f30894012eae47df19e99fe799c96211aa937954097fa3
bc6ae6ce96cbb53788c8a22716f33b8dd07cf84593b29c7c20a466b04f1d2063
bdab644b4bb7c94c8aa76816e07fd96291df886490cc418b8880c18057a386b1
c531892916edf57154efe27d41791747b4ae45384596b7667711b553aa3395c1
c7bfe77dad6f6ea43ce15c11653bee32ac99fb1155abfb43ac2e60b9834e9369
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb2c96d3897863b6027af249c8ebff1dad1451ac8e55f944a8d7c6575bac8e86
cc07dc22acd75d21ea2a03ced344d13aeeea586029288b1d7004739f8ce3c7be
cc36bd8e62f61a3f16b7bfc9289f64751f9f3ea51edeb87a9ec4de6dbdb1d1dc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9cac9bb9533d08c32995cd7085dede54cb3f24c28da3406349515e2ee3bf76
d13d13604be838603d255d1eeec60485270415226981244249e9d64b9a54577e
d6e0802a563a5bb6393b892918bb6c1dfddaaee19b112884e4731fae4f205a4f
d79cbd9933b270b150eae65d47c0651403481c7a44c388e578ec4179688b5b10
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f
de5717a0c9762a69ef957984118420fec1617e7042f216e4f468bfc3e24e4941
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e459348235eec72988b75b4d5af01b7ec9345406b9a72e4832a5605d3885e50c
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f543fd0a64a6c1a9287a97b5aefb929f79bb7db9f083f70b7df79ceedc8412b6
f5d297fb22336630fd42f7a7bb883542ddb70cba5ec6a616ab3e3d415ff5cc33
f8a71c83692923b567fcfc765b779f079d6eb1c421853fa4a0fc0fc8efcae164
fa21b489af9aed227458e677b43b498e30cc51ffdb6e51e36a69be32f26cd44d
fcbed4280811fa982a4d5100ccc512a9b7bdff3d36606cf80a7b041d75e4ac79
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe25f879f2e2de177a2f95bfbb0deb7d7b1c58bd8b792d9277f8225403a3653a

upbeatnews.com Open in urlscan Pro 52.206.50.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

239 Requests

99 %HTTPS

31 %IPv6

43 Domains

72 Subdomains

60 IPs

9 Countries

4460 kBTransfer

8106 kBSize

19 Cookies

0 Outgoing links

Page URL History

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

upbeatnews.com Open in urlscan Pro
52.206.50.159 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

99 %
HTTPS

31 %
IPv6

43
Domains

72
Subdomains

60
IPs

9
Countries

4460 kB
Transfer

8106 kB
Size

19
Cookies

239 HTTP transactions
5 data transactions