urlscan.io logo urlscan.io
SecurityTrails logo

canadaa.poknews.com Open in urlscan Pro
2606:4700:30::681b:a5e3  Public Scan

Go To Rescan Add Verdict Report
URL: https://canadaa.poknews.com/
Submission: On October 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 55 HTTP transactions. The main IP is 2606:4700:30::681b:a5e3, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is canadaa.poknews.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 15th 2018. Valid for: 6 months.
This is the only time canadaa.poknews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
55 10
16    2606:4700:30::681b:a5e3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
canadaa.poknews.com
1    2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
22    2a00:1450:4001:824::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
4.bp.blogspot.com
3.bp.blogspot.com
2.bp.blogspot.com
1.bp.blogspot.com
1    2a00:1450:4001:812::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:812::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
4    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
16 canadaa.poknews.com canadaa.poknews.com
6 1.bp.blogspot.com canadaa.poknews.com
6 2.bp.blogspot.com canadaa.poknews.com
6 4.bp.blogspot.com canadaa.poknews.com
6 pagead2.googlesyndication.com canadaa.poknews.com
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 3.bp.blogspot.com canadaa.poknews.com
2 www.google-analytics.com www.googletagmanager.com
canadaa.poknews.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.gstatic.com canadaa.poknews.com
1 fonts.googleapis.com canadaa.poknews.com
1 www.googletagmanager.com canadaa.poknews.com
55 13

This site contains no links.

Subject Issuer Validity Valid
sni241578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-15 -
2019-03-24		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.googleusercontent.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://canadaa.poknews.com/
Frame ID: E77D78FF3BB7DAE51949E63F27835E51
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/zrt_lookup.html
Frame ID: 3FAE18059A3238FE6E59C1B203E450A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 529C2E593F211225198A59428F39D218
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9445683778964950&output=html&adk=1812271804&adf=3025194257&lmt=1537388150&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fcanadaa.poknews.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538400865214&bpp=7&bdt=140&fdt=8&idt=114&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=576734733016&frm=20&pv=2&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=9431727&dssz=18&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=1137689984&ifi=0&fsb=1&dtd=138
Frame ID: 5DF525C4023F8314707B483FFEA98E68
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 606323EA3EB43DBDC93620692E236D06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9445683778964950&output=html&h=100&slotname=8508318635&adk=1071289773&adf=4055974162&w=320&lmt=1537388150&guci=1.2.0.0.2.2.0&format=320x100&url=https%3A%2F%2Fcanadaa.poknews.com%2F&flash=0&wgl=1&adsid=NT&dt=1538400865224&bpp=9&bdt=151&fdt=139&idt=141&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=576734733016&frm=20&pv=1&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=143649455&dssz=19&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1661724866&ifi=1&fsb=1&xpc=lHqcmrZEii&p=https%3A//canadaa.poknews.com&dtd=151
Frame ID: 4E5FCC4E70AA4CDEF2A76721F1DF0D30
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: E3A98FDDE6271BD2B9CCAF36FD6F81CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9445683778964950&output=html&h=100&slotname=8508318635&adk=1071289773&adf=990404462&w=320&lmt=1537388150&guci=1.2.0.0.2.2.0&format=320x100&url=https%3A%2F%2Fcanadaa.poknews.com%2F&flash=0&wgl=1&adsid=NT&dt=1538400865233&bpp=6&bdt=161&fdt=158&idt=159&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C320x100&nras=1&correlator=576734733016&frm=20&pv=1&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=143649455&dssz=19&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1661724866&ifi=2&fsb=1&xpc=k59YyPOkOi&p=https%3A//canadaa.poknews.com&dtd=168
Frame ID: C233CB0E06D03F00B6D5831512F075A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

55
Requests

100 %
HTTPS

100 %
IPv6

10
Domains

13
Subdomains

10
IPs

2
Countries

807 kB
Transfer

1783 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
canadaa.poknews.com/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d0d71e7e29e30f880f9aab2c8067d7ff5312eb97aaae15fe0e33ab447646c0

Request headers

:method
GET
:authority
canadaa.poknews.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 01 Oct 2018 13:34:25 GMT
content-type
text/html
set-cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865; expires=Tue, 01-Oct-19 13:34:25 GMT; path=/; domain=.poknews.com; HttpOnly; Secure
last-modified
Wed, 19 Sep 2018 20:15:50 GMT
vary
Accept-Encoding,User-Agent
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
462f4e7e5ef1c2ba-FRA
content-encoding
gzip
js
www.googletagmanager.com/gtag/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117448915-5
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
d23e2467aafaf80fb2be4af1460b8aff6bff651111a67d99b2df86227e8bf5da
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28031
x-xss-protection
1; mode=block
expires
Mon, 01 Oct 2018 13:34:25 GMT
bootstrap.min.css
canadaa.poknews.com/css/ 		122 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/css/bootstrap.min.css
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d

Request headers

:path
/css/bootstrap.min.css
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341723-1e822-56f6856da9200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7ebfc2c2ba-FRA
content-length
18607
expires
Mon, 01 Oct 2018 17:34:25 GMT
style.css
canadaa.poknews.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/css/style.css
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc7e2b1ed8e701b130493a6059d970e2d26f47828502e26a65db5638898add6

Request headers

:path
/css/style.css
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341725-1533-56f6856da9200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7ebfc4c2ba-FRA
content-length
1462
expires
Mon, 01 Oct 2018 17:34:25 GMT
css
fonts.googleapis.com/ 		1 KB
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Asap
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c8b0f5f3be8a130f2c4db00b8b5d18476c112906edf620b7021bbb08ef7d5a22
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Mon, 01 Oct 2018 13:34:25 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 01 Oct 2018 13:34:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Mon, 01 Oct 2018 13:34:25 GMT
font-awesome.min.css
canadaa.poknews.com/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/css/font-awesome.min.css
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd4c882b277b1733f27be78e59f2318df771113cfc3981f4c4ad1b287238880

Request headers

:path
/css/font-awesome.min.css
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341724-7930-56f6856da9200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7ebfc5c2ba-FRA
content-length
7061
expires
Mon, 01 Oct 2018 17:34:25 GMT
popper.js
canadaa.poknews.com/js/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/js/popper.js
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b8930d028d386ee99ce5d451cfd3d2fb384a9cd3b0ad1249a0dcb19a885a39

Request headers

:path
/js/popper.js
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"934171c-14899-56f6856da9200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7ebfc6c2ba-FRA
content-length
21404
expires
Mon, 01 Oct 2018 17:34:25 GMT
jquery.js
canadaa.poknews.com/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/js/jquery.js
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

:path
/js/jquery.js
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"934171b-15283-56f6856da9200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7ebfc8c2ba-FRA
content-length
30138
expires
Mon, 01 Oct 2018 17:34:25 GMT
s4.min.js
canadaa.poknews.com/ 		445 B
335 B 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/s4.min.js
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7b989648730094d294e9c03706235fe3ec96aecbd616ec0b033bf17f1a03c5

Request headers

:path
/s4.min.js
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Jul 2018 09:17:24 GMT
server
cloudflare
etag
"9341721-1bd-5703d03e1d100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7ebfcbc2ba-FRA
content-length
225
expires
Mon, 01 Oct 2018 17:34:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
4c98ba9fcd2e7c8a9417933865a2ac9d733af6d14c848e1a83fda13fa461445d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27479
x-xss-protection
1; mode=block
server
cafe
etag
9435517286743240179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:34:25 GMT
logo.jpg
canadaa.poknews.com/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaa.poknews.com/images/logo.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eea31c0dc2c2a333974040b23ae5f9f86dcc07bc63f860e94bf2d6337e9e31d

Request headers

:path
/images/logo.jpg
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341715-4ced-56f6856da9200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f0897c2ba-FRA
content-length
19693
expires
Mon, 01 Oct 2018 17:34:25 GMT
logo.jpg
4.bp.blogspot.com/-QsNR7oZVtSs/WnJkIjLW5qI/AAAAAAAAAJA/DqjNpnCNBSUUWfsVcwAwpoN4zxiIyoxKACLcBGAs/s1600/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-QsNR7oZVtSs/WnJkIjLW5qI/AAAAAAAAAJA/DqjNpnCNBSUUWfsVcwAwpoN4zxiIyoxKACLcBGAs/s1600/logo.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
348e57dd3f8e711db48c8e02a1288aad02bc5810dccd30aab431d13c81b9291b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:18:32 GMT
x-content-type-options
nosniff
age
11753
status
200
content-disposition
inline;filename="logo.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
19563
x-xss-protection
1; mode=block
server
fife
etag
"v94"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 06:00:00 GMT
loading.gif
canadaa.poknews.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaa.poknews.com/images/loading.gif
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38c7997fe17f718915694f3e76ab9d0119d861886ac9869ee27b2428652b86e

Request headers

:path
/images/loading.gif
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341714-1343-56f6856da9200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f0898c2ba-FRA
content-length
4931
expires
Mon, 01 Oct 2018 17:34:25 GMT
whatsapp.png
canadaa.poknews.com/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaa.poknews.com/images/whatsapp.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f1bad7c79d92453d67427ad74e7778686b7ccca9f2f9d0d9a3a7d30ca1bae7

Request headers

:path
/images/whatsapp.png
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341718-4e46-56f6856da9200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f0899c2ba-FRA
content-length
20038
expires
Mon, 01 Oct 2018 17:34:25 GMT
img2.jpg
4.bp.blogspot.com/-1eDvXSC_wEY/WnJkGZJkHiI/AAAAAAAAAIQ/R0DDxf3BhdA406XlmtRYlga5oQ_ViMB-wCLcBGAs/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-1eDvXSC_wEY/WnJkGZJkHiI/AAAAAAAAAIQ/R0DDxf3BhdA406XlmtRYlga5oQ_ViMB-wCLcBGAs/s1600/img2.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
0ec301943afde1277dc4976580913aaa5ab7973dd61bf3075c51351908f42c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:18:32 GMT
x-content-type-options
nosniff
age
11753
status
200
content-disposition
inline;filename="img2.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2098
x-xss-protection
1; mode=block
server
fife
etag
"v95"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 28 Sep 2018 20:55:11 GMT
btn.png
3.bp.blogspot.com/-lh6Rs-bu_jk/WnJkFxTjybI/AAAAAAAAAIA/0q2RWLszOMwhHxzC7iiA97X738a8OouowCLcBGAs/s1600/ 		353 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-lh6Rs-bu_jk/WnJkFxTjybI/AAAAAAAAAIA/0q2RWLszOMwhHxzC7iiA97X738a8OouowCLcBGAs/s1600/btn.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
c5ca01096ca774999c9b93711351101122493752cb6586a89794183080ba8004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 11:54:47 GMT
x-content-type-options
nosniff
age
5978
status
200
content-disposition
inline;filename="btn.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
353
x-xss-protection
1; mode=block
server
fife
etag
"v95"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 29 Sep 2018 11:09:19 GMT
img1.jpg
2.bp.blogspot.com/-pyg_7rSIx7A/WnJkGS9-CtI/AAAAAAAAAIM/YfCzT1qDnT8YkP0KRkZg-XtOo6n8Eg8DACLcBGAs/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-pyg_7rSIx7A/WnJkGS9-CtI/AAAAAAAAAIM/YfCzT1qDnT8YkP0KRkZg-XtOo6n8Eg8DACLcBGAs/s1600/img1.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
88455f5f91385db195edccb82da0b55d8c7989628265aa8fa7d2c8a201beb710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:40:36 GMT
x-content-type-options
nosniff
age
10429
status
200
content-disposition
inline;filename="img1.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1870
x-xss-protection
1; mode=block
server
fife
etag
"v94"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 29 Sep 2018 09:53:09 GMT
love.png
2.bp.blogspot.com/-LdQEPf11-kk/WnJkInB6S-I/AAAAAAAAAJE/ciFawWaHyWo2QQyEFmLXbg9jtYRXj6exgCLcBGAs/s1600/ 		364 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-LdQEPf11-kk/WnJkInB6S-I/AAAAAAAAAJE/ciFawWaHyWo2QQyEFmLXbg9jtYRXj6exgCLcBGAs/s1600/love.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ab2bfa053794741134f6915892ade0decf9c7735f57694c7a9ff58b8d706b87a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:21:53 GMT
x-content-type-options
nosniff
age
11552
status
200
content-disposition
inline;filename="love.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
364
x-xss-protection
1; mode=block
server
fife
etag
"v97"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 26 Sep 2018 11:50:19 GMT
img3.jpg
2.bp.blogspot.com/-ndyXGnA3mh4/WnJkGhH7QqI/AAAAAAAAAIU/J9cN-JIqwcc7qOlw-SvdOBWjhPlr8YFaQCLcBGAs/s1600/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-ndyXGnA3mh4/WnJkGhH7QqI/AAAAAAAAAIU/J9cN-JIqwcc7qOlw-SvdOBWjhPlr8YFaQCLcBGAs/s1600/img3.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
6dccb6a5ccdc1711c31f84cf8bb5c1fdc24e91edd15ed2321e3fefae1d91f23b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 12:14:49 GMT
x-content-type-options
nosniff
age
4776
status
200
content-disposition
inline;filename="img3.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1492
x-xss-protection
1; mode=block
server
fife
etag
"v99"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 30 Sep 2018 23:53:44 GMT
img4%20(1).jpg
4.bp.blogspot.com/-6sYv6HGPZ-k/WnJkGl5PJAI/AAAAAAAAAIY/Fpw9rkNcfWwCANrvDOJBDaRxZnPlxAAmQCLcBGAs/s1600/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-6sYv6HGPZ-k/WnJkGl5PJAI/AAAAAAAAAIY/Fpw9rkNcfWwCANrvDOJBDaRxZnPlxAAmQCLcBGAs/s1600/img4%20(1).jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
006e829748d93abcf221ab34b8602846bc2cb4cb62601b6fe3925c936d4dc97a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 11:29:08 GMT
x-content-type-options
nosniff
age
7517
status
200
content-disposition
inline;filename="img4 (1).jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2549
x-xss-protection
1; mode=block
server
fife
etag
"v99"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 22:53:56 GMT
img8.jpg
4.bp.blogspot.com/-_EJKDNKO4x8/WnJkHrHg1sI/AAAAAAAAAIs/lT23PwQzsAQgEctfcIIAD0OPFUSDgvtqgCLcBGAs/s1600/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-_EJKDNKO4x8/WnJkHrHg1sI/AAAAAAAAAIs/lT23PwQzsAQgEctfcIIAD0OPFUSDgvtqgCLcBGAs/s1600/img8.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
2045fc01fd0d2ec552399ce18b0182de61d0c1b1a7768f9113fc07fcf67abc03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:18:32 GMT
x-content-type-options
nosniff
age
11753
status
200
content-disposition
inline;filename="img8.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1335
x-xss-protection
1; mode=block
server
fife
etag
"v98"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 28 Sep 2018 20:59:29 GMT
img9.jpg
3.bp.blogspot.com/-rK9rulSLm-U/WnJkH-eeauI/AAAAAAAAAIw/0e4h-KD3PzQXKv48DnppB5S6Ce2Z5EeSQCLcBGAs/s1600/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-rK9rulSLm-U/WnJkH-eeauI/AAAAAAAAAIw/0e4h-KD3PzQXKv48DnppB5S6Ce2Z5EeSQCLcBGAs/s1600/img9.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
b6e4299b1d58ab245829af691ab6e50806803fd56cb9dd637e79e35416993bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 12:14:49 GMT
x-content-type-options
nosniff
age
4776
status
200
content-disposition
inline;filename="img9.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1394
x-xss-protection
1; mode=block
server
fife
etag
"v97"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 30 Sep 2018 23:53:43 GMT
img5.jpg
1.bp.blogspot.com/-tzS-jCPQpqk/WnJkHGTpShI/AAAAAAAAAIg/xmpRYCCo-G0DmC7CXmQOLTFwzn8lClYogCLcBGAs/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-tzS-jCPQpqk/WnJkHGTpShI/AAAAAAAAAIg/xmpRYCCo-G0DmC7CXmQOLTFwzn8lClYogCLcBGAs/s1600/img5.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
19269c890073cda8700e3ea66f249b7f13bff555c8ad874a9b4920536287c619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:10:37 GMT
x-content-type-options
nosniff
age
1428
status
200
content-disposition
inline;filename="img5.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2310
x-xss-protection
1; mode=block
server
fife
etag
"v97"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:01:36 GMT
love.png
canadaa.poknews.com/images/ 		301 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaa.poknews.com/images/love.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
81abd8853ab51956dcbbb8325ad74e3673f0079632a1c483339290d5bc313fbe

Request headers

:path
/images/love.png
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341716-12d-56f6856da9200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f089bc2ba-FRA
content-length
301
expires
Mon, 01 Oct 2018 17:34:25 GMT
img7.jpg
2.bp.blogspot.com/-hOOaYdoEAJs/WnJkHRVznJI/AAAAAAAAAIo/cid4HSfLMpoe0RzOtIwxu2m5dNMxQk4NgCLcBGAs/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-hOOaYdoEAJs/WnJkHRVznJI/AAAAAAAAAIo/cid4HSfLMpoe0RzOtIwxu2m5dNMxQk4NgCLcBGAs/s1600/img7.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
dc15c27cb03b0df0aafba0ef2134101935ff7f02ce7c95abd24f77b66044da72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:21:53 GMT
x-content-type-options
nosniff
age
11552
status
200
content-disposition
inline;filename="img7.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1626
x-xss-protection
1; mode=block
server
fife
etag
"v98"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 25 Sep 2018 23:59:34 GMT
img6.jpg
1.bp.blogspot.com/-5LaB8NsDERc/WnJkHVyrRNI/AAAAAAAAAIk/rvgCPgZbFYAjwEthwW7X55yft2OvNYN4gCLcBGAs/s1600/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-5LaB8NsDERc/WnJkHVyrRNI/AAAAAAAAAIk/rvgCPgZbFYAjwEthwW7X55yft2OvNYN4gCLcBGAs/s1600/img6.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
c884d350c61f5ddf9ba17a500713f51864667fe0d2dd4927dbae2bbcaf0542d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:10:37 GMT
x-content-type-options
nosniff
age
1428
status
200
content-disposition
inline;filename="img6.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2099
x-xss-protection
1; mode=block
server
fife
etag
"v98"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:01:36 GMT
1.png
1.bp.blogspot.com/-0aABWLsujpQ/WnJkDmRDUJI/AAAAAAAAAHc/N5LP3sHmlJowjnALEQ5XCqWXZlkNOtjuACLcBGAs/s1600/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0aABWLsujpQ/WnJkDmRDUJI/AAAAAAAAAHc/N5LP3sHmlJowjnALEQ5XCqWXZlkNOtjuACLcBGAs/s1600/1.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
229737fac0094d3e531df0270d683f5fc4d246180a44b2ca9857f8434cec694b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:10:37 GMT
x-content-type-options
nosniff
age
1428
status
200
content-disposition
inline;filename="1.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
61682
x-xss-protection
1; mode=block
server
fife
etag
"v98"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:01:36 GMT
2.png
2.bp.blogspot.com/-W9PKUbZonhE/WnJkDV8_-sI/AAAAAAAAAHY/6FVe1NNeRzYN6kDh5rlp38RXXPL0ix6agCLcBGAs/s1600/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-W9PKUbZonhE/WnJkDV8_-sI/AAAAAAAAAHY/6FVe1NNeRzYN6kDh5rlp38RXXPL0ix6agCLcBGAs/s1600/2.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ebf55266762c5602704ada08900b865f6bdf22ff2ea625e55f795ea4b70d3704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 11:25:49 GMT
x-content-type-options
nosniff
age
7716
status
200
content-disposition
inline;filename="2.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
29138
x-xss-protection
1; mode=block
server
fife
etag
"v94"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 29 Sep 2018 09:53:09 GMT
3.png
4.bp.blogspot.com/-NFbo-QA7Uq4/WnJkDktNDtI/AAAAAAAAAHg/92W5ESU42dAZsGHnQNbls-W6jN_gjDx2gCLcBGAs/s1600/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-NFbo-QA7Uq4/WnJkDktNDtI/AAAAAAAAAHg/92W5ESU42dAZsGHnQNbls-W6jN_gjDx2gCLcBGAs/s1600/3.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
c3252201bb16b326b8e1cc8067802b2eb109bc66a26f9eb61003ba31e0bf08c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:13:53 GMT
x-content-type-options
nosniff
age
1232
status
200
content-disposition
inline;filename="3.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
52560
x-xss-protection
1; mode=block
server
fife
etag
"v99"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:00:30 GMT
4.png
2.bp.blogspot.com/-K4KSw3TIOFo/WnJkEFd5irI/AAAAAAAAAHk/VyiPgE6SbAgCI-6uE-BpseEwDdLIsss0QCLcBGAs/s1600/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-K4KSw3TIOFo/WnJkEFd5irI/AAAAAAAAAHk/VyiPgE6SbAgCI-6uE-BpseEwDdLIsss0QCLcBGAs/s1600/4.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
13a3d357096da91d8e6404348f9d5696183dccc818aae8f80136617b12e85c1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:21:53 GMT
x-content-type-options
nosniff
age
11552
status
200
content-disposition
inline;filename="4.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
51342
x-xss-protection
1; mode=block
server
fife
etag
"v99"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 30 Sep 2018 09:43:36 GMT
5.png
1.bp.blogspot.com/-6PlK9eTpk90/WnJkEtb-O-I/AAAAAAAAAHo/XNuSbQVXwLEu6M_JhEmkUTlZCaDWnwAVQCLcBGAs/s1600/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-6PlK9eTpk90/WnJkEtb-O-I/AAAAAAAAAHo/XNuSbQVXwLEu6M_JhEmkUTlZCaDWnwAVQCLcBGAs/s1600/5.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
5b3ae47728c9027b1ff43447d5fe6534fb48226801e5da65d1c9f818c32a0344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:10:37 GMT
x-content-type-options
nosniff
age
1428
status
200
content-disposition
inline;filename="5.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
61942
x-xss-protection
1; mode=block
server
fife
etag
"v99"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:01:37 GMT
6.png
3.bp.blogspot.com/-Jgf_XCJs42E/WnJkEkF8chI/AAAAAAAAAHs/0I7lM_SyAro22aMQoIZCY6-8ltkgpEUSACLcBGAs/s1600/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-Jgf_XCJs42E/WnJkEkF8chI/AAAAAAAAAHs/0I7lM_SyAro22aMQoIZCY6-8ltkgpEUSACLcBGAs/s1600/6.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
8d0ce9cbf5179bc76a36a31f867f8b7bb0f34d1cd86ffeb77f1e654d6124fb5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 10:18:32 GMT
x-content-type-options
nosniff
age
11753
status
200
content-disposition
inline;filename="6.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
48878
x-xss-protection
1; mode=block
server
fife
etag
"v94"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 30 Sep 2018 09:43:43 GMT
7.png
4.bp.blogspot.com/-HH1jTwzRPZw/WnJkFK47moI/AAAAAAAAAHw/a6ujf1XeaFYVBTp4i91fRt3tQBYAzvlmgCLcBGAs/s1600/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-HH1jTwzRPZw/WnJkFK47moI/AAAAAAAAAHw/a6ujf1XeaFYVBTp4i91fRt3tQBYAzvlmgCLcBGAs/s1600/7.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
ba92d10601d8ed2f94f58b1587d3aefce1a8e7e77e2dacf0be578adc822bd6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 12:08:08 GMT
x-content-type-options
nosniff
age
5177
status
200
content-disposition
inline;filename="7.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
45645
x-xss-protection
1; mode=block
server
fife
etag
"v98"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 27 Sep 2018 18:19:34 GMT
8.png
3.bp.blogspot.com/-z9VFjqtAPY0/WnJkFZk01ZI/AAAAAAAAAH0/mJxuaxsqZFk2Kw69qWtEYnAvMW-9glQJwCLcBGAs/s1600/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-z9VFjqtAPY0/WnJkFZk01ZI/AAAAAAAAAH0/mJxuaxsqZFk2Kw69qWtEYnAvMW-9glQJwCLcBGAs/s1600/8.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
46778cd55dfbcfd56cdd77b64b6acb578cb9eb3ef42710532b3ec8cebe154f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 12:14:49 GMT
x-content-type-options
nosniff
age
4776
status
200
content-disposition
inline;filename="8.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
43442
x-xss-protection
1; mode=block
server
fife
etag
"v98"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 30 Sep 2018 23:53:46 GMT
9.png
1.bp.blogspot.com/-JbRbZ_D_wb0/WnJkFUYoTrI/AAAAAAAAAH4/gZEz_6Mvjrg5yGwYfUHu__29HwO6EDRowCLcBGAs/s1600/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-JbRbZ_D_wb0/WnJkFUYoTrI/AAAAAAAAAH4/gZEz_6Mvjrg5yGwYfUHu__29HwO6EDRowCLcBGAs/s1600/9.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
cd3ec71886d7b81f04d4b80471898752b889c0ec2dd780d044e3a1365a537ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:10:37 GMT
x-content-type-options
nosniff
age
1428
status
200
content-disposition
inline;filename="9.png"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
56210
x-xss-protection
1; mode=block
server
fife
etag
"v98"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:01:38 GMT
generic.jpg
1.bp.blogspot.com/-Vlad87bbOHk/WnJkGGxJEJI/AAAAAAAAAII/BW0Y2Om6W30R8f8IrIWICZvBKNxfIZerQCLcBGAs/s1600/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Vlad87bbOHk/WnJkGGxJEJI/AAAAAAAAAII/BW0Y2Om6W30R8f8IrIWICZvBKNxfIZerQCLcBGAs/s1600/generic.jpg
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
f7a385ab39279139fa119818078432b192cf5e677494472abdb121b42f86ada2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 12:38:53 GMT
x-content-type-options
nosniff
age
3332
status
200
content-disposition
inline;filename="generic.jpg"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1229
x-xss-protection
1; mode=block
server
fife
etag
"v97"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 Oct 2018 08:31:01 GMT
bootstrap.min.js
canadaa.poknews.com/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/js/bootstrap.min.js
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"934171a-c7c7-56f6856da9200-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f0890c2ba-FRA
content-length
12980
expires
Mon, 01 Oct 2018 17:34:25 GMT
script.js
canadaa.poknews.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://canadaa.poknews.com/js/script.js
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd25709521411347d643f2e7c9fbc16c573dc67d3186da6ebf667cb0fd2e449

Request headers

:path
/js/script.js
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 03 Sep 2018 15:38:29 GMT
server
cloudflare
etag
"9341727-17b0-574f95547c642-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f0895c2ba-FRA
content-length
2233
expires
Mon, 01 Oct 2018 17:34:25 GMT
share.png
canadaa.poknews.com/images/ 		293 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaa.poknews.com/images/share.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccb07a38f5ebf3d51544fc76bbf00aaf9210e48c8338c204aae3f6d3321872b5

Request headers

:path
/images/share.png
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/css/style.css
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341717-125-56f6856da9200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f18aec2ba-FRA
content-length
293
expires
Mon, 01 Oct 2018 17:34:25 GMT
bubble.png
canadaa.poknews.com/images/ 		162 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaa.poknews.com/images/bubble.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61

Request headers

:path
/images/bubble.png
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/css/style.css
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341711-a2-56f6856da9200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f18b0c2ba-FRA
content-length
162
expires
Mon, 01 Oct 2018 17:34:25 GMT
like.png
canadaa.poknews.com/images/ 		279 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://canadaa.poknews.com/images/like.png
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:a5e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e55380e114a7050333af45d44453084ef42ad9dba7696ebf692ea4b42a0f1222

Request headers

:path
/images/like.png
pragma
no-cache
cookie
__cfduid=d813c106bf20fba8c2f4d40ec04b8c06f1538400865
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
canadaa.poknews.com
referer
https://canadaa.poknews.com/css/style.css
:scheme
https
:method
GET
Referer
https://canadaa.poknews.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jun 2018 19:33:28 GMT
server
cloudflare
etag
"9341713-117-56f6856da9200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
462f4e7f18b1c2ba-FRA
content-length
279
expires
Mon, 01 Oct 2018 17:34:25 GMT
KFOoCniXp96ayzse4GZNCzc.woff2
fonts.gstatic.com/s/asap/v7/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/asap/v7/KFOoCniXp96ayzse4GZNCzc.woff2
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81654adba78386aaf10bb2880475c653ceaa131f844a996a0788151d589047a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Asap
Origin
https://canadaa.poknews.com

Response headers

date
Mon, 27 Aug 2018 17:11:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:15:46 GMT
server
sffe
age
3010987
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
11656
x-xss-protection
1; mode=block
expires
Tue, 27 Aug 2019 17:11:18 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=canadaa.poknews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=canadaa.poknews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-9445683778964950.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9445683778964950.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 08:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 30 Sep 2018 21:43:25 GMT
server
sffe
age
17203
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Mon, 01 Oct 2018 20:47:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/ Frame 3FAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180924/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://canadaa.poknews.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://canadaa.poknews.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 24 Sep 2018 19:27:57 GMT
expires
Mon, 08 Oct 2018 19:27:57 GMT
content-type
text/html; charset=UTF-8
etag
12810928231326100212
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6940
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
583588
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 529C 		196 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:34:25 GMT
analytics.js
www.google-analytics.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117448915-5
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
6919
date
Mon, 01 Oct 2018 11:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Mon, 01 Oct 2018 13:39:06 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j69&a=673374207&t=pageview&_s=1&dl=https%3A%2F%2Fcanadaa.poknews.com%2F&ul=en-us&de=UTF-8&dt=%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D9%81%D9%8A%20%D9%82%D8%B1%D8%B9%D8%A9%20%D9%83%D9%86%D8%AF%D8%A7%20%D9%84%D9%84%D8%AD%D8%B5%D9%88%D9%84%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D9%81%D9%8A%D8%B2%D8%A7%20%D8%B3%D8%A7%D8%B1%D8%B9%D9%88%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=276212163&gjid=568268424&cid=1329328995.1538400865&tid=UA-117448915-5&_gid=1998337776.1538400865&_r=1&gtm=u9o&z=1194203532
Requested by
Host: canadaa.poknews.com
URL: https://canadaa.poknews.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Oct 2018 13:34:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5DF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9445683778964950&output=html&adk=1812271804&adf=3025194257&lmt=1537388150&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fcanadaa.poknews.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538400865214&bpp=7&bdt=140&fdt=8&idt=114&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=576734733016&frm=20&pv=2&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=9431727&dssz=18&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=1137689984&ifi=0&fsb=1&dtd=138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9445683778964950&output=html&adk=1812271804&adf=3025194257&lmt=1537388150&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fcanadaa.poknews.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538400865214&bpp=7&bdt=140&fdt=8&idt=114&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=576734733016&frm=20&pv=2&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=9431727&dssz=18&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=1137689984&ifi=0&fsb=1&dtd=138
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://canadaa.poknews.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://canadaa.poknews.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 01 Oct 2018 13:34:25 GMT
server
cafe
cache-control
private
content-length
509
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Mon, 01-Oct-2018 13:49:25 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Mon, 01 Oct 2018 13:34:25 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e2f8895970c9774cbc67344d9100532f5107e5c819404c4b00ee0fa80f14b393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://canadaa.poknews.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 00:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26707
x-xss-protection
1; mode=block
server
cafe
etag
11387632783651716424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Oct 2018 00:24:11 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 6063 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:34:25 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4E5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9445683778964950&output=html&h=100&slotname=8508318635&adk=1071289773&adf=4055974162&w=320&lmt=1537388150&guci=1.2.0.0.2.2.0&format=320x100&url=https%3A%2F%2Fcanadaa.poknews.com%2F&flash=0&wgl=1&adsid=NT&dt=1538400865224&bpp=9&bdt=151&fdt=139&idt=141&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=576734733016&frm=20&pv=1&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=143649455&dssz=19&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1661724866&ifi=1&fsb=1&xpc=lHqcmrZEii&p=https%3A//canadaa.poknews.com&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9445683778964950&output=html&h=100&slotname=8508318635&adk=1071289773&adf=4055974162&w=320&lmt=1537388150&guci=1.2.0.0.2.2.0&format=320x100&url=https%3A%2F%2Fcanadaa.poknews.com%2F&flash=0&wgl=1&adsid=NT&dt=1538400865224&bpp=9&bdt=151&fdt=139&idt=141&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=576734733016&frm=20&pv=1&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=143649455&dssz=19&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1661724866&ifi=1&fsb=1&xpc=lHqcmrZEii&p=https%3A//canadaa.poknews.com&dtd=151
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://canadaa.poknews.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://canadaa.poknews.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 01 Oct 2018 13:34:25 GMT
server
cafe
cache-control
private
content-length
385
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Mon, 01-Oct-2018 13:49:25 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Mon, 01 Oct 2018 13:34:25 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame E3A9 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Mon, 01 Oct 2018 13:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Oct 2018 13:34:25 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C233 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9445683778964950&output=html&h=100&slotname=8508318635&adk=1071289773&adf=990404462&w=320&lmt=1537388150&guci=1.2.0.0.2.2.0&format=320x100&url=https%3A%2F%2Fcanadaa.poknews.com%2F&flash=0&wgl=1&adsid=NT&dt=1538400865233&bpp=6&bdt=161&fdt=158&idt=159&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C320x100&nras=1&correlator=576734733016&frm=20&pv=1&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=143649455&dssz=19&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1661724866&ifi=2&fsb=1&xpc=k59YyPOkOi&p=https%3A//canadaa.poknews.com&dtd=168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9445683778964950&output=html&h=100&slotname=8508318635&adk=1071289773&adf=990404462&w=320&lmt=1537388150&guci=1.2.0.0.2.2.0&format=320x100&url=https%3A%2F%2Fcanadaa.poknews.com%2F&flash=0&wgl=1&adsid=NT&dt=1538400865233&bpp=6&bdt=161&fdt=158&idt=159&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C320x100&nras=1&correlator=576734733016&frm=20&pv=1&ga_vid=1329328995.1538400865&ga_sid=1538400865&ga_hid=673374207&ga_fc=0&iag=0&icsg=143649455&dssz=19&mdo=0&mso=0&u_tz=0&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C36998751%2C21061796&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1661724866&ifi=2&fsb=1&xpc=k59YyPOkOi&p=https%3A//canadaa.poknews.com&dtd=168
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://canadaa.poknews.com/
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://canadaa.poknews.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 01 Oct 2018 13:34:25 GMT
server
cafe
cache-control
private
content-length
385
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUmsLPwq3EW8jdEntstllJhyZGYDH7DZTfUWrfwgeAOlN2VWzqtnmOm_wYtT; expires=Sat, 26-Oct-2019 13:34:25 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Mon, 01 Oct 2018 13:34:25 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| Popper function| $ function| jQuery object| adsbygoogle object| datum number| jahr number| tag function| monat1 function| wotag object| texts function| loadCom function| loadAllComment number| c object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy number| google_unique_id object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| google_ama_all_ads_detection_enabled

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmsLPwq3EW8jdEntstllJhyZGYDH7DZTfUWrfwgeAOlN2VWzqtnmOm_wYtT
.poknews.com/ Name: _gat_gtag_UA_117448915_5
Value: 1
.poknews.com/ Name: _gid
Value: GA1.2.1998337776.1538400865
.poknews.com/ Name: _ga
Value: GA1.2.1329328995.1538400865
.poknews.com/ Name: __cfduid
Value: d813c106bf20fba8c2f4d40ec04b8c06f1538400865

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
canadaa.poknews.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
2606:4700:30::681b:a5e3
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:814::2002
2a00:1450:4001:817::2008
2a00:1450:4001:817::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:824::2001
006e829748d93abcf221ab34b8602846bc2cb4cb62601b6fe3925c936d4dc97a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cc7e2b1ed8e701b130493a6059d970e2d26f47828502e26a65db5638898add6
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
0ec301943afde1277dc4976580913aaa5ab7973dd61bf3075c51351908f42c4f
13a3d357096da91d8e6404348f9d5696183dccc818aae8f80136617b12e85c1b
19269c890073cda8700e3ea66f249b7f13bff555c8ad874a9b4920536287c619
1fd4c882b277b1733f27be78e59f2318df771113cfc3981f4c4ad1b287238880
2045fc01fd0d2ec552399ce18b0182de61d0c1b1a7768f9113fc07fcf67abc03
229737fac0094d3e531df0270d683f5fc4d246180a44b2ca9857f8434cec694b
2eea31c0dc2c2a333974040b23ae5f9f86dcc07bc63f860e94bf2d6337e9e31d
348e57dd3f8e711db48c8e02a1288aad02bc5810dccd30aab431d13c81b9291b
35b8930d028d386ee99ce5d451cfd3d2fb384a9cd3b0ad1249a0dcb19a885a39
3bd25709521411347d643f2e7c9fbc16c573dc67d3186da6ebf667cb0fd2e449
46778cd55dfbcfd56cdd77b64b6acb578cb9eb3ef42710532b3ec8cebe154f79
4c98ba9fcd2e7c8a9417933865a2ac9d733af6d14c848e1a83fda13fa461445d
5b3ae47728c9027b1ff43447d5fe6534fb48226801e5da65d1c9f818c32a0344
67f1bad7c79d92453d67427ad74e7778686b7ccca9f2f9d0d9a3a7d30ca1bae7
6dccb6a5ccdc1711c31f84cf8bb5c1fdc24e91edd15ed2321e3fefae1d91f23b
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
81654adba78386aaf10bb2880475c653ceaa131f844a996a0788151d589047a3
81abd8853ab51956dcbbb8325ad74e3673f0079632a1c483339290d5bc313fbe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88455f5f91385db195edccb82da0b55d8c7989628265aa8fa7d2c8a201beb710
8d0ce9cbf5179bc76a36a31f867f8b7bb0f34d1cd86ffeb77f1e654d6124fb5e
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
a38c7997fe17f718915694f3e76ab9d0119d861886ac9869ee27b2428652b86e
ab2bfa053794741134f6915892ade0decf9c7735f57694c7a9ff58b8d706b87a
b6e4299b1d58ab245829af691ab6e50806803fd56cb9dd637e79e35416993bae
ba92d10601d8ed2f94f58b1587d3aefce1a8e7e77e2dacf0be578adc822bd6b4
c3252201bb16b326b8e1cc8067802b2eb109bc66a26f9eb61003ba31e0bf08c7
c5ca01096ca774999c9b93711351101122493752cb6586a89794183080ba8004
c884d350c61f5ddf9ba17a500713f51864667fe0d2dd4927dbae2bbcaf0542d9
c8b0f5f3be8a130f2c4db00b8b5d18476c112906edf620b7021bbb08ef7d5a22
ccb07a38f5ebf3d51544fc76bbf00aaf9210e48c8338c204aae3f6d3321872b5
cd3ec71886d7b81f04d4b80471898752b889c0ec2dd780d044e3a1365a537ec3
cd7b989648730094d294e9c03706235fe3ec96aecbd616ec0b033bf17f1a03c5
d23e2467aafaf80fb2be4af1460b8aff6bff651111a67d99b2df86227e8bf5da
dc15c27cb03b0df0aafba0ef2134101935ff7f02ce7c95abd24f77b66044da72
e2f8895970c9774cbc67344d9100532f5107e5c819404c4b00ee0fa80f14b393
e55380e114a7050333af45d44453084ef42ad9dba7696ebf692ea4b42a0f1222
ebf55266762c5602704ada08900b865f6bdf22ff2ea625e55f795ea4b70d3704
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
f7a385ab39279139fa119818078432b192cf5e677494472abdb121b42f86ada2
f8d0d71e7e29e30f880f9aab2c8067d7ff5312eb97aaae15fe0e33ab447646c0